The outrage over the Cambridge Analytica scandal has been petering out and members of the world’s most popular social network were slowly returning to normal, forgetting the wrongs Facebook had done them. A new report, this time from The New York Times, has unearthed new data privacy issues for Facebook users. Does Mark Zuckerberg have a new reason to sweat into his grey t-shirt?
Facebook doesn’t share your data with “third parties”, but what does this mean?
In 2011, the Federal Trade Commission (FTC) forced Facebook to comply with a decree that it should never share user data with third parties without their consent. Theoretically, Facebook made the effort to comply, the social network has tried to exclude information such as religion, political orientation and other personal information from the data shared with many of the third party companies that rely on the company for useful data.
The problem lies in the definition of “third parties”. According to the NYT report, in fact, device manufacturers (OEMs) such as Samsung, Apple, Microsoft, BlackBerry and many others are not considered to be such, but rather partners of Facebook and therefore would have had access to data a long time. We are talking about a period of more than ten years.
More than 60 partners have access to your data. Among the many, Samsung, Apple, Amazon, Microsoft and BlackBerry stand out.
Facebook: “We haven’t broken any agreement”.
A company representative defended the company’s position during an interview, stating Facebook would not violate their privacy policies, the FTC decree, or other user agreements. The partnerships with OEMs are governed by precise contracts for the use of this data, even the data stored on the partners’ servers.
The company sees its manufacturer partners as extensions of Facebook, serving its nearly 2 billion users
These partners, said spokesperson Ime Archibong, work differently than app developers for the social platform. Unlike app developers, OEMs have access to this data to develop different versions of the Facebook Experience and integrate social services into their software.
What data can partner companies obtain?
These Facebook partner companies can obtain data such as relationship status, religion, political orientation, events and much more. The fact that Facebook treats its partners as extensions of its services and not as external collaborators allows OEMs to access even the data of friends of the user, even if these users have prohibited the sharing of such data with third party companies.
“It’s like having door locks installed, only to find out that the locksmith also gave keys to all of his friends so they can come in and rifle through your stuff without having to ask you for permission” – Ashkan Soltani, former FTC chief technologist
A shocking practical example
Reporter Michael LaForgia decided to investigate the matter using an old BlackBerry Z10, logging into Facebook with his personal profile via the BlackBerry Hub.
The Hub was immediately able to obtain detailed data about 556 friends of LaForgia, including events in which these friends want to participate, relationship status and political orientation. Facebook stated in 2015 that it had excluded this personal information from any sharing with third parties. Obviously, BlackBerry is not considered an external company by the social network
As if this were not serious enough, the application was able to obtain information (including unique identifiers) from as many as 294258 friends of the reporter’s friends.
“It was reported internally as a privacy issue,” former Facebook operations manager Sansy Parakilas said, referring to 2012, the year he left the company. “It’s shocking that this practice is continuing six years later, and also seems to be in complete contradiction with what Facebook testified in front of Congress”.
The New York Times article takes apart the issue, going into rather thorny details. What is clear is, that, as we predicted, Facebook is going to do its best to maintain a situation where it gets the most use out of members’ personal data, and isn’t very upfront about it.
Do you still use Facebook? Do you also use the social network services of the various manufacturers? Let us know what you think in the comments.