Facebook vs The New York Times
It’s not a trendy thing to do, but I’m going to back Facebook up on this one.
What the story is talking about is operating system-level Facebook integration – something most smartphones had for most of the past decade, but is now being phased out. You know the idea – log into Facebook in your phone’s settings and you get things like your friends’ photos pop up in your phone address book, or the ability to easily share a photo to Facebook from your camera roll.
Here’s the nub, per the NYT:
“The partnerships, whose scope has not previously been reported, raise concerns about the company’s privacy protections and compliance with a 2011 consent decree with the Federal Trade Commission. Facebook allowed the device companies access to the data of users’ friends without their explicit consent, even after declaring that it would no longer share such information with outsiders. Some device makers could retrieve personal information even from users’ friends who believed they had barred any sharing, The New York Times found.”
This happened in plain sight for years – seriously, anyone who thought about it for five seconds, including regulators, would have realised that Facebook data would be stored on a user’s phone and potentially in the phone manufacturer’s cloud too.
The NYT goes on to make it sound like something bad was happening behind users’ backs:
“The Times found: They can obtain data about a user’s Facebook friends, even those who have denied Facebook permission to share information with any third parties.”
But unless there’s been a breach of the manufacturers’ contracts with Facebook (and there doesn’t seem to be any evidence of that) the data is used on an individual’s phone to integrate their Facebook account with phone features - not given to device manufacturers to keep copies of for other uses. The ‘third party’ is probably just 'your Facebook friend’s phone.’
If that was happening, I would see the scandal, but there’s no evidence it was.
technically be some breaches of law in some jurisdictions here (I’m no lawyer), based on where the data was stored, but there’s not really much to it beyond that. As Facebook’s response to the story
“Given that these APIs enabled other companies to recreate the Facebook experience, we controlled them tightly from the get-go. These partners signed agreements that prevented people’s Facebook information from being used for any other purpose than to recreate Facebook-like experiences. Partners could not integrate the user’s Facebook features with their devices without the user’s permission.
And our partnership and engineering teams approved the Facebook experiences these companies built. Contrary to claims by the New York Times, friends’ information, like photos, was only accessible on devices when people made a decision to share their information with those friends. We are not aware of any abuse by these companies.”
It’s essential for the media to keep a close eye on what a company like Facebook gets up to, given the vast influence it has on our lives. But confusing the public with a story that relies on a vague definition of what is and isn’t a 'third-party,’ and lacks evidence to support the suggestion that anything has actually gone wrong, helps no-one.