Just as Facebook had – from a markets perspective at least – put to bed the ghost of Cambridge Analytica, the New York Times has uncovered another case of unchecked data, where smartphone manufacturers were given access to Facebook users and their friends’ data.
The report reveals that Facebook reached an agreement with at least 60 different device manufacturers, and given this allegedly includes access to friend’s data, it could also raise compliance issues with a 2011 consent decree with the Federal Trade Commission (FTC).
To prove the concept, the Times logged into Facebook with a 2013 BlackBerry device with an account with 550 friends, which was slightly above average for the time. The reporters then monitored data requested and received using a BlackBerry app (wow, it’s been a while since I used those words) called “The Hub”. Through this, the Times claims, the device could acquire “identifying information” for up to 295,000 Facebook users. That feels like an enormous extrapolation, but remember that Cambridge Analytica was able to access information on up to 87 million people from just 270,000 people taking a personality quiz.
Facebook, for its part, has taken the unusual step of not just rebutting the report, but referring to the New York Times by name. On the Facebook newsroom, Ime Archibong, vice president of product partnerships, wrote that “while we agreed with many of their past concerns about the controls over Facebook information shared with third-party app developers, we disagree with the issues they’ve raised about these APIs.”
The 450-word piece goes on to explain that the ten-year-old API was an act of necessity in the early days of smartphones where app stores didn’t exist. “To bridge this gap, we built a set of device-integrated APIs that allowed companies to recreate Facebook-like experiences for their individual devices or operating systems,” Archibong explains, adding that these were controlled “tightly from the get-go.”
“These partners signed agreements that prevented people’s Facebook information from being used for any other purpose than to recreate Facebook-like experiences. Partners could not integrate the user’s Facebook features with their devices without the user’s permission. And our partnership and engineering teams approved the Facebook experiences these companies built.
“Contrary to claims by the New York Times, friends’ information, like photos, was only accessible on devices when people made a decision to share their information with those friends. We are not aware of any abuse by these companies.”
Archibong ends the piece by addressing the elephant in the room: if this was necessary in the pre-app store days, why is it still open in 2018? “Now that iOS and Android are so popular, fewer people rely on these APIs to create bespoke Facebook experiences. It’s why we announced in April that we’re winding down access to them. We’ve already ended 22 of these partnerships.”
Cambridge Analytica part two?
The parallels are pretty clear, but as sequels go, this is considerably less gripping. Bluntly there’s quite a big difference between a group of 60 trusted partners with a legitimate use for data on one hand, and researchers selling off their own data to third parties to make non-approved Facebook products on the other.
Which isn’t to downplay the fact that it’s not an ideal way for a company of Facebook’s resources to behave, but it is important to remember that 2008 was a very different time. Yes, the best selling phone that year was the iPhone (3GS), but the rest of the list is unrecognisable. It was far from clear that the smartphone fad was going to last another two years, let alone the next ten.
The real question is why – in an era where Android and iOS make up a cumulative 95.5% of the market – it’s taken Facebook so long to close down the API. The likely mundane reason was that so few people were using it that it didn’t seem worth the hassle with more pressing things to attend to.
That view, it turns out, was somewhat short-sighted in a political climate where the social network is treated with suspicion at every turn. Facebook should probably take this opportunity to reflect on the fact that while the Cambridge Analytica data scandal may be over from a financial perspective, the damage to its public perception will take a lot longer to heal.
Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.
