Facebook does the same with birthdays. I input my age as 90 when creating my account. They changed it to my real birthday somehow.
AND then they expose it publicly to anyone who looks up my profile, even when they aren't my friends.
AND this is all after me having disabled the "show birthday on timeline" and enabling every other privacy setting there was.
If there's one company using AI and data collection for evil, it's Facebook. Not to mention the years of silently disabling previously set privacy settings without getting the user's permission - e.g. the "show profile in search".
Insane. Facebook should be slammed hard by the courts.
Facebook does some really creepy stuff. This morning it showed me my mobile (cell) number and asked me if I wanted to tie it to my facebook account.
I've never knowingly provided my cell number to facebook, as I don't use facebook as an o-auth provider so I consider 2fa as less important that my privacy in this case.
I don't use facebook. I don't use gmail. However, I assume that facebook and google know almost everything about me from people who have uploaded contacts and other information through apps and signup, and from the content of emails in my correspondents' gmail accounts.
Someone else had your mobile number and email, and then allowed Facebook to access their contacts (NEVER DO THIS) and they were able to match up the email you signed up with to your number or other piece of information, more than likely, so one of you're friends leaked it.
We need a privacy structure to somehow protect our contact info residing in devices not our own, but I suspect that's rather challenging and would require a crypto solution. Maybe, I'm just describing a *nym form of messaging and crypto calling. There must be innovation in some form that's possible for contact lists.
I'm fairly accepting that every android app asks for "permission to read ..." permissions, but I don't want them to be so proud of this that they present their information back to me.
That's what is so creepy about Facebook, they've lost sense of what is normal, so they don't hesitate to show off how much they know.
I'm sure Google knows a lot more about me, but they have the sense not to parade that fact back to me unless I specifically ask.
I don't know why people install the Facebook app on their phone. You can't view stuff offline, meaning you might as well just go to m.facebook.com, the browsing experience is pretty similar AND you don't need to install that stupid messenger app AND they can't access stuff on your phone. They shouldn't, but the pessimist in me says they will.
Same with LinkedIn, who installs this crap? And why?
Of course, there's plenty of other crap on my phone that I've installed and is exposing me...
I get that, and I'm exactly the same. I'm not saying I don't need facebook, it's very useful for keeping up with people from around the world. I just need instant notifications (like you) :p
An app can access your device ID(s), phone number, whether you're on the phone, and the number connected by a call. Device ID & call information may include the ability to read phone status and identity.
Regardless what google policy says: the way to get the phone number is via:
TelephonyManager.getLine1Number()[1]
Which returns "null" unless the operator actually stores the phone number in the SIM so it can be read from there (also it can be modified to be anything). While technically possible, I have not seen it in practice for long time (since 2010 or so).
On iPhone it's not possible for an application to obtain the phone number[2]. There was a semi-hack doing so and Apple rejected the applications off the store and closed the loop. (reading SBFormattedPhoneNumber)[3]. In 2013 there was another exploit to obtain it but it has been addressed as well.
Well that may be, yet back in 2011 the application the company I worked for required sms verification (to prohibit multiple accounts) and the idea was to prefill the phone number reading that field. It totally didn't work and there were entries like '<unknown>' instead of null, etc.
The application required Android 2.2 (iirc). The functionality was removed.
Personally I have not seen an EU provider storing a real phone number there.
IF this is true, then file it as a bug with Facebook, and claim the bounty!. You'll possibly get up to USD 10K depending how it is classed - I'd certainly say that if you have disabled showing your birthday on the timeline and yet it still appears, even to non-friends, then that's a pretty serios information leakage. So, rather than taking them to court, work out how to reproduce it, and get your free money...
How is that possible for them to know your real age, logically? (I don't mean you're lying, but only you can work out the link with other services and facebook that might be leaking this information).
Most likely, a number of nxb's friends have Facebook integrated with the contacts list on their smartphone, and have nxb's birthday associated with their contact details there. Another option is if nxb's Facebook account has been connected to their Skype account (though from their FB-skeptic stance I find it unlikely they would make such a connection in the first place).
- Easily deducing my approximate age from my Linkedin profile.
- Any of the numerous other private people data sources they have access to or have bought over the years. I'm sure my birthday and basic details are in some of those. It's impossible to get those all deleted once the information is out.
- Day and month are easy, because everyone wishes me happy birthday in the messages and wall posts. All that's remaining is the year, which could be easily deduced from Linkedin and other third party data sources. - Which I've mostly cleaned up now, until Facebook exposed it all again.
