ABC listen, podcasts, radio, news, music, and more. Are Netflix reading your private messages? Well this week on Download This Show, recent court documents show that Netflix and other tech companies were in fact reading your DMs on Facebook. But exactly how did that happen? Also on the show, the wildest story of the corporate worker who was conned in transferring $25 million after a deep fake version of their boss told them to. Plus, should you be able to repair your own devices?
All of that much more coming up. This is your guide to the week in media, technology and culture. My name is Mark Fennel and welcome to Download This Show. Yes indeed it is a brand new episode of Download This Show and a very big welcome to our guests this week. Thank you very much. And tech reporter and editor, admising perspectives and attachments at Asha Jules, welcome back. Hello. So, fascinating story that it's like the Venn diagram of things that should be alarming.
Jan I'll let you take this one first. Did Facebook let Netflix read your DMs? Tell me this story from the beginning. Yes, so this is weird. So things I learned about while reading this story. So first of all, Facebook at some point was sort of launching its own version of Netflix, which I feel like they should have told more people about because maybe I should have known that sort of thing. This is a Facebook watch. I remember this. Oh, look at you. Look at you being your fancier.
Well, I make TV for living, so it's all occupational. Yes, anyway, so they've launched Facebook watch and what happened? Yes, so this is back in 2017 and then they realised, oh dear, we actually have the founder of Netflix on our board and we probably shouldn't annoy him. And also Netflix are a massive advertiser with us. They're spending millions of dollars every year. We might have to get out of this, but in a lawsuit around this, I found this the most interesting part.
There were documents that showed that Facebook actually granted Netflix and Spotify, I believe, access to users direct messages. They're private messages, they're drafts, everything that they're sending to one another, all of their emojis, I guess. And something called Facebook Extended API. And then a part of that that was called Inbox API.
And the companies apparently had to provide a report every couple of weeks on what they did with the information and how many sort of ads they targeted at people as a result of this. But the first thing I thought was, as a user was old crap. And the second thing I thought was, finally, I will be able to explain that Facebook isn't listening to all your conversations to every person who has asked me that. No, they're just reading your inbox. Well, they're reading it. It's much more convenient.
They don't have to listen all the time. I don't think that this was commonly known, I certainly didn't know it. And it does seem a little against the idea of private messages if you're just allowing companies to buy access to them. That are we talking about aggregated information here? Because when I say reading your private messages, there's obviously a creep alum bill that goes off. A service like Netflix was Spotify.
Well, the value in that would have been, I assume reading keywords, getting sentimented. I'm trying to work out what the business value is for a client there. Yeah, definitely. I mean, I think the first instinct, so obviously, nothing is sacred if they were signing these agreements outside of what would be normal with a customer or a client. And also additionally to what Jennifer was saying, there was a, hey, let's keep this agreement sacred.
So it was also probably known that this would not be popular with the public, not be popular with users. Yeah, I mean, the value from an advertising perspective isn't really like reading yours and mine individual DMs. The value is kind of in aggregate understanding what are people feeling? What are they thinking? What's coming up next? And that's something that they can then use to predict. But I think that is sinister just in a different way than the one-to-one kind of invasion of privacy.
I suppose it's worth asking the question, Janet. Is this a unique thing with Facebook, Netflix and Spotify? Like, is this something that a whole bunch of tech companies do that, I guess, in this instance, because of the discovery of these particular documents, we now know, but is actually more common than people think, Jen? I really hope not, but it seems like it is. Like every now and again, one of these documents pops out of the woodwork and you go, oh, no, that was terrible.
And sometimes I think the companies try to justify it by saying, oh, that was us in 2013 and 2014, like we're totally different now. And like in Facebook's defense of which there is little, they have actually rolled out into end encryption, which has brought them into conflict with a whole bunch of other agencies, legal agencies, as to whether they should do that, but potentially they can't offer this anymore. But it does make you question, well, what's happening with WhatsApp?
Because meta also owns that now. And the two founders of that left the company after some very serious arguments that they cannot legally talk about. And so I think it does give people pause to wonder exactly where their messages are going and who's seeing them, whether that's having programmatic access to that or that just being able to flick through your DMs and see how you're feeling about stuff. Always worth reminding people that WhatsApp, Instagram, all part of the Facebook universe.
