large image

Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission. Learn more.

Facebook’s ‘Sauron Alert’ is as dastardly as it sounds

Facebook employees have privacy protections the rest of the network’s 2 billion users do not, a new report has claimed.

Wall Street Journal sources say Facebook employees benefit from a so-called ‘Sauron Alert’, which notifies them when a colleague accesses their account.

A reference to the all-seeing Eye of Sauron from The Lord of The Rings trilogy, the alert would likely be welcomed by the wider community.

The name of the tool was been changed ‘Security Watchdog’ in 2015 presumably because ‘Sauron Alert’ sounds a little too evil, even for Facebook.

Related: How to delete your Facebook account

The report also highlights a super exclusive group of Facebook security employees, who have the master key to all accounts and can even access users’ private messages, unencrypted.

The WSJ report says:

Employees with such permission can access others’ accounts to diagnose technical errors, test new features or investigate possible criminal behavior in response to a legal request, according to Facebook officials and former employees.

When using the internal software, Facebook employees must give a legitimate reason for accessing the profile; the explanations are read by managers later. It is considered best to have written permission, former employees said.

Multiple Facebook employees have been fired for improperly accessing user profiles over the years, according to former employees.

Facebook told the WSJ that it had considered rolling out the tool to alert the rest of the user base, but expressed concern it would tipping off people who might be under investigation.

In a statement provided to Gizmodo, Facebook said: “On the record, we are always looking at opportunities for new features, and we have had discussions about this very idea prior to this incident. Our existing tool focuses on our employees because engineers frequently test unreleased products and features with other employees, and they need access to those accounts to be able to quickly and thoroughly troubleshoot bugs and other issues. In thinking about how we could do something similar for everyone, there are a number of important considerations that come into play — for example, how we can avoid tipping off bad actors or hindering our work to prevent real world harm in cases of bullying, abuse or other sensitive situations. It’s also important to remember that anyone can get alerts about unrecognized logins from other users and check for suspicious activity.”

The report comes after a Facebook employee was fired for using his “great eye, lidless and wreathed in flame” to stalk women. The WSJ says multiple Facebook employees have been fired for abusing this privilege.

Have you deleted your Facebook account yet? Drop us a line TrustedReviews on Twitter.

Why trust our journalism?

Founded in 2004, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have 9 million users a month around the world, and assess more than 1,000 products a year.

author icon

Editorial independence

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

author icon

Professional conduct

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.