- I had a profile for a few months in 2005 before deleting it. Used a different computer, different location, different email and everything for this new one a decade later, but probably they've connected the identities. Looks like if you ever tell Facebook some private information, it's non-revokably theirs to expose to the world forever.
Facebook invests very heavily in machine learning / AI, and uses it heavily through out their platform. They collect and buy tons of data both on the site and from third parties. This deduction is trivial for them.
The bad part is not so much that they deduced these details about me though, it's that I specifically made it clear that I didn't want any age public, let alone the real age, and they exposed me anyway.
I don't think Facebook are as clever as you imagine, and they certainly would never do something as crazy as trying to deduce your age based on median friends ages. But, if you do give Facebook information about yourself, then it's no longer private to only youurself - it's known to both of you. You will have agreed to some T&Cs about sharing it based on certain account settings when you signed up, so as I mentioned above, if you can prove information leakage when you've set certain privacy settings explicitly then this is absolutely a bug in Facebook's system, and you should definitely report it...
I can't begin to guess as to why you'd feel that way.
Facebook runs one of the top machine learning research labs in the world. They're among the most clever in this domain, by every possible metric. They've written extensively about how they employ machine learning across their entire product line, and are adding more constantly. They've acquired numerous ML startups and world-class researchers.
Respectfully, you're absolutely wrong, and I'm suspicious as to why you'd be intentionally spreading misinformation that they don't use ML/AI to fill in the gaps in their information about their users.
The ML activities at Facebook seem to be focussed on delivering content and advertising optimally to users. They can determinine which posts or adverts you might 'Like' based on your friends choices, or those of other similar groups of users found by various demographics and metadata. It's right there in the research group page you linked:
> "We strive to find ways to deliver more engaging content in News Feed, rank search results more accurately, and present the most relevant ads possible."
I think it'd be a pretty poor use of ML and AI to use it to try and guess the gaps in your profile, and then fill them in. Of course I'm sure they try and show you content and adverts based on what they believe your demographic profile might be, but these beliefs are purely internal to the algorithms that make the decisions as to what to publish - they aren't used to populate your public profile.
In fact, Facebook want the profile information to come from you and for it to be as accurate as possible - to help those algorithms. It wouldn't be sensible or useful to just set your profile fields based on guesses, no matter how clever the ML behind it. As I said before, I think people ascribe too much intelligence to the way Facebook handles personal information - it isn't magic.
I don't know if they are using ML or not, but they filled in my "works at" field with laughably wrong information. I didn't bother to correct it. It's not far-fetched to me that advertisers would be interested in this kind of information- ads to your SO when your birthday nears, etc.
While you say 'they' did it, it's actually hard to know what is going on. Was it stale browser data that got passed in as autofill field values when you registered? Is it based on an old LinkedIn profile you associated with facebook and then forgot to update? Did you connect with the Facebook app on an old phone where you had contact details for yourself from a previous job, and synchronise them?
Actually, the LinkedIn profile is the most likely, people often try these things, signing up and click-thru acknowledging everything without thinking, then never touch the app again. All I'm saying is that often what you think of as external is actually caused by actions you performed and then forgot about, or never really registered in the first place. Although, some of this may well be down to 'Dark Patterns'in the UX, which should really be investigated and changed.
Nope- never worked there. Heck, I've never even been there. Not on linkedIn. Has nothing to do with what I do (Imagine I was an elementary school teacher and it said I worked at Delta Airlines). Never filled out a form. In this case, they used something to guess.
Ok then, where is your proof that they are? It's perfectly possible to have world class researchers who don't use machine learning to do exactly what you claim it does.
The easiest way to do it would be if one or more of your friends have your actual birthday stored in their contact list which the facebook app has access to (I think, haven't been using fb in quite a while).
Facebook's apps have access to contact information. Someone who has her information in their phone allowed Facebook to suck it in. From then, matching a mail address or phone number or name (if the social graph matches) is trivial.
For the day and month, they can deduce it from friends posts saying happy birthday every year, for the year, they can deduce it (mostly) from your school friends.
That seems highly unlikely. I guess it's possible but it doesn't strike me as a good way of getting high-quality data, and in fact it would be easily gamed, and would have larege numbers of false positives.
