Published: Thu, December 20, 2018
Money | By Hannah Jacobs

Facebook Keeps Missing Chances to Come Clean About User Data

Facebook Keeps Missing Chances to Come Clean About User Data

"But people had to explicitly sign in to Facebook first to use a partner's messaging feature", Papamiltiadis wrote.

These companies are not the only ones with broad access to user data.

Facebook is involved in yet another scandal, after revelations that its data-sharing partnerships with numerous companies gave it access to private messages. The company insists that those partnerships are not barred by the FTC agreement, arguing that third party companies are service providers that use the data only "for and at the direction of" Facebook, functioning in a way as an extension of the social platform.

While Microsoft and Yahoo got to see friends lists, others like Spotify and Netflix actually got to see inside users' messages. Overall, deals were struck with more than 150 companies, mostly online retailers, entertainment companies, or other tech businesses.


Facebook says it has shut down most of the abovementioned partnerships in recent months, with the exception of those with Amazon and Apple.

Since then, though, there have been dribs and drabs of reporting from news outlets that even after Facebook tightened its rules about the account information outside companies could harness, Facebook made many exceptions or let old agreements continue long after they stopped being useful.

Despite assurances from Facebook CEO Mark Zuckerberg that people "have complete control" over who sees their content, The Times said the internal documents and interviews with 50 former Facebook employees indicated that the company still gave other firms access to user data.

Facebook gave Netflix and Spotify the ability to read users' private messages. The report also found that some of the access deals began in 2010, all of them were still active in 2017, and some were ongoing this year too.


Steve Satterfield, Facebook's director of privacy and public policy, told the Times that its data-sharing partnerships didn't violate users' privacy and required companies to follow Facebook policies. But the Times report raises questions about how well Facebook managed those partners' access.

"At no time did we access people's private messages on Facebook or ask for the ability to do so", a Netflix spokesperson said in response to the story.

The company has been operating under a consent decree from the Federal Trade Commission since 2011 that requires it to beef up its privacy policies, place limits on the retention of consumer data, and require express consent from users before enacting changes that override their privacy preferences.

Facebook acknowledged in July it entered into data-sharing agreements with dozens of tech companies, admitting it continued sharing information with 61 hardware and software makers even after it said it had discontinued the practice in May 2015. A spokeswoman for Yandex, which was accused previous year by Ukraine's security service of funneling its user data to the Kremlin, said the company was unaware of the access and did not know why Facebook had allowed it to continue.


The social network has been under intense pressure over its practices over the a year ago, following the Cambridge Analytica scandal, a series data breaches and concerns over fake news and other content on the site.

Like this: