Facebook’s security team tracks posts, location for ‘BOLO’ threat list

In early 2018, a Facebook user made a public threat on the social network against one of the company’s offices in Europe.

Facebook picked up the threat, pulled the user’s data and determined he was in the same country as the office he was targeting. The company informed the authorities about the threat and directed its security officers to be on the lookout for the user.

“He made a veiled threat that ‘Tomorrow everyone is going to pay’ or something to that effect,” a former Facebook security employee told CNBC.

The incident is representative of the steps Facebook takes to keep its offices, executives and employees protected, according to more than a dozen former Facebook employees who spoke with CNBC. The company mines its social network for threatening comments, and in some cases uses its products to track the location of people it believes present a credible threat.

Several of the former employees questioned the ethics of Facebook’s security strategies, with one of them calling the tactics “very Big Brother-esque.”

Other former employees argue these security measures are justified by Facebook’s reach and the intense emotions it can inspire. The company has 2.7 billion users across its services. That means that if just 0.01 percent of users make a threat, Facebook is still dealing with 270,000 potential security risks.

“Our physical security team exists to keep Facebook employees safe,” a Facebook spokesman said in a statement. “They use industry-standard measures to assess and address credible threats of violence against our employees and our company, and refer these threats to law enforcement when necessary. We have strict processes designed to protect people’s privacy and adhere to all data privacy laws and Facebook’s terms of service. Any suggestion our onsite physical security team has overstepped is absolutely false.”

Facebook is unique in the way it uses its own product to mine data for threats and locations of potentially dangerous individuals, said Tim Bradley, senior consultant with Incident Management Group, a corporate security consulting firm that deals with employee safety issues. However, the Occupational Safety and Health Administration’s general duty clause says that companies have to provide their employees with a workplace free of hazards that could cause death or serious physical harm, Bradley said.

“If they know there’s a threat against them, they have to take steps,” Bradley said. “How they got the information is secondary to the fact that they have a duty to protect employees.”

Be the first to comment

Leave a Reply

Your email address will not be published.


*