Brett's Ramblings

Font size: +
6 minutes reading time (1130 words)

I took a look at Instagram's Terms of Service so that you won't have to.

Who really reads the Terms of Service anyway?

Are EULAs and TOSs intentionally designed as multi-page, single-spaced, 4 font, legalized writing to confuse users or simply to dissuade users from reading past the first paragraph?

A few highlights from Instagram

“…you hereby grant to us a non-exclusive, royalty-free, transferable, sub-licensable, worldwide license to host, use, distribute, modify, run, copy, publicly perform or display, translate, and create derivative works of your content…”

Translated: All your content is ours. We do with it as we wish.

Opinion: You create it, Instagram/Facebook will make money off of it with no compensation to you. This is the model of how “free stuff on the Internet” works.

“It can also include what you see through features we provide, such as our camera, so we can do things…”

Translated: We have access to your camera, I mean “Instagram’s” camera.

Opinion:  They haz your phone camera.

“For example, we log when you’re using and have last used our Products, and what posts, videos and other content you view on our Products. We also collect information about how you use features like our camera.”

Translated: Instagram keeps track of everything that you do on their platform, including the use of their camera.

Opinion: Sure. I get it. But this would be like a car rental company keeping track of every place you drove the car that you rented. Car rental companies probably do that too…

“We also receive and analyze content, communications and information that other people provide when they use our Products. This can include information about you, such as when others share or comment on a photo of you, send a message to you, or upload or import your contact information.”

Translated: Instagram collects data about you even when you don’t provide it.

Opinion: Do they mean private messages too? Sure. Why not.

“…we collect information from and about the computers, phones, connected TVs and other web-connected devices you use that integrate with our Products, and we combine this information across different devices that you use.”

Translated: We gonna map out your network.

Opinion: Yikes!

“Information we obtain from these devices includes: …operating system, hardware and software versions, battery level, signal strength, available storage space, browser type, app and file names and types, and plugins…mouse movements….unique identifiers, device IDs, and other identifiers such as from games, apps or accounts you use…associated with the same device or account…Bluetooth signals and information about nearby Wi-Fi access points, beacons, and cell towers…your GPS location, camera or photos….name of your mobile operator or ISP, time zone, mobile phone number, IP address, connection speed, and in some cases, information about other devices that are nearby or on your network, so we can do things like help you…”

Translated: Everything. We take everything.

Opinion: For the love of all that is good and holy! This looks like a digital forensics examination (and I mean “digital exam” as a “digital prostate exam”.

“Advertisers, app developers, and publishers can send us information through Facebook Business Tools they use…about your activities off Facebook including information about your device, websites you visit, purchases you make, the ads you see, and how you use their services whether or not you have a Facebook account or are logged into Facebook.”

Translated: In case you didn’t get it earlier, we take everything, even that which is not on our platform.

Opinion: Instagram/Facebook is a third-party data collector that takes your data from another third-party data collector which probably takes your data from another third-party data collector. All to be curated ultimately by Facebook/Instagram. You don’t even need to have a Facebook account!

“For example, we can suggest that you join a group…

Translated: We know what is best for you. This might because we know everything about you or because we want you to behave a certain way and believe in what we want you to believe in.

Opinion: When you want to see a movie, you might want to ask a friend or read reviews, but you don’t have to. You can simply choose to see or not see a movie. Facebook/Instagram requires that you agree to be pushed toward groups that they want you to join. Kinda like getting jumped into a gang that you didn’t think you wanted to do, but got pushed into it by the local gang bangers.

“We use location-related information such as your current location, where you live, the places you like to go, and the businesses and people you’re near-to-provide..can be based on things like precise device location…IP addresses, and information from your and others’ use of Facecbook products…”

Translated: We know everywhere you been, exactly where you are now, and can accurately predict where you will be going next.

Opinion: This is life on IoT and our addiction to “smart” devices. And we must agree to it in order to use ‘free’ services.

“…we use face recognition technology to recognize you in photos, videos, and camera experiences…”

Translated: Ha! We haz your biometric data too!

Opinion: Facial recognition is one of the security features that we have to give up, but is something that we can’t change like a password.

“..when you search for something on Facebook, you can access and delete that query from within your search  history at any time, but the log of that search is deleted after 6 months.”

Translated: Not only do we see what you search for, but we keep that, just in case…

Opinion:  Forensic peeps know this. Anything you type online is there for everyone to see, even those you don’t want to see it, potentially forever.

“We share information globally, both internally and with the Facebook Companies, and externally with our partners and those you connect and share with around the world…your information may, for example, be transferred outside where you live…”

Translated: We not only take, curate, analyze, and store your information indefinitely, but we will share it around the world to our “partners”.

Opinion: Who are the “partners” and WHY DO THIS?!?


Free is not free.

Social media platforms are like leopards stalking dinner. You don’t see the leopard. You don’t think anything about it. And you don’t care that tidbits of your Internet activity are being analyzed by humans, ML, and AI. By the time you realize how much private data is gone, it is too late to much about it. Presumably, this is all for a profit motive, in which you make none. Worst case scenario is a nation-state obtaining this immense data. But that would never happen..


update: This from Twitter, best visual of EULAs that I have ever seen.


Stay Informed

When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.

When OSINT is turned into the Baseball Bat of Inte...
White Paper: The Susceptibility of Interconnected ...