Facebook races to fix flaws in data feeds used by partners
Facebook is racing to find and fix flaws in the data feeds that other companies use to tap into information about its users following a new round of revelations pointing to potential weaknesses in its control of personal data.
The latest privacy storm to hit the social networking company came late on Tuesday after The Tech News revealed how companies including Microsoft and Spotify had been given access to data about Facebook users.
In some cases services continued to have access to data related to Facebook users and their friends even after the contracts expired.
The disclosures echo Facebook’s failure to prevent the leakage of user data to Cambridge Analytica, a political research company that worked for Donald Trump’s election campaign, which came to light earlier this year.
That scandal led to a political crisis and highlighted a failure to control user data handed to app developers, who create games and other services that run on the social network.
The latest revelations, by contrast, concern data given to hundreds of companies under individual partnership agreements. The arrangements were designed to help those companies integrate their services more closely with Facebook.
Users who linked their Facebook accounts to Microsoft’s Bing, for instance, could see results drawing on their Facebook friends’ actions and preferences when using the search engine. Yahoo users were able to read their Facebook news feed inside a Yahoo app.
Facebook refused to comment on the specifics of the data-sharing deals but painted them as part of a longstanding practice designed to integrate its service with others.
“Over the years, we’ve partnered with other companies so people can use Facebook on devices and platforms that we don’t support ourselves,” Steve Satterfield, the company’s director of privacy and public policy, said in a statement.
He added that the companies that had been handed data under these arrangements were required to adhere to the privacy preferences of users. “Facebook’s partners don’t get to ignore people’s privacy settings, and it’s wrong to suggest that they do,” Mr Satterfield said.
Damian Collins, the British MP who chairs the UK’s digital, culture, media and sport committee that has been probing Facebook, called for competition authorities to investigate how the social network decided which companies had access to user data and which did not.
“Given the dominant market position they enjoy in social media, this gives real concerns about whether they are behaving as a monopoly, exercising their considerable power to further dominate the commercial environment in which they trade; making some businesses, and breaking others in the process,” he said.
Jeff Chester, head of the Center for Digital Democracy, a non-profit privacy group, said Facebook and Google had relied for years on sharing data with other companies under arrangements such as these.
He added that his organisation had complained to the Federal Trade Commission that this contravened undertakings that both companies had given to the agency, though there have been no regulatory actions over the issue.
Facebook ended some of the arrangements in 2014, at a time when it became more restrictive about who had access to its user data. Despite this, the company in some cases failed to restrict the APIs, or integration “hooks”, that its partners had used to access the data, according to the NYT.