But a big part of WhatsApp's appeal, at least in the early days, was that it was encrypted it. There was a sense of safety around it. Natasha, is this more widespread than people think it is with other tech companies? Do we know? I mean, we don't know the full extent of kind of like handing over emails and DMs. I think that each individual company has their own norms and boundaries that they can't cross.
And what we, I think we need to remember even with the Facebook Netflix agreement, they sign here, is that when you're working in a company, you can say no. A customer is always going to want more data, but the point of view respecting your customism, respecting your users is to draw those lines. Yeah, I've worked in startups before and that's exactly the kind of conversations that you have with the people around you. Like, we have access to this.
Like, what are we going to look at for ourselves and what are we going to share with others? We don't know the extent of what other tech companies are doing, whether it comes to like reading messages or sharing them with advertisers, but it's really sad that this normal precedent has. You can call it a precedent even, but this like new norm has kind of crept into how Facebook and Netflix have done business in this case.
Do you know what's striking to me is that if this had happened five or six years ago, this would have been huge, huge, massive news, you know, like this story has been built. It's not even above the fold on most tech news sites, which is partially why I want to talk about it first. I'm like, hold on, this used to be a massive issue.
Does that tell you, Jen, that the sheer number of scandals that Facebook have kind of weathered over the last few years have sort of made us somewhat in newer stories like this? I think you're right. I think that, oh, another Facebook scandal, cool, cool beans. Let's move on.
I think after Cambridge Analytica, a lot of us kind of got battle hardened and just started to assume that all of the stuff that we see is not necessarily impartial, it is sticky, it's made for us to look at it and to stay on certain networks and we're not paying for Facebook, so we are the product, essentially. I think that, yeah, we're all a bit cynical and maybe rightly so.
What I would add to what you're saying is it's a dangerous place to get to to be kind of worn down and the moral shock to be gone and to start to see things as normal that shouldn't be. And this should be shocking. We should be absolutely shocked that something that's assumed to be private and assumed to be part of your inner life could be handed over to a huge media streaming giant and used in this particular way. Not hypothetically, that's what actually did happen.
I would love to see more moral shock around this mark because I think if we lose that, it is sort of like losing touch with the fact that we can actually do something and can rehabilitate old norms around privacy. Download this show is what you're listening to. It is your guide to the week in media, technology and culture. And I got to tell you, in more than a decade of doing this show, I don't think I've come across the story quite as incredibly wild as this next one.
So I want you to imagine something. You work at a large corporation and you get told to get on a Zoom call or Zoom equivalent where the whole bunch of different people. Zoom call starts, whole bunch of faces pop up. Including the CFO of your company. And somewhere in the course of this meeting, the CFO instructs you to transfer millions of dollars from one account to another account. And then you realize in the coming days that that meeting was not what it seemed.
This actually happened in Natasha. That Zoom call, this is a real thing that happened. It happened in Hong Kong. But the person who was on that call, although those other faces that they saw in that Zoom call, they weren't real. Were they? No, they unfortunately were deepfakes. So this poor finance worker, I mean, the total amount was $25 million. So we're not talking about a small scam. We're not talking about a small mistake here. Yeah, they joined this video.
Like, you know, this is like a standard video meeting. There's millions of these every day. They looked like other members of staff that they wouldn't know and were familiar with, but they were actually generated by LLM Deepfake. I'm so struck by this story. It's honestly mind blowing that this happened. I think it's like super important not to sort of blame the victim here and the finance worker that this happened to. You might be like, how could they be so dumb? How could they not realize?
But also you got to remember that this person was a junior assuming that they were talking to a senior person at their company. So you have to remember that power imbalance. It's crazy. So it's a combination of faces that were generated with deepfakes and yeah, they were instructed to transfer $25 million.
Now, what's intriguing about this for me is that since this story has come out, Hong Kong police set up a press conference to talk about it because they wanted people to know that this stuff is now possible. But this stuff is now happening, Jen, which is I think an unusual move for law enforcement to be so upfront and public on an international scale, Jen. Yeah, and I think it's really important that they do this as well.
