This article on Naked Security is a little bit calmer than some of the other coverage I’ve seen. If I was doing physical/staff security for a large organisation with a global platform I’d totally be using any intel sources I could find to help improve my results. This has to be the least creepy thing they do with thier data.
What’s unique about Facebook’s approach to BOLOs is that it doesn’t just disseminate a list of names to security staff. Facebook also mines its platform for threatening posts. Sometimes, Facebook goes so far as to use its apps to discern the whereabouts of people whom it finds threatening, to determine whether they pose a credible threat.
CNBC reported on a number of examples of when Facebook uses its own geolocation tracking or knowledge about a user’s location to figure out how much of a threat the person might be. One such: early last year, a Facebook user threatened one of the company’s European offices in a public post.
Facebook picked up on it and checked into where he was. It turned out that the user was in the same country as the office he was targeting. Facebook notified the authorities about the threat and instructed its security officers to be on the lookout for the user.