When Facebook announced Portal, its combination smart speaker and video chat device, people were immediately concerned about the privacy and security implications of bringing the product into their homes. Facebook has weathered multiple privacy scandals since its inception, but the blowback from the Cambridge Analytica disaster wiped out 8 percent of the stock value after the company revealed that its growth had slowed following the disclosures. More recent security issues leaked the details of 29 million users. The company has been embroiled in controversy related to everything from its harassment policies to ongoing questions about the degree to which Russian bots and trolls used the network to stir social controversies prior to the 2016 US election. Facebook, of course, is aware that public perception of its spying has turned somewhat against the company.

When it launched Portal less than two weeks ago, company executives told Recode that privacy was first and foremost in their thoughts through all parts of the design process. Now we know Portal does gather data on you, even if it doesn’t directly show you ads.

Before we discuss Portal’s behavior specifically, let’s recap how the product was introduced.

“This is something in your living room or kitchen. There should be no surprises on it, period,” said Dave Kaufman, the marketing lead for Portal. “You should know that you have full control over everything you’re saying.” Recode followed this up by writing: “No data collected through Portal — even call log data or app usage data, like the fact that you listened to Spotify — will be used to target users with ads on Facebook.”

We now know Facebook misrepresented its product. Portal doesn’t display ads, but data about who you call and which apps you use can absolutely be used to target you on Facebook’s other services. “Portal voice calling is built on the Messenger infrastructure, so when you make a video call on Portal, we collect the same types of information (i.e. usage data such as length of calls, frequency of calls) that we collect on other Messenger-enabled devices,” a spokesperson said in an email to Recode. “We may use this information to inform the ads we show you across our platforms. Other general usage data, such as aggregate usage of apps, etc., may also feed into the information that we use to serve ads.”

Facebook’s explanation for its own flip-flop is that because the Portal team doesn’t intend to use the data for ad targeting purposes, it felt it was acceptable to communicate that the device does not gather this information. Rafa Carmago, the product VP in charge of Portal, has stated that while this data could be used for ad targeting he doesn’t know if it will be.

The tension between what Facebook said last week and what they said today is worth discussing. Companies use these gaps in understanding to create popular impressions of how a product works that allow them to skirt the truth of a situation. Whether or not you view them as having lied to or misled the public will likely turn on whether you evaluate the letter of the remarks or the clear connotation those remarks were meant to convey.

At the unveil, Facebook went to great pains to tell users all the ways their privacy would be protected. The camera only captures data when used for calls. The calls are encrypted end-to-end and never seen or recorded by Facebook. The microphone will only listen to things you say after you’ve specifically asked it to do so. Users have the ability to switch off either the camera, microphone, or both. In taking these steps, Facebook was clearly communicating that Portal is safe, trustworthy and that it won’t be used to gather any information on the end user that could then be used for advertising purposes. That’s why Recode went so far as to say that call log data or app usage data wouldn’t be gathered, either.

This kind of data is called metadata — it’s data about how and when you used an application or service, but it doesn’t disclose exactly why you used it or what you used it for. Historically, metadata gathering has been much more lightly scrutinized than collecting PII (Personally Identifiable Information). The fact that Recode went so far as to state that not even metadata would be gathered was a surprisingly strong line for Facebook to draw. It also stirred hopes that maybe the company had learned its lesson.

Nope.

Mind the Gap

If you look at the privacy and data gathering scandals that have broken in recent years, they often follow the same playbook. A company (say, Google) is caught doing something it had previously promised not to do (continuing to track users after they disabled location tracking). The company then discovers that due to a previously uncommunicated or miscommunicated nuance the previous “protection” it had claimed to offer is so riddled with holes as to be functionally worthless, controlled in a manner completely opaque to the user, who cannot see which applications are accessing her location data and which are not, or technically functional but nearly useless when it comes to achieving the goal end users actually wanted (which was not to be tracked).

What makes this all the more frustrating is the enormous gap between how ordinary people think data tracking works and how data tracking actually works. Ask people what kinds of data companies track, and they’ll likely think of address books, browser history, and phone records. In reality, as a recent story at The Atlantic discusses, there’s far more data being gathered. Fraud analysts are now exploiting license plate readers to gather information on what people buy and where they shop. The IRS scans Facebook and Instagram for evidence of tax fraud. Intuit, makes of Turbo Tax, even has a patent on the topic. Researchers studying Parkinson’s disease in 2017 have found they can predict the presence of the disease just by analyzing subtle movements of a mouse cursor in undiagnosed individuals. Visa and Mastercard are working with startups that claim to provide continuous biometric monitoring to analyze the exact pattern of how people hold, scroll, and tilt a device while using it. In theory, a change in these biometric readings could be used to flag suspicious account activity.

But regardless, everywhere you look in life, companies are hoovering up more and more data, using it ways people often don’t expect or even comprehend. Facebook’s Portal is an example of this. And the problem — the core issue, the root of the gap, in my opinion — is that we simply are not used to navigating concepts like privacy with the degree of specificity and nuance that those discussions now functionally require. It’s not enough to say that a company isn’t gathering certain types of data, because what Company X knows about you is informed by the massive amounts of data Company X buys from Data Brokers A, B, and C on an ongoing basis.

Even when Facebook executives recognized that their audience would have significant privacy-related concerns around Portal, they were incapable of representing the product honestly. It ultimately doesn’t much matter if this was a deliberate lie or an unintentional mistake. Even the “unintentional” outcome means that Facebook executives are so steeped in the company’s toxic culture, they were literally unable to understand and predict that their disclosure would prove dissatisfying and incomplete. Given the known difficulty of explaining a problem to someone when their entire business model depends on you not having a problem, it’s unlikely this will ever change.

Don’t buy a Portal. Use Facebook if you must, but don’t hand the company a dime as a reward for this behavior.

Now Read: Google Confirms It Still Tracks Users Who Disable Location Tracking, Facebook: Cambridge Analytica Got Data on 87M Users, and Facebook Announces Ill-Advised ‘Portal’ Video Chat Devices