I'm glad that they didn't name the employee because like Natasha said, I don't think it's this person's fault. This is amazing. Full disclaimer, you should absolutely not scam companies or go spearfishing and try to steal millions of dollars. But that said, wow, creativity points unlocked. This is a very special attempt.
And what the police have said is that the scammers took real sort of publicly available video from some of these executives and ran it as part of this, you know, Brady Bunch style Zoom call look and then they use deepfake technology to mimic what the people said.
I thought one of the things that was really interesting too is that the police recommended that in future, if one of the executives from your company gets on the phone and tells you to transfer millions of dollars, see if you can ask them to move their heads slightly or interact. And I just have this image of like a junior associate going, excuse me, big boss, can you please nod your head if you can hear this?
But it makes a certain sense, I suppose, because you need to maybe at least ask questions on the phone and make sure that you're talking to a person rather than something that's been generated and is a very fancy version of the Muppets. I mean, the thing that I find breathtaking about this is that it probably isn't the only term it's happened. Totally. And I think the Hong Kong police have been pretty, like they haven't named the company, obviously they haven't named the employee.
They've been pretty careful with it. But you have to imagine that if this has happened once, it's happened another time. And if this will probably not be the last time somebody attempts something like business asher. No, I don't think so. And I know it's like so boring to talk about trust. But when I was looking into this story, I was thinking about that link between trust and economic prosperity. And there's a Deloitte report from 2021 that found that this is very much the case.
So trust is like an economic force multiplier. And events like this like decimate trust when it comes to transactions. So we can look at it as a case of like a scam and an isolated case. But we could also look at it as a story about how AI and the misuse of AI has the potential to decimate the trust that we rely on every day to allow transactions to happen, basically.
Because it sort of puts in this whole new understood element into the picture for how like we do business and how we transact on a day-to-day basis. If you could potentially be transacting with a deep vague, which wasn't something that existed before. I feel like every time we've talked about issues around this over the past, you know, decade of the show, it's always been like, oh, we need more digital literacy education. We need to be able to read the situation clear.
And I looked at this story and I was like, I don't know what, I mean, apart from tilting your head in a different direction, I don't know how much more digital literacy we can expect from people if this is the level of technology that they're coming up against Jan. This is really special. I actually wondered if maybe we should institute code words again and just go back to like a Maxwell smart level of security. Just be like, yes, I will transfer the money pineapple. I think it's very difficult.
And I think it's a warning to companies as well that they need to be careful with this stuff. I know that there's a lot of Australian companies who've experienced as a mentioned spearfishing, which is kind of like a more targeted version of stealing money from companies where they use like the real identities of executives. This is next level. And I can absolutely see how someone who was even savvy about this sort of thing, yeah, would get cheated by it.
Seriously though, like is there ways to mitigate against system tech? Like are there things that are being done? Yeah, I mean, I don't know you just missed tech literacy, but I don't just visit. I'm just like, I don't know how good it can be. Totally. Yeah, how long it would take to develop that part of our brain. I mean, Dr. Galati, he works as the head of applied AI at Uber. He used to work on an AI company.
And he did say that his team over time developed that tech literacy to be able to be like, that is a BS video, that is not real. And it was just by working in the field day after day. But like the thing is that average probably doesn't have time to work on an AI startup and develop that part of their brain day after day. Maybe some basic tech literacy wouldn't go astray. It's a starting point. But I don't think it's enough to avoid this situation at all.
Digital meetings and like a big key to open the circuit. Yeah, just bring about your physical meetings. Special handshake. Download the show is what you're listening to. It is your guide to the Week in Media, Technology and Culture, our guest this week. The Tasha Gillesau, Tech Reporter and Jennifer Dudley Nicholson, Future Economies of Rotor with AAP, Mark Final is my name. And he was the ultimate personification of crypto-broishness.
Sam Bankman-Fried, the former billionaire crypto boss, has now been convicted of fraud and money laundering. But what happens to him next? But also, what does his plight mean for the future of cryptocurrencies? People's trust in it. Just bring me up to speed a little bit Natasha on who Sam Bankman-Fried was because it's been a huge story in tech and business for the last year or so.
