Monday 16 September, 2019

FB admits that it allowed Netflix to access your private messages

Facebook has acknowledged allowing other companies, namely Netflix and Spotify to access millions of people's private messages.

Following a New York Times report that was published on Tuesday, the social media giant said that it had given third-party companies extensive access to messages. 

This was so people could log in to services such as Spotify with their Facebook account and then send messages through the Spotify app, the company said. 

According to a recent blog post:

"Did partners get access to messages? Yes. But people had to explicitly sign in to Facebook first to use a partner's messaging feature. Take Spotify for example. After signing in to your Facebook account in Spotify's desktop app, you could then send and receive messages without ever leaving the app. Our API provided partners with access to the person's messages in order to power this type of feature."

Citing internal Facebook documents, The Times said Spotify could see the messages of more than 70 million Facebook users a month. It also reported that Netflix and the Royal Bank of Canada could read, write, and even delete people's messages.

Spotify and Netflix both told The Times they were unaware they had level access. Netflix told Business Insider it didn't access anyone's messages. Facebook told The Times that it found no evidence of abuse.

"Over the years we have tried various ways to make Netflix more social," a spokeswoman said. "One example of this was a feature we launched in 2014 that enabled members to recommend TV shows and movies to their Facebook friends via Messenger or Netflix. It was never that popular so we shut the feature down in 2015. At no time did we access people's private messages on Facebook or ask for the ability to do so."

I'm sorry, but allowing for 3rd party clients is the kind of pro-competition move we want to see from dominant platforms," the company's former privacy chief Alex Stamos tweeted on Wednesday. "For ex, making Gmail only accessible to Android and the Gmail app would be horrible. For the NY Times to try to scandalize this kind of integration is wrong."

More troubling to observers, however, was any sense that Facebook gave third parties deep access to user data without properly informing users and gaining permission. Many people tend to assume their private messages on social media will stay private.

Former Federal Trade Commission officials told The Times that Facebook's newly revealed data-sharing agreements probably violated regulatory requirements.

For Facebook, this is the latest in a steady drip of privacy scandals. It is still struggling with the fallout from the Cambridge Analytica scandal in March and fighting regulatory fines. It has disclosed multiple breaches over the past few months, including a significant hack affecting up to 50 million users disclosed in September.

Get the latest local and international news straight to your mobile phone for free: