Security teams reportedly only track those deemed as credible threats, such as people who indicate the time and location of a supposed attack, or those who attend Facebook shareholder meetings and have issued threats. When the global security operations center and the global security intelligence and investigations units identify such a threat, they can file a request with the information security team, which can access user locations. If someone on the list made a threat about a place they're close to, the information security team may keep tabs on their location and take action if needed, such as informing law enforcement.
The CNBC report has plenty of details from former security employees on Facebook's "be on lookout" (BOLO) list, which it created in 2008 and updates around once a week. It now apparently includes hundreds of names, including most of the people the company has fired. Facebook is said to notify security employees whenever it updates the list, passing along information on that person including their name, photo, rough location and details about why they were included.
Facebook added some people for repeatedly showing up to offices or sending threatening emails, but others were supposedly included for "saying something as simple as 'F--- you, Mark,' 'F--- Facebook' or 'I'm gonna go kick your a--,'" in comments on posts by CEO Mark Zuckerberg and COO Sheryl Sandberg. Decisions on who to add to the BOLO list are reportedly made on a case-by-case basis.
"Our physical security team exists to keep Facebook employees safe," a Facebook spokesman told CNBC. "They use industry-standard measures to assess and address credible threats of violence against our employees and our company, and refer these threats to law enforcement when necessary. We have strict processes designed to protect people's privacy and adhere to all data privacy laws and Facebook's terms of service. Any suggestion our onsite physical security team has overstepped is absolutely false."