Facebook allowed Netflix, Spotify, Amazon, Microsoft, Yandex and Royal Bank of Canada unprecedented access to its users’ private data.
The social media giant Facebook has been making headlines for all the wrong reasons lately. Now, according to reports, Facebook allowed video streaming service Netflix, music streaming service Spotify, and Royal Bank of Canada to read, write and delete private messages of users and those participating in the conversation.
In Spotify’s case; the company had access to private messages of more than 70 million users a month. But it did not end here, Facebook also provided tech giants like Microsoft, Amazon, and Yahoo access to user data without their consent. This was revealed by The New York Times on Tuesday after accessing hundreds of pages of Facebook documents from 2017 detailing the company’s internal method for tracking partnerships.
See: Facebook partnered with 60+ device makers & shared users’ private data
In the case of Microsoft, Facebook allowed its Bing search engine to see the names of all Facebook users friends without their permission or knowledge. It is noteworthy that Facebook users are allowed to hide their Friends’ list from not only outsiders but also from those on their list.
For Amazon, Facebook allowed the company to extract names and their contact information through their friends while Yahoo was allowed to view streams of friends’ posts. What is more shocking is that Facebook also allowed Yandex, a Russian multinational corporation to access Facebook’s unique user IDs as late as 2017.
Facebook, on the other hand, has admitted allowing unprecedented access to its users’ data to the aforementioned companies but maintains that it has found no evidence of abuse. According to a blog post from Konstantinos Papamiltiadis, Director of Developer Platforms and Programs at Facebook:
“Did partners get access to messages? Yes. But people had to explicitly sign in to Facebook first to use a partner’s messaging feature. Take Spotify for example. After signing in to your Facebook account in Spotify’s desktop app, you could then send and receive messages without ever leaving the app. Our API provided partners with access to the person’s messages in order to power this type of feature.”
In response to The Time’s report; Netflix and Spotify claimed that they were unaware of broad accesses granted by Facebook. In a Tweet, Netflix said that, “Netflix never asked for, or accessed, anyone’s private messages. We’re not the type to slide into your DMs.”
An Amazon spokesperson issued a statement to BuzzFeed stating that, “Amazon uses APIs provided by Facebook in order to enable Facebook experiences for our products. For example, giving customers the option to sync Facebook contacts on an Amazon Tablet. We use the information only in accordance with our privacy policy.”
Microsoft also issued a statement and said that the partnership with Facebook ended back in February 2016. “Throughout our engagement with Facebook, we respected all user preferences,” a Microsoft spokesperson told BuzzFeed.
However, a Royal Bank of Canada spokesman denied having any such access which allowed it to read or delete users’ private messages.
Nevertheless, The Time’s report could be a massive blow to Facebook as throughout 2018 the company made headlines for all the wrong reasons starting from Cambridge Analytica, a political consulting firm that had access to personal details of over 50 million Facebook users without their consent. The firm was then accused of using the data to influence the Brexit campaign and the US Presidental elections in 2017 since it also worked for Ted Cruz and Donald Trump’s presidential campaign.
In June this year, a bug exposed private posts of 14 million Facebook users to the public. Then, in October this year, the company announced that hackers stole data of over 30 million users (including their phone numbers and location data) after exploiting a vulnerability in its “View As” feature in September.
See: Yahoo built software to secretly scan user emails for the NSA
In November, the BBC found a group of hackers selling private messages of 81,000 hacked Facebook accounts on an underground hacking forum for just 10 cents (8p). Last but not the least, most recently on December 14th, Facebook admitted that a bug in its Photo API exposed private photos of over 6.8 million users to third-party app developers.
If you are interested in getting rid of Facebook check our exclusive 2018 guide on “How to Delete Your Facebook Account Permanently.”