The opprobrium over Facebook’s data privacy practices continues. This time, the New York Times reports Facebook has apparently shared an inappropriate amount of user information with device manufacturers, such as Apple, Samsung, and Amazon.
The details: According to the NYT, Facebook’s deals with hardware manufacturers predate the existence of the Facebook app. The company created APIs which would allow companies such as Apple or Blackberry to create Facebook-like features. To allow these features to function, the company agreed to share user data with the companies.
The NYT questions whether these agreements conflict with a 2011 Federal Trade Commission decree that required, among other things, Facebook to, “obtain consumers’ affirmative express consent before enacting changes that override their privacy preferences.” The APIs provide access to much more information than consumers might be aware of.
As an example, writer Michael LaForgia logged into his Facebook account on a Blackberry Z10. The phone’s Hub app retrieved religious, relationship, and political information on all of his 556 friends, and 294,258 of his friends’ friends.
The counterargument: Facebook responded to the article directly in a press release. In it, Ime Archibong, the company’s VP of product partnerships, argues the two situations are completely different:
Given that these APIs enabled other companies to recreate the Facebook experience, we controlled them tightly from the get-go. These partners signed agreements that prevented people’s Facebook information from being used for any other purpose than to recreate Facebook-like experiences. … This is very different from the public APIs used by third-party developers, like Aleksandr Kogan.
Archibong says the APIs were created to fill a demand for mobile Facebook which the company couldn’t fulfill alone, and were thus necessary. He also noted the company is winding down these partnerships in general, having already ended 22 of them.
Why it matters: Had this happened before the Cambridge Analytica scandal, it might not seem quite so shady. If you’re using both Facebook and, say, an Apple product, you probably have some inherent trust in both companies — moreso than I daresay most had in the developer of a Facebook quiz. Archibong also pointed out Facebook’s agreements with the companies were designed to prevent misuse, and the company knew of none.
On the other hand, saying “We created these APIs to fill a public need,” isn’t exactly refuting the notion that these APIs shared more than the usual amount of private data with companies.
Whether Facebook actually violated the FTC consent decree remains to be seen. The Commission confirmed earlier this year it was conducting a non-public investigation into the company following Cambridge Analytica.