Facebook uses its apps to track users who could threaten the tech giant’s offices or target their employees and maintains a constantly updated list of potential attackers, a new report says.
The company mines through its social network for threatening comments and uses its products to track the locations of people they deem to be potential credible threats.
Facebook has allegedly compiled a ‘Be on the lookout list’ also known as the ‘BOLO list’ that tracks hundreds of users who have made threatening statements against Facebook or its former employees and it’s updated once a week. This list has been running since 2008., according to a shocking CNBC report.
The threat-tracking tactics were confirmed by more than a dozen employees to the outlet.
Former security workers reveal that Facebook tracks the location of potential attackers if they threaten the company. Facebook CEO Mark Zuckerberg pictured above
Not only is there a list of users with their wealth of information but Facebook can also track their real time locations using their smartphones location data collected by the app or IP addresses via the company’s website.
However, Facebook says they only track BOLO list users if their threats are deemed credible, according to a former employee familiar with the company’s security procedures.
That means it has to be a detailed threat with a precise location and timing of an attack or a threat from someone who often attends company events.
Then, depending on the threat, Facebook’s security teams can mobilize by sending security guards out or escorting BOLO users off Facebook’s campus or calling the police.
In one instance the security measures may have saved a European Facebook office from attack.
The company experienced a red flag in early 2018 when a Facebook user threatened one of the company’s offices in Europe writing ‘Tomorrow everyone is going to pay’.
Alarmed, Facebook officials looked through his profile and data and found out he was in the same country as the office he threatened to target. Facebook then informed police about the threat and the user.
Facebook says they only track people if they are deemed a real threat and can follow their location using data from the FB app or from IP addresses via the FB website
‘He made a veiled threat that ‘Tomorrow everyone is going to pay’ or something to that effect,’ a former Facebook security employee told the outlet.
Still, several employees are now questioning just how ethical these threat-tracking tactics are, calling them ‘very Big Brother-esque.’
Some say that the security measures are necessary given Facebook’s enormous global reach.
The company boasts 2.7billion users on its services.
If just 0.01 percent of users made a threat, that would still total to a whopping 270,000 potential security risks for the tech giant.
Facebook defended their security measures in a statement to CNBC.
‘Our physical security team exists to keep Facebook employees safe. They use industry-standard measures to assess and address credible threats of violence against our employees and our company, and refer these threats to law enforcement when necessary,’ the statement said.
‘We have strict processes designed to protect people’s privacy and adhere to all data privacy laws and Facebook’s terms of service. Any suggestion our onsite physical security team has overstepped is absolutely false,’ it added.
Facebook has a ‘Be on the lookout list’ of hundreds of users who threaten the website, Mark Zuckerberg, or other employees, that’s updated weekly
And their actions could be justified.
According to the Occupational Safety and Health Administration’s general duty clause, companies have to provide their employees with a workplace that’s free of any hazards or threats that could result in physical harm or death, according to Tim Bradley of the Incident Management Group.
‘If they know there’s a threat against them, they have to take steps. How they got the information is secondary to the fact that they have a duty to protect employees,’ Bradley said to the outlet.
The BOLO list is reportedly updated once a week and whenever a new person is added to the list, security professionals at the company are alerted about the person and given their name photo location and a description of their offense against the company.
While other companies have similar lists, Facebook is unique because it can track the location of potential attackers.
Something as small as writing F**k you, Mark or F**k Facebook can get you added to the list, one former employee said.
Another former employee said there were no standards to determine what could land a person on the list.
The Facebook spokesman disputed that claim saying people were added to the BOLO list following a ‘rigorous review to determine the validity of the threat’.
Things can get awkward with the list however, as former Facebook employees or fired employees are placed on the list and don’t know it.
Former employees have found themselves on the list if they behaved poorly on the job or stole company equipment. Three people told CNBC that nearly every fired Facebook employee winds up to the list in the ‘really subjective’ process.
In one case a Facebook user learned the hard way that he was on the BOLO list when he showed up to Facebook’s Menlo Park campus for lunch with a friend employed there.
When he checked in his name popped up on the list and security was alerted. The employee defended him and had to meet with Facebook’s global security intelligence and investigations team to remove the friend from the list.
Still, Facebook maintains that ‘No person would be on BOLO without credible cause.’