Facebook gave companies deeper access to user data than it let on: report
Facebook's year of horror is dragging right to the very end.
A New York Times report revealed just how loose the social network's data sharing practices were, where it gave third-parties deeper access to its site's 2.2 billion users than it previously let on.
The report on Facebook's partnerships with other companies was gathered from interviews with 50 former employees and documents obtained by the Times.
It claimed Microsoft's Bing search engine was allowed to view the names of a Facebook user's friends without consent, while profiles of Facebook users were built on Microsoft servers.
It's also claimed that Spotify, Netflix and the Royal Bank of Canada were able to read, write and delete users' private messages, as well as see all users on a thread. Amazon were allowed to obtain users’ names and contact information.
Apple had access to the contact numbers and calendar entries of people who had disabled all sharing, plus the ability to hide from users that its devices were requesting data. Apple told the Times that data stayed on devices and wouldn't be available to anyone else.
The partnerships with more than 150 companies date back as far as 2010, with some still in effect today. The deals allowed the social network to attain more users, while third-parties could improve their products by getting better features.
Through these arrangements, these tech giants were granted special access to large amounts of user data, giving them access to more users than the 87 million people who were caught up in the Cambridge Analytica data misuse scandal earlier this year.
Also mentioned in the report is Facebook's occasionally creepy "People You May Know" feature, which was infamous for suggesting potential friends that users had a tentative, real-world connection with, like people you went on a date with once, or former co-workers.
It turns out this information came from contact lists it would obtain from partners, so it could figure out people's relationships, and then suggest them as friends.
In a statement to Mashable, Facebook's Director of Privacy and Public Policy, Steve Satterfield, said the social network is closing down these partnerships, and denied other companies could misuse data.
"Facebook’s partners don't get to ignore people’s privacy settings, and it’s wrong to suggest that they do. Over the years, we've partnered with other companies so people can use Facebook on devices and platforms that we don’t support ourselves," he wrote.
"Unlike a game, streaming music service, or other third-party app, which offer experiences that are independent of Facebook, these partners can only offer specific Facebook features and are unable to use information for independent purposes."
Given the Times' claim that profiles of Facebook users were built on Microsoft servers, Facebook's statement about partners "unable to use information for independent purposes" appears to be contradictory, and Mashable has sought clarification on this.
In a statement published Wednesday, Facebook reiterated that access to data was always given with the users' permission, and that Facebook's partnerships never violated the company's 2012 settlement with the FTC.
"Our integration partners had to get authorization from people. You would have had to sign in with your Facebook account to use the integration offered by Apple, Amazon or another integration partner," Facebook's Director of Developer Platforms and Programs Konstantinos Papamiltiadis wrote in a blog post.
He did admit, however, that the company "shouldn't have left the APIs in place" after the instant personalization program was shut down.
"We’ve taken a number of steps this year to limit developers’ access to people’s Facebook information, and as part of that ongoing effort, we’re in the midst of reviewing all our APIs and the partners who can access them," he wrote.
via Mashable https://ift.tt/2DCFv97
December 19, 2018 at 02:27AM