The NYT published a report that revealed that the social network had data-sharing agreements with at least 60 phone and device manufacturers.
“Facebook allowed the device companies access to the data of users’ friends without their explicit consent, even after declaring that it would no longer share such information with outsiders,” writes the NYT. “Some device makers could retrieve personal information even from users’ friends who believed they had barred any sharing, The New York Times found.”
“This was flagged internally as a privacy issue,” said Sandy Parakilas, a former leader of the platform’s privacy compliance unit, to the NYT. “It is shocking that this practice may still continue six years later, and it appears to contradict Facebook’s testimony to Congress that all friend permissions were disabled.”
However, Facebook has disagreed with the NYT’s criticisms of its device-integrated APIs.
“While we agreed with many of [The New York Times] past concerns about the controls over Facebook information shared with third-party app developers, we disagree with the issues they’ve raised about these APIs,” wrote Ime Archibong, the company’s vice president of product partnerships, in an official statement.
The social network is still dealing with the backlash from the Cambridge Analytica scandal that hit in mid-March.
“Facebook was criticized last week for having its platform exploited by Cambridge Analytica, a digital analytics firm hired by the Trump presidential campaign. According to Facebook, data from about 300,000 users was originally collected by a Cambridge lecturer named Aleksandr Kogan in 2013 for a personality quiz app. But given the way Facebook worked at the time, Kogan was able to access data from “tens of millions” of friends of those users, Zuckerberg said. While Kogan collected the data legitimately, he then violated Facebook’s terms by passing the information to Cambridge Analytica,” writes CNET.
It was then exposed that the social network was aware of the infraction in 2015 and the company hid it from the public. Facebook, instead, demanded that Cambridge Analytica destroy the information immediately. Media reports soon came out that the data had not been deleted when the former data scientist for the firm and whistleblower, Chris Wylie reported this to The Guardian and the NYT.
“In the furor that followed, Facebook’s leaders said that the kind of access exploited by Cambridge in 2014 was cut off by the next year, when Facebook prohibited developers from collecting information from users’ friends,” writes the NYT. “But the company officials did not disclose that Facebook had exempted the makers of cellphones, tablets and other hardware from such restrictions.”
But according to NYT‘s research, it was easy for device makers to collect users’ data whether they granted Facebook permission or not.
“Tests by The Times showed that the partners requested and received data in the same way other third parties did,” writes NYT. “Facebook’s view that the device makers are not outsiders lets the partners go even further, The Times found: They can obtain data about a user’s Facebook friends, even those who have denied Facebook permission to share information with any third parties.”
Author’s note: This sounds like something Facebook would do and we don’t doubt they are cheating, but we are also skeptical of anything the NYT reports on. Nonetheless, we do know that the social network has violated their users’ privacy multiple times in the past.