In general, I think most of the 'Facebook/Google have secretly stolen my personal data with intrusive sureveillance' anecdotes really are the result of someone clicking 'yes', 'yes', 'of course' without thinking when they first signed up, and giving access to their email addresss book or similar, then forgetting about it. They then get more privacy concious later, and suddenly wonder how all the information got there. And since they're privacy concious now they couldn't possibly have uploaded it, so it must be Facebook hacking them.
I've yet to see an actual documented and acknowledged example of a company like Facebook or Google doing the sort of intrusive data mining and surveillance that people accuse them of without the user's permission being given. It always turns out to have been provided at some point previously in the relationship.
Facebook is absolutely filling in your- or at least my- private information based on context. It has my employment incorrect- based on guesses it has made (I've never given it employment data). It's so far off it's laughable - so I leave it. I figure they expect that I will fix it.
That's quite smart, in a devious way. You're probably much more likely to correct incorrect information than you are to fill out an empty form. I know I am.
There are plenty of documented examples of Facebook leaking data due to code changes, bugs, poor QA, or simply not thinking through the details. Good UX also should not fall back on, "We had your permission" when a company has such a historically poor (
Sure, 100% agree with you there! Facebook are very much into the nasty 'UI and UX Dark Patterns' game; the sort of things for which the 'lifetime achievement' award goes to RyanAir, of course. It seems like they are _trying_ to improve, now that people have noticed. But there's a big difference between:
1.) The Facebook and Google AIs are teaming up and following me and my friends and family around the web to see what we each had for breakfast.
2.) Facebook sort of tricked me into not clicking the button that said I won't not disallow them to keep all my personal information, and link it to my friends data too, if they can.
Facebook must die! The amount of policing, data collection, and privacy goof ups Facebook does is an insult to all its users. Combine this with a stupid "authentic names" policy and it possibly couldn't get any worse. It just seems like Facebook has taken Google's "Don't be evil" and adopted it as "Be evil!"
Just some food for thought, Facebook sells its services to the intelligence community. If there were anything that resembled something like a global authoritarian surveillance network, it would be Facebook.
The genius part of it is that people maintain their own personal dossiers on themselves. Who would have ever, in their wildest dreams, been able to think of a future where an authoritarian regime has gotten its citizens to keep their own files on themselves. It's bonkers.
There used to be an assumption that a national, let alone global surveillance state would have been impossible due to the sheer workload of maintaining dossiers on everyone, who would have thought that is totally irrelevant because people are more than willing to self report.
How can a government have jurisdiction over this?
It's their system. If they decide to only give you an account on their system if you've verified your name (i.e. through driver's license) then why can you demand otherwise? They can just refuse you service, can't they?
It's not fully clear whether the German government has jurisdiction here, with Facebook nominally residing in Ireland. A case has just been filed by the Hamburg state government, but that can easily take years to go through courts.
> How can a government have jurisdiction over this?
Because the government can decide that demanding a driver's license is illegal because it is an unreasonable burden on users, simple as that. German law states it must be possible to use a service anonymously or pseudonymously "if it is technically possible and reasonable". Whether it is reasonable in this particular case is for the courts to decide. (cf. Telemediengesetz, http://www.cgerli.org/index.php?id=51&tx_vmdocumentsearch_pi... )
Facebook is operating in Germany, among other countries. If they want to earn money in Germany, they need to obey to German laws and regulations, obviously.
With the internet being the poorly regulated series of tubes it is, they argue they're operating and earning money solely in Ireland, not Germany. Whether the judge will be amused by this, we'll see.
> It's not fully clear whether the German government has jurisdiction here, with Facebook nominally residing in Ireland.
The Schleswig-Holstein data protection authority lost a case against Facebook in 2013 because the court ruled that Germany didn't have jurisdiction. However, the Google Spain case last year changed that pretty decisively. It's difficult to see (after Google lost before the CJEU) why Germany should not have jurisdiction in this case.
> It's not fully clear whether the German government has jurisdiction here, with Facebook nominally residing in Ireland.
Facebook has offices in London and Hamburg so "operating out of Ireland" is a bit of a stretch that seems to work with tax authorities, but may not work with other law enforcement.
They can decide all that, but that doesn't give them clear jurisdiction to actually enforce it. They can penalise users doing it, possibly by making it a breach of the terms of carrying a drivers license to use it for this purpose, although it's not clear how they'd prove such usage.
Alternatively, they can try to hit Facebook's ad sales in Germany, but that's likely to run into common market rules around trade barriers.
Anyway, does Facebook actually enforce this? I have never shown any ID to Facebook, and I see plenty of people not using their real names (typically they use derivatives or add a screenname as a middle name, rather than being totally pseudonymous).
