Facebook gave device makers deep access to data on users and friends

New York Times:

As Facebook sought to become the world’s dominant social media service, it struck agreements allowing phone and other device makers access to vast amounts of its users’ personal information.

Facebook has reached data-sharing partnerships with at least 60 device makers — including Apple, Amazon, BlackBerry, Microsoft and Samsung — over the last decade, starting before Facebook apps were widely available on smartphones, company officials said.

And:

Facebook allowed the device companies access to the data of users’ friends without their explicit consent, even after declaring that it would no longer share such information with outsiders. Some device makers could retrieve personal information even from users’ friends who believed they had barred any sharing, The New York Times found.

And in the wake of the Cambridge Analytica furor:

Facebook’s leaders said that the kind of access exploited by Cambridge in 2014 was cut off by the next year, when Facebook prohibited developers from collecting information from users’ friends. But the company officials did not disclose that Facebook had exempted the makers of cellphones, tablets and other hardware from such restrictions.

And:

Some device partners can retrieve Facebook users’ relationship status, religion, political leaning and upcoming events, among other data. Tests by The Times showed that the partners requested and received data in the same way other third parties did.

Read the Times article. Then read this response from Facebook, titled Why We Disagree with The New York Times:

Given that these APIs enabled other companies to recreate the Facebook experience, we controlled them tightly from the get-go. These partners signed agreements that prevented people’s Facebook information from being used for any other purpose than to recreate Facebook-like experiences. Partners could not integrate the user’s Facebook features with their devices without the user’s permission. And our partnership and engineering teams approved the Facebook experiences these companies built. Contrary to claims by the New York Times, friends’ information, like photos, was only accessible on devices when people made a decision to share their information with those friends. We are not aware of any abuse by these companies.

This is very different from the public APIs used by third-party developers, like Aleksandr Kogan. These third-party developers were not allowed to offer versions of Facebook to people and, instead, used the Facebook information people shared with them to build completely new experiences.

This is complicated. And if the Cambridge Analytica story had not happened, we might not even be discussing this.

It all comes down to trust. Do you trust Facebook with your data? If not, can they do anything to earn that trust back?

And one more bit, this Reddit thread (H/T Marlin Clark) asking, Is Facebook listening through your smartphone microphone?

I know this seems crazy, but read the article linked at the top of the post and ask around. There are a lot of examples of people reporting this. I’m skeptical, but there are a lot of these out there.