When he stood before Congress in April, following yet another scandal at Facebook, Mark Zuckerberg declared ‘We don’t sell data to anyone’.
That may technically be the case, but a new New York Times expose has revealed that Facebook gave 150 companies access to hundreds of millions of users’ data.
Records obtained by the Times reveal that the amount of data Cambridge Analytica received from a Facebook app paled in comparison to the access that was granted to the social media giant’s biggest partners, including Amazon, Spotify, and Netflix.
Facebook gave Netflix, Spotify, and the Royal Bank of Canada the ability to read, write, and delete Facebook users’ private messages and to see all participants on a thread.
A new New York Times expose has revealed that Facebook gave 150 companies access to hundreds of millions of users’ data without their consent
It also allowed Microsoft’s search engine, known as Bing, to see the name of all Facebook users’ friends without their consent, according to the records.
Amazon was allowed to obtain users’ names and contact information through their friends, and Yahoo could view streams of friends’ posts.
As of last year, Sony, Microsoft, and Amazon could all obtain users’ email addresses through their friends.
Facebook never received monetary payment for permitting this kind of access, even if its users had disabled all data sharing on their profile.
It has argued that these major companies were merely acting as an extension of Facebook, which is why any information that a user shared with friends on the site could be shared with the companies without user consent.
Facebook gave Netflix, Spotify, and the Royal Bank of Canada the ability to read, write, and delete Facebook users’ private messages
Facebook denied on Tuesday night that these companies misused Facebook users’ data, but did not touch on the Times’ revelation of incredible amount of data they were given access to in the first place.
‘Facebook’s partners don’t get to ignore people’s privacy settings, and it’s wrong to suggest that they do,’ Steve Satterfield, the site’s director of privacy and public policy, said in a statement obtained by NBC News.
But Facebook struck data sharing deals with these companies – deals that helped bring in new users and, as a result, drove up its advertising revenue.
Facebook’s ‘People You May Know’, a friend suggestion tool on the site, was one such feature in which the social media giant utilized data acquired by its partners.
The tool has been controversial since it was introduced in 2008, sometimes suggesting connections between estranged family members or even a victim and their harasser.
Facebook’s business partners were exempted from the site’s usual privacy rules through the deals, according to internal records.
The deals – made with tech businesses, online retailers, automakers, entertainment sites, and media organizations – date back to 2020 and all were still active in 2017.
Some still remained in effect this year, as the Cambridge Analytica scandal plagued Facebook and raised numerous concerns about how it was handling its users’ data.
Following the controversy, Zuckerberg told Congress that Facebook users now ‘have complete control’ over everything they share on the site.
Amazon was allowed to obtain users’ names and contact information through their friends, and Yahoo could view streams of friends’ posts
But an extensive investigation by the Times has revealed that wasn’t the case as it interviewed more than 50 former Facebook employees and government officials and reviewed more than 270 pages of the company’s internal documents.
The Times also performed a number of technical tests to see exactly what information was being passed between Facebook to its partner websites.
Facebook made deals with over 60 makers of smartphones, including Apple.
Records show that Apple devices could access users’ contact numbers and calendar entries, even if those same users had disabled all sharing.
Apple was also given the ability to hide the fact that its devices were asking for data from Facebook’s users.
And Yandex, a Russian social media company accused of having ties to the Kremlin, could access Facebook users’ unique IDs as recently as 2017 – despite the fact that Facebook had stopped sharing them with other applications for years due to security concerns.