Facebook fights back over new data misuse allegations

An explosive report from The New York Times is getting heavy
pushback from Facebook’s PR team.

After months of scandal in the wake of revelations that Cambridge Analytica
exploited the Facebook platform to access millions of users’ records
without their consent, the social media company spotlighted its privacy
protocols and promised to shutter many of its current data collection
habits.

As part of its defense, the company asserted it no longer allows
third-parties access to user data without users’ consent, starting in 2015.
However, it appears that device makers were exempted from these more
stringent policies, leaving the public to speculate about Facebook’s
honesty and how safe its data gathering truly is.


The New York Times
reported:

Facebook has reached data-sharing partnerships with at least 60 device
makers — including Apple, Amazon, BlackBerry, Microsoft and Samsung — over
the last decade, starting before Facebook apps were widely available on
smartphones, company officials said. The deals allowed Facebook to expand
its reach and let device makers offer customers popular features of the
social network, such as messaging, “like” buttons and address books.

But the partnerships, whose scope has not previously been reported, raise
concerns about the company’s privacy protections and compliance with a 2011
consent decree with the Federal Trade Commission. Facebook allowed the
device companies access to the data of users’ friends without their
explicit consent, even after declaring that it would no longer share such
information with outsiders.

Facebook is defending the agreements with device-makers as shortcuts for
developing “bespoke Facebook experiences.”

Facebook wrote in its blog:

The New York Times has today written a long piece about our
device-integrated APIs — software we launched 10 years ago to help get
Facebook onto mobile devices. While we agreed with many of their past
concerns about the controls over Facebook information shared with
third-party app developers, we disagree with the issues they’ve raised
about these APIs. Here’s why.

In the early days of mobile, the demand for Facebook outpaced our ability
to build versions of the product that worked on every phone or operating
system. It’s hard to remember now but back then there were no app stores.
So companies like Facebook, Google, Twitter and YouTube had to work
directly with operating system and device manufacturers to get their
products into people’s hands. This took a lot of time — and Facebook was
not able to get to everyone.

To bridge this gap, we built a set of device-integrated APIs that allowed
companies to recreate Facebook-like experiences for their individual
devices or operating systems. Over the last decade, around 60 companies
have used them — including many household names such as Amazon, Apple,
Blackberry, HTC, Microsoft and Samsung.

[FREE GUIDE: 3 helpful tips for your crisis comms prep]

However, The Times isn’t ready to accept Facebook’s explanation.

It concluded:

Some device partners can retrieve Facebook users’ relationship status,
religion, political leaning and upcoming events, among other data. Tests by
The Times showed that the partners requested and received data in the same
way other third parties did.

Facebook’s view that the device makers are not outsiders lets the partners
go even further, The Times found: They can obtain data about a user’s
Facebook friends, even those who have denied Facebook permission to share
information with any third parties.

Other outside critics also have a bone to pick with Facebook’s explanation.

Engadget reported:

A former Facebook employee who led third-party ad and privacy compliance,
Sandy Parakilas, noted that the program was controversial even within
Facebook. “This was flagged internally as a privacy issue,” he said. “It is
shocking that this practice may still continue six years later, and it
appears to contradict Facebook’s testimony to Congress that all friend
permissions were disabled.”

The issue has also caught the attention of the US government. “Sure looks
like Zuckerberg lied to Congress about whether users have ‘complete
control’ over who sees our data on Facebook,” tweeted Rhode Island
Congressman (D) and consumer privacy advocate David Cicilline. “This needs
to be investigated and the people responsible need to be held accountable.”

Observers noted the scope of this latest scandal for Facebook as it tries
to rebuild public trust and abide by new data-security laws.


Fortune
wrote:

It’s potentially a very big problem for Facebook.

Firstly, it may violate the “consent decree” deal that Facebook struck with
the FTC in 2011. That settlement followed complaints from users that
Facebook wasn’t allowing them to keep their information on the social
network private—Facebook promised to get consent from users before sharing
their data with third parties, and to avoid making deceptive claims about
its privacy practices.

The Cambridge Analytica scandal already led the FTC to
investigate whether Facebook broke this settlement. Now this new scandal could add fuel to the fire, as the data being shared
with device manufacturers includes information that people set to private.

[…] There’s one extra issue to worry about here: the European Union’s
General Data Protection Regulation (GDPR). It only came into force around
10 days ago, but if Facebook is still sharing people’s data without their
consent—especially sensitive personal data about things like religious
beliefs—then it could be in big trouble in the EU. The company has already
been
the subject of GDPR privacy complaints, despite the new legal regime’s tender age.

Some are beginning to poke holes in Facebook’s previous statements to
reporters after the Cambridge Analytica debacle.

Others are sharing their Facebook fatigue:

Some aren’t buying Facebook’s apology this time:

Many are calling for an investigation:

What do you think of Facebook’s response, PR Daily readers?

(Image via)



[ad_2]

You might also like More from author

Leave A Reply

Your email address will not be published.