The Facebook hack that exposed 30 million accounts shows we're going to be dealing with the consequences of its 'Move Fast' motto for years to come (FB, GOOGL)

Troy Wolverton

Updated Mon, Oct 15, 2018, 6:17 PM

Getty

Facebook's motto is no longer "Move Fast and Break Things," but the results of that mentality still linger.
What Facebook didn't realize is that moving fast can break things other than software code; it can undermine society and even, in the extreme, lead to deaths.
The influence of the motto at the company can be seen in everything from the Russia-linked 2016 election manipulation operation to the recent hacking scandal that exposed the personal information of 30 million users.
But the danger and consequences of the Move Fast motto go well beyond Facebook, because the mentality was adopted far and wide and is still being promoted today.
We're going to be living with the aftermath of the Move Fast mentality for years to come.

It's been four years since Facebook ditched the latter part of its "Move Fast and Break Things" motto, but we're still uncovering its consequences and experiencing its aftermath.

(In case you're curious: the mantra was phased out in 2014, and semi-seriously replaced with "Move Fast with Stable Infra," as in computing infrastructure.)

The hacking attack Facebook discovered recently is only the latest outgrowth of that mantra. But you can see its lingering effects in basically all of the company's scandals and fiascos over the last two years, including the Cambridge Analytica debacle and the Russian-linked propaganda effort during the 2016 election.

But what makes it so dangerous is that you can find the effects of that motto far afield from Facebook. That's because from that company it quickly became the mantra of Silicon Valley. It's been imbued in the culture and in the way the tech industry as a whole has developed products for much of the last decade.

You can detect its influence in everything from Uber's numerous scandals to Google's recently acknowledged security hole in its Google+ social network. And because of its pervasiveness, we're certain to see its effects in many more fiascos to come.

The hacking incident, though, was a particularly bad manifestation of it.

Facebook has shown it doesn't care about "breaking" users' privacy

As the company revealed on Friday, in the attack, hackers gained access to the personal data of some 30 million users. For nearly of those affected, the compromised data included when they were born, where they had physically been recently, where they went to school, and whether they had worked.

Greg Sandoval/Sundar PichaiWhat makes the attack worrisome is that such information is a goldmine for scammers. It can be used to steal consumer's identifies and gain access to their financial and other sensitive accounts.

The hacking attack was the result of a vulnerability that dates back more than a year. The vulnerability in turn was the outgrowth of three separate bugs that were at least that old, if not older. Facebook discovered the vulnerability — and the underlying bugs — only after hackers started exploiting it last month.

The vulnerability emerged years after Facebook dropped the "and break things" part of its famous motto. But the company's apparently unwitting creation of the hole, and its failure to detect it before the vulnerability was exploited, indicates that it was operating under the same mentality.

Facebook, after all, was founded and built — and its business model depends — on the attitude that users' private data is a commodity to be exploited. While it may worry more than in the past about "breaking things" when it moves fast, it has shown repeatedly that users' privacy is very far down the list of things it's concerned about messing up.

Even now, in the wake of the Cambridge Analytica scandal, when it's supposedly turned a new leaf on privacy, it still collects more information than it arguably needs and uses that information in ways of which users likely aren't aware. Just recently, for example, researchers discovered that the company was surreptitiously using phone numbers users gave it for security purposes to target them with ads.

The "Move Fast" mentality led to the Cambridge Analytica scandal

But you can find the effects of the company's "Move Fast and Break Things" motto far beyond the latest security hack. The Cambridge Analytica scandal — which compromised the data of some 87 million users — was an outgrowth of that mentality. The company shared data about its users with developers without worrying about the potential consequences or downsides of doing that and without bothering to check — until after the fiasco — if the developers' use of the data was on the up and up.

parliamentlive.tvAmid that scandal, Facebook revealed another hack, one that affected far more people — up to half of its 2 billion user base — through which malicious actors were able to scrape user profile information via a search tool. Again, the company had introduced a new feature without thinking through how it could be used in a malign way and without taking steps to prevent that use until it was too late.

And then there's the spread of fake news and propaganda via Facebook, from the Russian-linked effort during the 2016 US presidential election to the campaign against Myanmar's Rohingya minority. As has been made clear in the wake of those and other scandals, the company built a system that could quickly and efficiently spread information among groups of like-minded people without worrying about how that system could be hijacked by people with bad intentions.

It's one thing if what gets broken when Facebook moves fast is some feature on the site. But the company is no longer a small startup with a tiny user base. When it screws something up, the effects can be deadly.

Facebook finally seems to be starting to grapple with the aftereffects of its erstwhile motto — or at least the public relations damage it's recently led to. Among other things, it's introduced new privacy controls, changed the way its News Feed works to promote posts from users' friends rather than from publishers, and started investigating what developer did with users' data.

"Move Fast and Break Things" is now the motto of Silicon Valley

But even if Facebook succeeds in heading off future harms from its service, the consequences of its motto are likely to live with us for years to come. That's because the "Move Fast and Break Things" mantra was embraced far and wide in the tech industry.

reid hoffman linkedin cofounder greylock

Drew Angerer/GettyEntrepreneurs and startups, venture capitalists and other investors, and the tech giants have all espoused it in some form or another. Tech industry trade groups such as the Consumer Technology Association and libertarian think tanks such as the Mercatus Center have touted the philosophy as part of the notion of "permissionless innovation." Even right now, when the drawbacks of the Move Fast mentality have become all too clear, LinkedIn founder Reed Hoffman is touting a new book promoting the idea, calling it "blitzscaling."

Because it's been so widely embraced, standards have arguably fallen everywhere. Those that haven't immediately adopted the Move Fast motto have been pressured to do so at the risk of being left behind by their peers. If your rivals aren't worrying about the aftereffects of the technology they create or the business methods they adopt but instead are charging ahead to seize as much of the market as quickly as they can, you're going to do the same — damn the consequences.

Just as has happened with Facebook, that mentality is starting to catch up with other tech companies and with society, particularly as the companies have become bigger. Facebook wasn't the only service that has been hijacked to spread propaganda during the 2016 election; Google and Twitter were too. And Facebook isn't the only company that recently acknowledged a privacy compromising security flaw; Google did also, with it its Google+ service.

We're seeing the consequences all over

In many cases, thanks to the Move Fast mantra, tech companies have created services that even they don't have a handle on. Take Google-owned YouTube. Numerous times last year, it was found to be distributing and promoting disturbing videos to children. YouTube repeatedly vowed to address the problem, and it repeatedly failed.

Windle/Getty Images for Vanity FairIn other cases, under the Move Fast mentality, tech companies have flaunted local laws and local sensibilities in their rush to seize local markets. Uber and Lyft were notorious for this, but so too, more recently, were scooter rental companies such as Lime and Bird.

And what was broken in those cases weren't just ordinances that arguably protected the entrenched taxi industry. Uber and Lyft have contributed to increased traffic and massively depressed the wages of taxi drivers, while scooters have ended up blocking sidewalks and entryways, causing an uproar among non-scooter using citizens.

As we've seen repeatedly, when you're moving fast, you don't have any time for reflection. You don't have time to think about what, exactly, you might be breaking or the larger social consequences of what you're doing. And there's even less time for public officials or the rest of society to catch up and keep an eye on things — even though real people outside the company may and have been harmed.

"Move Fast and Break Things" has spurred innovation at Facebook and in Silicon Valley. But that consequence-free, "permissionless" innovation mindset has real costs that we'll be paying for a long time to come.