It seems as though hardly a week goes by without Facebook coming under fire for playing fast and loose with people’s data, and this week is no exception. In some cases, the social network has immediately fallen on its sword and begged for forgiveness, but in the latest case it appears to be arguing that this is just how the industry works, and therefore it shouldn’t be accused of bad behavior. For many, that attitude is not going to sit well, and it’s likely to increase pressure for some kind of regulatory oversight.
The New York Times reported on the weekend that Facebook has been sharing the personal data of possibly millions of users—and all of their friends—with device makers like Apple, BlackBerry and Samsung. According to the Times, the social network did so without asking for permission or informing users that phone manufacturers were storing some or all of that data. As the story describes it:
Facebook allowed the device companies access to the data of users’ friends without their explicit consent, even after declaring that it would no longer share such information with outsiders. Some device makers could retrieve personal information even from users’ friends who believed they had barred any sharing, The New York Times found.
In previous cases, including the Cambridge Analytica data leak, messages of apology came from either Facebook CEO Mark Zuckerberg or COO Sheryl Sandberg, or someone of that caliber. But in the latest case, the response from the social network came from a vice-president of product partnerships—and the message was significantly less conciliatory. Entitled “Why We Disagree with The New York Times,” the post says the process of allowing device makers to extract data was necessary in order to allow those devices to incorporate Facebook-like functions, in the days before there were discrete apps.
The company also says data was shared only when users gave explicit permission, even though this directly contradicts the reporting by the Times. According to the newspaper, users in their tests had information shared even when they had turned data-sharing off. As former FTC chief technology officer Ashkan Soltani pointed out on Twitter, this seems to go against Zuckerberg’s previous statements during the Cambridge Analytica uproar that Facebook shut down all such data sharing in 2014.
In a series of tweets that were posted by the main Facebook account following the Times story, the company made the case that it restricted the amount of data shared with device makers, and also noted that it launched the device-integrated APIs in order to help get Facebook onto mobile device before app stores had been invented. And finally, the company argued that “this was standard industry practice.” That argument isn’t likely to hold much water for some Facebook critics, however.
Even one of Facebook’s most powerful executives—Adam Mosseri, until recently the man in charge of the all-powerful News Feed—admitted recently that this kind of attitude has been part of the problem not just with the social network but with many other Silicon Valley companies as well. Mosseri told attendees at a CJR event in San Francisco in May that Facebook and many other companies have suffered from a blind spot that caused them to ignore the potential downsides of a given technology.
For better or worse, events like the Cambridge Analytica leak have highlighted how much of Facebook’s behavior was seen by the company as just standard industry practice, but is now a red flag pointing to the social network’s cavalier attitude on user information and privacy. And if both of these recent cases suggest that the company has breached its 2011 consent decree with the FTC, that is likely going to ramp up calls for the government to step in and take some kind of action.