Facebook has been under fire recently, for allegedly granting third-party apps access to user’s data without their consent. Now, an investigation by The New York Times has revealed that the social network giant gave deep access to user data to at least 60 device makers over the time. The list include all the big names like Apple, Samsung, Microsoft, and Amazon as well as companies from far east, China.
Back in March, Facebook came under intensifying scrutiny after it was revealed that a political consulting firm, Cambridge Analytica, misused the private information of Facebook users in 2014. A wave of backlash ensued, causing Facebook's stock to plummet. Facebook CEO Mark Zuckerberg apologised afterwards, vowing to safeguard users’ privacy. The company eventually redesigned its settings menu, making it easier for users find and change their privacy settings.
Facebook officials also claimed that the company had cut-off such data exploits by 2015. However, they didn't disclose if the company had exempted OEMs from such restrictions, and recent investigation reveals it had. Facebook, in fact, struck deals with device makers all the way back in 2007 itself, well before Facebook apps were widely available on smartphones. The deal allowed OEMs private data channels with Facebook, which in turn allowed Facebook to expand its reach globally.
The New York Times says Facebook built private APIs for OEMs through 2014, sharing user data with "tens of millions of mobile devices, game consoles, televisions, and other systems outside Facebook’s direct control.” Facebook even allowed the device makers access to the data of users’ friends without their explicit consent.
Facebook has responded to the accusations made by The New York Times, arguing that it hasn’t broken any laws. In a post titled “Why We Disagree with the New York Times", Facebook argued that its partnerships with device makers “work very differently” from how app developers use Facebook’s API platform. Facebook says these partnerships are governed by contracts that strictly limit use of the data, including any data stored on partners’ servers.
Sandy Parakilas, a former Facebook employee who oversaw third-party advertising and privacy compliance, said that the data being shared with OEMs was flagged as a privacy issue as early as 2012.
“It is shocking that this practice may still continue six years later, and it appears to contradict Facebook’s testimony to Congress that all friend permissions were disabled.”
Facebook has claimed that it is winding-down these partnerships, and has already ended 22 of the approximately 60 partnerships. Most of the partnerships, however, still remain in effect. The New York Times says Facebook has at least four active data-sharing partnerships with Chinese companies, including Lenovo, Oppo, TCL, and Huawei, a company that has been flagged as a national security threat by American intelligence officials.
Regardless of whether or not Facebook has broken any laws, the fact that the company shares data with other third-party companies proves that it cannot be trusted to take user privacy seriously.