Yeah, Sam Bankman-Fried, he was the founder of an exchange called FTX, which was essentially like the one of the first exchanges for cryptocurrencies. If you think about kind of how we have exchanges like the Australian Stock Exchange where different companies are listed or the New York Stock Exchange. This was a different kind of exchange for a different kind of asset class. The asset class was cryptocurrencies. The legitimacy of that is obviously like hotly debated.
And this story of the collapse of firstly the exchange, it went bankrupt. Secondly, a whole bunch of customers who put their money into that exchange have lost their money. Is sort of this hero case for whether or not crypto could live up to the hype that it had been building over years and years and had been cycles and bubbles? Sam Bankman-Fried is going to go to prison. It's at least six years, but potentially up to 25 years.
In terms of the future of crypto, I mean, it's a little bit still in the eye of the beholder because I think some people still believe in it and faith is really important in that world, in the crypto world. The sort of faith that that currency means something or could mean something. But I think for broader society and definitely for the victims of this exchange collapse, I don't really see how you could rehabilitate crypto's image in their minds.
And that seems to be the broader majority of the holders here. I think that makes sense. There is still a thick question to people out there who are crypto-tru believers that believe for every low, there'll be an uptick and, you know, historically that is proven on occasion. But there'll be a lot of people that have seen stories like this, Janum, have gone, you know what, that way madness lies. For whom they will never ever invest because of events like this.
Broadly speaking, if crypto is to become one of the more important players in finance moving forward, how bad is an event like? How bad is the, how bad is the FTX crash for people's confidence? Amazingly bad. So I think you don't really have a rock star in crypto, but this bloke was certainly a figurehead. And like FTX was starting to get stadiums named after it before it's fall. And it was having Super Bowl ads with Larry David and Giselle Bunchan in it.
And it was, it looked as legitimate as it could be. And to an outsider like who's looking at crypto and who's interested in it, but doesn't really know that much about it. And absolutely like this was, this was kind of an easy choice to go with FTX because it was so widely recognised and known.
So the fact that that came crashing down and that the bloke at the centre of it is now, you know, charged and found guilty of stealing $8 billion worth of investors money, that's got a knocky confidence a bit. I think that we have seen though, because this obviously this trial has been going on for a while. I think we have still seen confidence within certain cryptocurrencies. And we've seen like, you know, Bitcoin for example, has gone up past the $100,000 Australian market again.
We've seen, you know, the rise of some currencies. But at the same time for every case of like a Sam Bankman freed, then I think the people who would be interested in crypto, but not necessarily convinced, it makes them go the opposite direction. So it absolutely hurts the reputation of cryptocurrency in general. And in addition to Sam's case, we've seen, you know, lots of cases of people who have been prosecuted and gone to prison for recommending cryptocurrencies that weren't legitimate.
We've seen a lot of cryptocurrencies disappear and that money disappear with them. The real actual currency money that you find in a bank, I think every case like this absolutely hurts the market. And it'll be interesting to see, you know, whether we're still talking about FTX in, you know, five years from now, or when he actually gets out of jail. Is there anything left of FTX as a company? Is it now completely dismembered?
I believe they're talking about giving people back their money, so that's where FTX lands now and sort of divesting the company to actually get investors back what they can. Yeah. And liquidators will be involved and they'll kind of be a queue of people. And it'll probably be the people who lost the most who will get priority in that queue. But it's a really long process. It could be years.
It's not a sort of instant, instant thing, but any mean, I mean, I don't know if you guys have you guys read Going Infinite by Michael Lewis? No. Well, Michael Lewis, he's the author of The Big Short. He's a famous financial reporter and he's covered a lot of different events over the years. It's not his best book, I must say, but he's an incredible writer, so he does really capture something.
And his kind of characterization of Sam, Bankman Freed, is sort of as someone who's easily distracted, obsessed with games, slavently eccentric and good at calculating probabilities. And I think it's so important to look at this case within the broader context of who he was as a character, but also the cultures that were around him. Digital, very disconnected from the end user and the customers that they were serving. They're often in different jurisdictions.
