facebook

Another Facebook Data Breach, Orchestrated by Facebook and Its Partners

A New York Times investigation shows that Facebook gave other tech giants access to users’ personal data, exempting them from Facebook’s publicly disclosed privacy policy. The special arrangements gave companies access to data without the users’ knowledge and even, in some cases, allowed the companies to delete users’ private messages.

The New York Times report is based on hundreds of pages of Facebook documents that show its system for tracking partnerships.

Among the revelations from the report:

  • Microsoft’s Bing search engine was allowed to view the names of Facebook users’ friends without consent and regardless of the users’ privacy settings.
  • The Royal Bank of Canada, Spotify and Netflix were given the ability to read, write and delete users’ private messages. Netflix and Spotify spokespeople say the companies where unaware of such powers. A spokesperson for Royal Bank of Canada denies ever having such access.
  • Amazon was given users’ names and contact information through the users’ friends.
  • Yahoo was able to view streams of friends’ posts in the summer of 2018 despite assurances that it had previously stopped this practice.
  • Amazon, Sony, Microsoft, and others could obtain users’ email addresses through friends.
  • Facebook’s biggest partners had more access to user data than Cambridge Analytica did.

This is just the latest Facebook privacy data scandal. In April 2018, Facebook founder and chief executive Mark Zuckerberg promised members of Congress in a public hearing that people “have complete control” over the information they share on Facebook.

The NYT investigation also features interviews with about 50 former employees of Facebook and its partners, demonstrating that certain companies received data access that’s very different from the public rules it says it follows. Facebook might have also violated a 2011 consent agreement it made with the Federal Trade Commission in regard to sharing user data.

Exploitation for Facebook’s Benefit

While Facebook has never sold user data because it feared a backlash, internal documents show that the partnerships served a similar purpose by allowing certain companies access to the social network’s data in ways that helped Facebook grow. Zuckerberg began setting up data partnerships early in the company as a way of growing it and avoiding obsolescence that that plagued social media networks like MySpace and Friendster.

Facebook employees said partnership decisions are handled at the highest level, frequently involving Zuckerberg and Chief Operating Officer Sheryl Sandberg. According to two former employees, in 2013 Facebook built a tool to handle the technical work of turning on and off special access because the number of partnerships had grown so large. Facebook has integrated contact lists from partners, including Chinese company Huawei. American intelligence officials have flagged Huawei as a security threat.

The partnerships also enabled creation of a friend-suggestion tool called “People You May Know” in 2008. Gizmodo has reported cases of recommendations between a harasser and his victim and between patients of the same psychiatrist.

Facebook’s Director of Privacy and Public Policy Steve Satterfield claims that the partnership agreements do not violate users’ privacy or the FTC agreement. It says its sharing deals were disclosed in its privacy policies starting in 2010. Facebook also says that there is no evidence of abuse by its partners.

Facebook’s stock price has fallen as a result of yet another scandal. Some shareholders are calling for Zuckerberg to resign as chairman. Another group of shareholders have filed a lawsuit asserting that executives haven’t imposed sufficient privacy controls. Some users are calling for Facebook to be either nationalized or regulated like a public utility. Earlier this month a British parliamentary committee released internal Facebook emails seized during a lawsuit against Facebook.

For more information, see 5 Key Takeaways from the NYT’s Facebook Data Sharing Investigation.

Related Posts