Facebook Reveals Others That Got Special Access To User Data

Facebook Inc. disclosed it gave dozens of companies special access to user data, detailing for the first time a spate of deals that contrasted with the social network’s previous public statements that it restricted personal information to outsiders in 2015. The deals with app developers, device and software makers—described in a 747-page document released to Congress late on Friday—represent Facebook’s most granular explanation of exemptions that previously had been revealed by The Wall Street Journal and other news organisations. The disclosure comes as lawmakers have demanded accountability at Facebook for allowing companies access to data on its billions of users without their knowledge, and questioned how far the universe of firms extends.

Facebook said in the disclosure that the special deals were required to give app developers time to become compliant with changes in its policies and to enable device and software makers to create versions of the social network for their products. The company disclosed it was still sharing information of users’ friends, such as name, gender, birth date, current city or hometown, photos and page likes, with 61 app developers nearly six months after it said it stopped access to this data in 2015. Facebook said it gave these 61 firms—which ranged from the dating app Hinge to shipping giant United Parcel Service Inc.—a six-month extension for them to “come into compliance” with the 2015 policy. Also, five other companies “theoretically could have accessed limited friends’ data” because of access they received as part of a Facebook experiment, the company said in the document. Ime Archibong, Facebook’s vice president of product partnerships, acknowledged the preferred deals in an earlier interview with the Journal but said they were with individual developers to test new features or when winding down products. He said that the company maintained a “consistent and principled approach to how we work with developers over the course of the past 11 years.”

The disclosure follows a Journal article in June that reported Facebook struck customised data-sharing deals that gave select companies such as Nissan Motor Co. access to user records for their apps well after the point in 2015 when it said it walled off that information. Nissan is listed in Friday’s document. Facebook provided the document to the Energy and Commerce Committee of the U.S. House of Representatives in response to hundreds of questions from the committee, which quizzed Facebook Chief Executive Mark Zuckerberg during testimony in April. The committee said on its website that it received the responses shortly before midnight on Friday; the deadline for the responses was the close of business Friday. It is Facebook’s second attempt at answering Congress’s queries. In June, Facebook delivered 450 pages of answers to two Senate committees, deflecting some questions about its influence and market power while offering some detail about the information it collects on users.

Facebook’s handling of its user data has been under scrutiny since March when revelations surfaced that political analytics firm Cambridge Analytica, which aided President Donald Trump’s 2016 presidential campaign, purchased data on 87 million users without their consent. In the ensuing hearings, lawmakers asked Mr Zuckerberg whether Facebook violated a settlement the company made in 2012 with the Federal Trade Commission, under which the company is required to give its users clear and prominent notice and obtain their express consent before sharing their information beyond their privacy settings. Facebook said in the document that it hasn’t violated the FTC pact. Facebook indicated it has struggled to fully reconstruct what happened to its users’ information. “It is possible we have not been able to identify some extensions,” Facebook said in the document about companies that had access to users’ friends’ information past the 2015 cut-off.

Many of the app developers that scooped up unusually large chunks of data are out of business, according to developers and former Facebook employees. In some cases, the company says, developers contacted by Facebook aren’t responding to requests for further information. The social network also said in Friday’s document that it shared information about its users with 52 hardware and software makers, including big U.S. companies such as Amazon.com., Apple Inc., and Microsoft Corp., as well as some Chinese firms such as Huawei Technologies Co. and Alibaba Group Holding Ltd. Fourteen companies continue to have access to information about Facebook’s users, the document said. These partnerships “do not involve data sharing with partners for their independent purposes,” Mr Archibong said in a statement on Sunday. A spokeswoman for Facebook said the company provided access to these device and software makers after users logged into the Facebook app. According to the document, Facebook allowed this access to these companies could create versions of Facebook for their devices, provide “hubs” where users could see notifications from Facebook, allow users to sync Facebook contacts and photos on their devices and send users notifications from Facebook via text message. “These integrations were built by our partners, for our users, but approved by Facebook,” Facebook said in the document. Facebook has severed this data access with 38 of the companies on the list, the company said in the document. Seven companies will continue to have this access until July, and three companies—including Apple, Amazon and accessibility app Tobii—have agreements with Facebook to continue to access this data beyond October, according to the document.

Credit: Georgia Wells for The Wall Street Journal, 1 July 2018.