We've got a weird intersection with in-sell culture. I would argue, crypto, the sort of online communities that it was a part of and fed into. And it was also a community that really thrived during a pandemic when people were more socially isolated, when there was fear around what was happening in the economy. I think understanding the broader culture and architecture around this case is important.
What would actually be required to rehabilitate crypto to the point that it's something that non-high risk, you know, friendly investors would buy into again? Is there a future you could see, Nat, where it could become sufficiently stable that it becomes regarded as almost blue chip? Is that likely in the world of cryptocurrency? Or is it just not in the very DNA of what they actually are?
Hmm. I'm not enough of an expert and I'm probably not enough of a, you know, crypto true believer to really be able to form that view. I would say the rehabilitation process would be long and slow at this point in time. I would just say anecdotally the people that I've met within that world who are working on products in that world. Starting from, you know, data analytics companies, the venture capitalists in that world, they're marginal and fringe in the way that they view the world.
You know, you would be like, this is an unusual person. I'm not sure if those are the people that I can see bringing something into the mainstream or bringing something into, you know, it's a, like you mentioned earlier, doctors, right? That's a certain archetype that exists in the world. I don't see it. What about you, Jim? What do you think?
You have to see more practical applications and real world applications for cryptocurrency for it to sort of gain even more legitimacy in more people's eyes. I think, I mean, sure, my local shopping centre does have a Bitcoin ATM, which is exciting for us and it feels like I'm back in the early 2000s a little bit. But I think we really need to see, yeah, more versions of this actually being used and being useful in order for it to sort of be accepted as a mainstream investment.
And also we still see, even within the big cryptocurrencies, we see massive volatility. And for some crypto investors, then that's absolutely what they love because, you know, potentially they can gain an advantage by buying low and selling very high. But that sort of volatility does not say, absolutely, this is a blue chip stock come and purchase me and eventually you will end up richer.
And as crypto currency is absolutely littered with the tales of people who dumped a bunch of superannuation into cryptocurrencies and then sort disappear. So yes, there's a big rehabilitation process and potentially a long way to go before this is seen as an investment or a managed fund. Download the show is, listen to it, it is your guide to the weekend media, technology and culture.
And when you take your phone to get repair, there's a reasonable chance at actually what you're doing when you get it repaired is you're avoiding the warranty. Except increasingly around the world, a number of jurisdictions, states in the US, certain whole countries have insisted on a rule, which is a right to repair without necessarily avoiding your warranties. So Colorado, Oregon, Maine, Massachusetts, Minnesota, just a few of the states in the US that allow for it.
But should those rules be universal? Should you be allowed to repair devices on your own steam without necessarily avoiding the warranty? Jen, tell me a little bit about the origin of where these rules and more started to come from. Yeah, it's really interesting. So I mean, some of these rules came about because people couldn't repair their smartphones, which was very annoying.
And if you went into a typical repair shop that wasn't guaranteed and set up by one of these companies, then your repair didn't count. That's a very harsh thing for a person to hear who's purchased a device and then paid to have it professionally repaired and hasn't just done the job at home. Some of the lawmakers have decided, yes, this needs to be dealt with. And as you said, we've seen this in six different states now. There is a benefit to everyone for being able to use devices for longer.
It's stopping things from going to e-waste and it also means that you can use these things for longer. And we have seen a lot of pushback from some of the companies involved who make proprietary tools even to repair these goods, who sell licenses to companies so they can actually repair them under warranty. I think it's important that people should be allowed to repair their goods and still qualify for all of their consumer rights.
I think at some level that I'm kind of confused that these laws need to exist at all, right? So why is it that manufacturers would have put something in place by simply repairing something with a third party provider, you would ward off a warranty? Like why would that have been put in place and so many manufacturers do that now?
Probably because it was legal and they could and they worked out, like if we can oversee the repair process, we covered that liability, but if it happens somewhere else, then it comes to us. We don't have as much oversight of that. I think these laws are awesome though. I think that interesting, even if the details, they're still like hashing out. Tech companies don't fully agree, like Apple in particular.