"Does facebook actually enforce this?" .... The answer to this question is a loud "yes". The harderst hit groups I've found are transgender folks and occultists. As far as being pagan/occultist, many prefer to keep a seperate account for their religious lives, partially because many live in places where they would be persecuted. In addition, many have a magical name that is part of their chosen religion, that they prefer to be addressed by in such circles.
The result of the real name policy, outside of taking away individual privacy, has been the shutting down of accounts, forcing people to provide identifacation, phone numbers, etc, to prove you are you, and insisting that the name matches the legal name. Some people never really seem to be able to unlock the original account (or don't want to give facebook ID)
Facebook completely enforces this, but only acts on profiles that are reported to them.
Around a year ago, many of my friends were in a "Gay Pride 2014 parade" group. Over two or three days, everyone in that group with a fake-looking name was reported. A little later, everyone who had 'liked' a local gay nightclub page was reported.
The obvious conclusion was someone with an agenda was searching particular groups for people to report.
Also, in this case it was not the government but another organ of the state, unless you refer with ´government´ to any organization of public law.
In many jurisdiction there are restrictions and rules for businesses in place. For example, often you can't restrict purchases of your product based on the customers skin colour.
In Germany privacy is fundamentally more valued and protected than in the US of central-north America. For example, under german law you have the right to get virtually all information a organization is keeping about you, why they are keeping it, where it is from, how they use it and who they share it with. The organization is obligued to comply without financial compensation [1]. Furthermore, there are broad cases where the deletion of the stored information can be demanded [2]. Information about people may not be stored without the technical necessity for the service or without the explicit consent from the affected persons. As soon as the consent is withdrawn or the data is not any more needed to offer the service, it must be deleted.
Facebook collects and keeps data about people who do not have an active account. That is not allowed in Germany. To put it blunt; in its current form, Facebooks practices are illegal under german law.
Germans don't want anybody to collect data about them, and made laws against it. Ironically, they still use Google. I guess most simply don't understand the implications or don't see practical alternatives.
I hope this elaboration makes the situation more understandable.
Your definition only refers to government agencies and courts. Not the body creating the laws in first place. The German parliaments are free to create any law they like (as long as they respect the German constitution).
The only problem would be enforcing the law. As Facebook has offices in Germany and targets German customers that shouldn't be too hard.
A law is only a law as long as it can be enforced by courts and agencies. That's what jurisdiction means. And it's not "my definition", it's Cornell Law Schools.
"Your definition" in the meaning of "the definition you cite".
If you read the page you linked closely (and remove all the US specific stuff) you see that it really only talks about of enforcement not lawmaking. Your own addition
> Jurisdiction is what allows the government to make a law in the first place
can nowhere be found on the page you linked.
There are a lot of laws in the books everywhere in the world that are usually not enforced because you can't. Germany (as well as many other countries) has laws regarding human trafficking that apply to anyone everywhere in the world. Would you argue that this is not a law? If that's the case we can agree to disagree.
I know that declaring a definition to be wrong is quite a stretch, but I think a more agreeable definition of what is a law depends of the corresponding jurisdiction. In Germany, certain rules made in a process by the Bundestag are, by definition of the constitution, a Gesetz, and ’Gesetz’ is the german word for ’law’. So, these laws wouldn’t necessarily be laws following your definition, which makes your definition unacceptable, I’d say.
What you are calling ’law’ I would maybe call ’enforced law’ or ’enforcable law’(by whom?). Well, whether the rules in question are of this kind is what will be found out in court.
Their system is subject to EU data protection and privacy law. They probably could actually just refuse her service, that would be a different case. Although if they started banning transgender people, or foreigners with strange names, on that basis it would collide with equalities law.
And it sounds like German privacy law prevents requesting identity documents (which are, after all, government issue) when not actually required for fraud prevention. Theoretically US law has a similar rule about social security numbers but it's not well enforced.
A while back the UK clamped down on misuse of NI (the equivalent for ss numbers).
I was working for BT at the time and the briefing we got on use of NI numbers was very clear that break these rules and your ass is fired - it was stronger worded than the don't look up the queens private telephone numbers one we had.
If you offer information services in Germany you have to allow pseudonymous access if it is reasonable to do so, as part of privacy rules (principle of "Datensparsamkeit" = "data economicalness" - requiring as few pieces of information as absolutely necessary).
