Adding to a growing backlash against Facebook, a New York Times report detailed how the social media platform allowed unhindered access to users’ messages, email addresses and other data as part of deals with selected companies.
Large firms were given free rein to suck up data of millions of users a month, according to the NYT which reviewed over 270 pages of internal Facebook documents. It also interviewed over 50 former employees of Facebook and its partners. Most notably, users were never informed or asked for their consent.
Moreover, it turns out that Facebook had developed a special tool that enabled turning access to private data on and off – even if the user had already disabled sharing. As of 2017, more than 150 companies enjoyed this kind of no-questions-asked access under bilateral deals with Facebook which effectively allowed to firms to bypass the service’s updated privacy rules.
Some companies, including Sony, Microsoft and Amazon, were allowed to view users’ contacts through their friends. Others, like Spotify, Netflix and the Royal Bank of Canada, were able to read, write and delete users’ private messages and to see all participants on a thread. Even the Russian search giant Yandex has been listed. In 2017, it was apparently given access to Facebook users’ IDs, despite sharing of such data having been dropped for other “applications.”
According to the NYT, Bank of Canada brushed off the allegations, while Spotify and Netflix claimed they did not know of such broad powers in their hands.
The NYT report also sheds light on how Facebook shared data with over 60 manufacturers of mobile devices, with Apple being one of the most notable examples. In all, Apple mobile phones and tablets had access to contact numbers and calendar entries of people who had maximum privacy settings. Facebook also allowed Apple to hide all indications that its devices were retrieving data from users.
Steve Satterfield, who is Facebook director of privacy and public policy, claims users’ consent wasn’t needed for the partnerships because Facebook considered the partners extensions of itself. The NYT notes that unlike Europe, where tech firms have to abide by strict privacy regulations, US law leaves them free to monetize personal data as long as they don’t deceive users.
A Facebook spokesperson said the company had found “no evidence of abuse by its partners,” but there’s no evidence they were actually looking. Nevertheless, four former employees said some Facebook engineers believed privacy concerns hampered innovation and growth.
Facebook is up to its neck in scandals around the world as regulators wake up to the danger posed by a social networking monopoly acting unilaterally to enrich itself at the expense of users’ privacy. A new inquiry was opened earlier this year into Facebook’s compliance with the FTC decree, and the company is also being investigated by the Securities and Exchange Commission and the Justice Department.
Like this story? Share it with a friend!