These laws are awesome in terms of being a symbol against like, throw away culture and just like even being like, hey, let's actually like check in with the idea of what we do with our devices. Yeah, and also I think there's something to be said about mentality, right? Like I think in so many other objects that we buy, we value long lasting durability, quality of cross-pursonship, you know, like we apply all these things to the things that we buy.
But some reason, some of the most highly engineered, some of those crafted objects in our lives of technology, we don't necessarily apply that same logic to it, which is that, you know, it's mass produced and I'll upgrade it in a couple of years. It's an expensive purchase in most cases, phones, laptops and whatnot, but our, we don't kind of apply the same necessarily level of like sort of an expectation of longevity or like a, this should be fixable or yeah.
I do wonder if culturally we've just lost an attitude of this, this should be fixable. Yeah, I think so. It is, it is really interesting because like I think about my washing machine, which is genuinely from the very early 2000s and I'm like, yeah, you're going to loss forever. And I've had it repaired one time. I didn't have any issues with warranty around that.
But then I think about phones and phones probably cost twice as much as a washing machine and yet if you've had one for two years and your battery is a bit iffy, like yeah, that's going to go. So I'm just waiting for the next phone release and I'm, I'm going to swap this out. We don't necessarily think about those devices in the same way and it's an interesting mentality and I think one that's been developed over a period of time.
Some of these rights to repair laws have really interesting clauses in them as well around, you know, maybe the software should be guaranteed to last a certain period like these devices should be supported for a period of time because if you're using a phone and you've been using a phone since the early 2000s, yeah, you've got issues and definitely you've got no software updates.
So this is the other side of the coin where we're so used to every time a new generation of an iPhone or an Android phone comes out that it has to have all these new features. And we've reached a point now where as new phones are announced, the list of like exciting features is dwindling because there's only so much you can do. Yeah, that like guys, we gave you everything. Exactly. The camera can only get so good.
Maybe the inverse of that culture where we've set an expectation that we always have to, you know, whenever a new one comes out, it has to have a gazillion megapixels or whatever it is. The inverse of that is that it's become too dense, a piece of engineering and it actually, it's too much of a black box and it isn't fixable. We sort of imbued it with this level of sophistication that actually the idea of fixing it should be beyond reach.
Maybe it's sort of like it's the other side of that particular coin now. I liked that. Great. I'm glad I solved that one. Jan and he does. It's worth well mentioning sort of what the case is in Australia. So the Productivity Commission actually did a study on this and they brought out their final report onto it in 2021 and they said, look Australia has great consumer rights and these are, you know, watched by the HCC.
That's sort of right to, you know, fix devices if they're massively flawed or sort of replace them. But we do need efforts to explain to consumers that they are still allowed to have remedies even if they've had their devices repaired. That was one of their recommendations that we consider also putting out a repair ability rating for devices which would be really interesting because you get a star rating on cupcakes.
Like it would be interesting to have a repair ability rating on the iPhone that you buy or the Android device that you buy. And they also recommended investigating whether certain product markets like mobile phones and tablets would benefit from new regulations, whether that would sort of help consumers or that would harm the market and, you know, what sort of fights they'd need to have around that. We haven't seen a whole lot more since then.
So that's a bit disappointing and it would be great to see some of the recommendations from these laws come into play so that people could actually be confident about taking their phones screen in to get it repaired and actually that phone still being under warranty. Alright, we are out of time. Huge thank you to our guests this week. Natasha Gill is a tech reporter at Edadette at Missing Respectives. Thanks for being on the show.
Thanks for having me, Mark. And from AAP Future Academy's reporter Jennifer Dudley Nicholson, Appenezza as always. Thank you. Go fix your phone. Well, if you enjoyed what you're listening to, please make sure you leave a review on whichever podcasting app you happen to listen to this on and, of course, don't forget. Download this show and a whole host of other podcasts are always available on ABC Listen.
My name is Mark Fnell and I'll catch you next week for another episode of Download This Show. You've been listening to an ABC podcast. Discover more great ABC podcasts, live radio and exclusives on the ABC Listen app.