It is an interesting question if Facebook requires your real name to function properly and if this decision would hold in court, but it is in principle covered by law and I imagine the fact that facebook and other social networks have worked without these rules before might work against facebook here.
Facebook is not monopoly. The real definition of a monopoly is the sole provider of a good or service, which has apparently been forgotten. FB is not the only social network, nor will it ever be.
Who does have the ability to use force to create artificial monopolies though?
Why wouldn't a government have jurisdiction here? A government exists to protect, enforce, and guarantee the rights of the individual. If, in one country, the people have decided that those rights include the right to privacy, then of course the government can require that any businesses operating there will respect those rights.
IMO this ought to be a global rule. It's completely unacceptable to have a private company arrogating to itself the ability to "out" you at its convenience.
> How can a government have jurisdiction over this?
Or more broadly, how can a government have jurisdiction over anything, or anyone? The answer is fundamentally: by force.
For example, if I point a gun at you, I've just established the same kind of "jurisdiction" over your wallet. Because otherwise you'd just refrain from giving it to me.
But isn't it great that a "privacy watchdog" is limiting the privacy invasions Facebook can inflict on us, while surveilling us themselves, and funding their operations with money that's forcefully taken from us? It's like, heart-warming!
(They've established "jurisdiction" over our incomes!)
You talk like these organisations are one coherent whole having meetings to plot how to best exploit German citizens. It's entirely possible, and probably desirable, to have a government containing on group trying to protect citizen's privacy while another has reasons not to - where those roles overlap you should at least in theory have debate within government as to who takes precedence. In this non-ideal world that may not happen, but its better than not even making that possible.
Do you think that's a satisfactory situation though?
Suppose that there actually is a group within the government that's genuinely trying to protect us. Even so, the organization they'd be protecting us from is the exact same one they're part of. How does that make sense?
It's like there's a pack of wolves next to a herd of sheep, and one of the wolves is like: "Guys? Guyyys? Can we just not eat them please?"
In reality, governments are hell-bent on monitoring everything we do, because that's a great way to cement their power over us.
Dictators don't arrange elections, and the most productive slave is one who thinks he's free. That's a large part of why the whole world isn't under complete tyranny right now. Try protesting anything any government does though, and the response will be tear gas and batons. That shows exactly how many fucks they give about our well-being or wishes.
(Recent examples: Hong Kong, Brazil, Venezuela etc)
Income. Money people make is being stolen by gunpoint.
Irrespective of the proposed uses of the money is, stealing is stealing.
I can put a gun to Bill Gate's head and demand 50% of his wealth and spend it only for 'good' things. But, doesn't mean I didn't steal.
Real identities have been core to the Facebook experience since the day it launched; just as fake usernames have been core to YouTube since its launch. For either to go back on a core part of who they are would be a mistake.
Facebook would be making the same mistake as Google if it did allow pseudonyms.
I'm confused. You replied to someone that stated quite clearly that a lot of German users already do what you consider a mistake.
I don't have a FB account for quite some time now, but yes: Every contact (right - let's be honest: 80% of my contacts or more) obscured their name. Some just changed a little thing, like using a handle instead of the first name. Others did the ~useless~ reverse-the-last-name thing. Some people mashed up their names by - for example - translating parts of it to English (name contains 'rot', translate to 'red'). And quite a number of people just used insane (if you're German, and not the clever/good insane) puns/references/crap as name.
The real name policy is already a failure. Not trying to enforce it, or - more correctly - not being allowed to enforce it, is a step forward.
If _your_ friends don't pick their real name, take it up with your friends? What kind of attitude is that, really?
"I cannot find my friends if everyone can pick their name on this platform, hence this is very annoying". What?
We're talking friends here. Ask them: "Hey, are you on Facebook?" (reasonable question in my social circles, implying a yes is baaad) and follow up with "What's your name/can you add me as a friend?". Solved. They're your friends, after all.
Should Facebook not allow "Robert Galbraith" (JK Rowling) to have a page? How about "JK Rowling" (Joanne Rowling)? Should she be forced to use her full forename?
In England you can use whatever name you like, as long as you don't have the intent to deceive. (This is tricky with doctors and banks). So, legally, I could be "Bob Smith" and "Ann Jones" at the same time. Why does Facebook get to tell me that I only have one name when my government is fine with me having multiple names?
No, but probably because there's no official identity card in Britain.
I've never tried to use a false name, but it probably would be easy for many things (utilities, local government) but difficult for others (bank account).
