Reports have emerged that a number of major companies were granted unprecedented access to Facebook (NASDAQ: FB) users’ personal data through questionable partnership agreements. More than 150 companies, most of them technology and online retail sites, entered into agreements with Facebook to access to users’ personal data in ways not previously disclosed. The oldest deal was struck in 2010 and each of the deals were in effect as recently as 2017, with some remaining active this year.
News of the issue was first reported by New York Times, which cited interviews and hundreds of documents from the social media platform in the report. The records, generated in 2017 by the company’s internal system for tracking partnerships, showed the company allowed its “partners” to access information that Facebook publicly claimed it had stopped sharing a year ago. Collectively, applications made by the partners sought the data of hundreds of millions of people a month.
The examples given in the New York Times report are alarming. The researchers uncovered that Facebook allowed Spotify, Netflix, and the Royal Bank of Canada to read, write, and delete users’ private messages, as well as see participants on a thread. Microsoft’s Bing search engine was allowed to view the names of Facebook users’ friends without consent, while Amazon was allowed to obtain users’ names and contact information. Yahoo was granted permission to view streams of friends’ posts.
Some of the social network’s data-sharing practices appear to violate a deal between Facebook and the Federal Trade Commission, which outlawed the sharing of user data without explicit consent. Steve Satterfield, Facebook’s director of privacy and public policy, said in a statement that none of the arrangements violated the agreement because Facebook considered the partners service providers that allowed users to interact with their Facebook friends. The F.T.C. has already opened a new inquiry into Facebook’s compliance with the consent order.