Scandal Alert— Facebook Partnered with 60+ Device Makers Including Smartphone and Tablet manufacturers and Provided Them Access to Users’ Private Data.
Contrary to the claim made in front of the Congress by Facebook CEO, Mark Zuckerberg, that whenever an individual chooses to ‘share something on Facebook’ it proactively goes through the service and decides what photo or video is to be shared, the New York Times (NYT) reports that the case is entirely different.
According to the NYT report released over the weekend, Facebook has been involved in data sharing agreements with nearly 60 device companies including Amazon, Apple, Samsung, Blackberry, and Microsoft. The agreement allowed the firms to acquire a wide range of information shared by the users, without their consent or permission.
This report has definitely raised concerns about the way Facebook handles private data and again highlights the shady data storing practices adopted by the social network. The partnerships were initiated in the past decade, much before smartphones started featuring Facebook apps.
Through these agreements, Facebook got the opportunity to expand its reach and device makers were able to offer their customers handy social network-based features including Like button and address books.
However, the scope of these partnerships remained undisclosed as yet, and now that the NYT has reported about it, there is a question mark over the compliance level of Facebook’s privacy policies with 2011, Federal Trade Commission’s consent decree.
As per the context of the agreements, Facebook allowed device makers to access users’ friends’ data without needing their explicit consent despite the social network’s declaration that it won’t share this information with third-parties. A majority of these partnerships are still in effect but Facebook started to wrap them up from April onwards.
It is worth noting that the social network was heavily scrutinized by regulators and lawmakers after the Cambridge Analytica scandal that made headlines in March this year, where the political consulting firm obtained and misused private data of millions of Facebook users.
It is quite likely that Facebook started to limit developers from collecting information from users’ friends post the infamous Cambridge Analytica scandal. But, there is no clear information about exempting device makers from accessing information via Facebook. As noted by the University of California, Berkeley’s privacy researcher Serge Egelman:
“You might think that Facebook or the device manufacturer is trustworthy. But the problem is that as more and more data is collected on the device — and if it can be accessed by apps on the device — it creates serious privacy and security risks.”
Sure looks like Zuckerberg lied to Congress about whether users have “complete control” over who sees our data on Facebook. This needs to be investigated and the people responsible need to be held accountable. https://t.co/rshBsxy32G
— David Cicilline (@davidcicilline) June 4, 2018
Facebook officials still maintain that their data sharing practices and privacy policies are in compliance with FTC agreement. It is stated that the partnerships were regulated under contracts that substantially limited the use of information by the partner firms and they weren’t also allowed to store information on their servers.
Furthermore, there haven’t been any cases where the information was misused, claim Facebook representatives, while the devices partners were just an extension of the social network that expanded its reach to over 2 billion users worldwide.
Facebook’s vice president Ime Archibong states: “These partnerships work very differently from the way in which app developers use our platform,” because instead of offering games and services the partners provided versions that enhanced users’ experience of Facebook. It was necessary to collaborate with devices and operating systems developers to broaden the network.
Device makers were able to get information about a user’s religious and political ideologies, relationship status and certain events report NYT. Facebook, however, claims that most of the data-sharing agreements have now ended.
Rich Campagna, CMO for Bitglass commented on the issue and said that “The news that device makers have been granted deep access to user data on Facebook serves as a reminder that data security risks can arise from malicious actors as well as other parties.”
With so many companies instituting bring your own device policies and allowing employees (who are often Facebook users) to access corporate information from their personal devices, it’s vital that these companies deploy security solutions capable of partitioning company data from personal data. Failure to do so can leave proprietary information exposed to apps and services that pull information from employees’ personal devices,” Campagna added.
Image credit: Depositphotos