Driver's licenses, passports, utility bills, bank cards, all are considered 'forms of ID' in the UK, which you might need to use to open a bank account or get credit, but there's no 'ID card'; there's no obligation to have a driving license, or a passport, or whatever.
Why does Facebook get to tell me that I only have one name when my government is fine with me having multiple names?
Because Facebook isn't your government. It is a non-government entity with a very specific vision. If it finds that the use of fake names hinders the experience of other users and there by Facebook Corp., it should be allowed to require real names.
My (two) FB accounts both use a fake name -- I mean, a completely, obviously fake name that no one would think was real. It's never been a problem for me.
It's not my expectation that I should reveal my name just to kick back and chat to friends, and that wasn't required on any previous social websites. Nor if I go to the pub or if we sit in the park -- to name two other social venues, one commercial, one public domain.
When I'm on HN I'm building up a professional reputation, so I use my real name (or at least an easily searchable abbreviation of it) here.
Most people I have met recently while traveling (including one from Germany) who I have added on Facebook use their real first name and a fake last name.
Why would it be a mistake since it is a pretty common use pattern despite the rules Facebook tries to impose?
Because "pretty common use pattern" should not be the bar for what is allowed on facebook. To give you another example: in India, it is very common to use a picture of your favorite Bollywood actor as your profile picture on social media. Should this be permitted by facebook just because it is a common pattern in India? In my opinion it shouldn't be permitted because it hurts the core of facebook: people using real identities to connect with one another.
I can also flip your argument and say that why do people who use fake names want to impose themselves on Facebook? They could just as well abide by Facebook's guidelines or just not use it.
Too many of my German friends do that and it's bloody annoying. I often have troubles finding the current name they have as they can change it every two months.
I really wish I could assign them aliases I know them under rather than what name or gender they feel like this month. Steam does that and it's very useful.
That was my first thought when reading the headline: I thought Germans already were pretty confident they had legal protection.
I don't think any of the German Facebook friends I have use their full real name, and some of the pseudonyms aren't even that real-enough sounding to German-speakers.
You can have a fake name to the world but Facebook makes it really hard to have a fake identity towards Facebook. "That names does not sound real, can't let you signup, sorrryyyy!"
The most likely explanation is they sent her a message saying pseudonyms are not allowed, and asking for her real name. She replies something like 'My real name is XYZ, here is ID to prove I am a real person, but I do NOT wish to use that name, please continue to call me ABC on the site' but Facebook simply went ahead and changed her name from ABC to XYZ against her wishes. No secret data mining, information collection or machine learning required.
One explanation is that Facebook collects its users contact lists.
That way, it can create 'shadow-accounts' for people that don't have yet a Facebook account. So when/if that person finally creates a Facebook account with some data tying him/her to a shadow-account, Facebook can directly propose relevant contacts and already knows a lot about that person, including his/her real name.
This doesn't suprise me at all. Big data-hungry companies like Facebook or Google know A LOT about you. I'd say they even know a lot of things about their used that their used don't even know about.
I'd be very surprised if Facebook didn't know my parents' names, my kids names, my shoe size and any other piece of information I haven't provided explicitly.
Just assume that anything that you entered on any website, or that you mentioned directly or indirectly to anyone on Facebook is available to Facebook.
In the creepiest of worlds I imagine this: on a non FB website with a FB "share" button on it, I congratulated a friend on her birthday five years ago. When she gets a FB account for the first time tomorrow, Facebook already has her shadow account with good Guesses of her details, including the birthday and real name.
Many of my friends already use pseudonyms on Facebook. They just use ones that look like a real name. Their reason is just that they want to be able to tell new friends something to search and still be invisible when they look for jobs etc.
Facebook and twitter will soon become the primary medium for a government to communicate with its citizens. It's the new press, so governments have to make sure their citizens have access to that information, regardless of whether they want to use their real names or not. The freedom of the press cuts both ways, and forces a number of responsibilities on these companies, due to their peculiar and de-facto monopoly state, and the sheer amount of attention time they occupy. The press was not completely unregulated in any well-functioning democracy, and i don't see the reason why the new (increasingly old actually) media should not be.
AND then they expose it publicly to anyone who looks up my profile, even when they aren't my friends.
AND this is all after me having disabled the "show birthday on timeline" and enabling every other privacy setting there was.
If there's one company using AI and data collection for evil, it's Facebook. Not to mention the years of silently disabling previously set privacy settings without getting the user's permission - e.g. the "show profile in search".
Insane. Facebook should be slammed hard by the courts.