Skip to main content

Third-party devs improperly accessed some Facebook groups’ private data

Facebook is yet again at the center of a user privacy mishap. In a blog post, its head of platform partnerships, Konstantinos Papamiltiadis, revealed that about 100 third-party app developers had improper access to personal data of several groups’ members despite the fact that the social network overhauled its APIs to prevent this exact behavior last year.

Before the alterations to the Groups system, Facebook allowed outside developers to extract information of a group’s members such as their profile pictures, names, and more. All they needed was a green light from the group’s admin. However, in the wake of the Cambridge Analytica scandal, the company rolled out an update that restricted the third-party access to the group’s name, the number of users, and posts’ content, and made giving up their private data optional for members.

In a review, Facebook found out that scores of developers were able to function based on the outdated group rules and continued to siphon up members’ personal details even when they weren’t supposed to. It says at least 11 of those partners were active in the last 60 days.

Most of these partners, Facebook claims, were social media management and video streaming apps. The former, for instance, enables businesses to manage multiple Facebook groups and offer customer support from a centralized dashboard.

While it’s unclear at this point whether member data was abused for advertising or any other illicit purposes, Facebook says it has now revoked access and plans to conduct audits to confirm the data has been eradicated.

“Today we are also reaching out to roughly 100 partners who may have accessed this information since we announced restrictions to the Groups API, although it’s likely that the number that actually did is smaller and decreased over time. Although we’ve seen no evidence of abuse, we will ask them to delete any member data they may have retained and we will conduct audits to confirm that it has been deleted,” added Papamiltiadis.

Facebook has seemingly ended up in the crosshair of the public and governments across the globe every other week. A few days ago, the social media behemoth announced a companywide rebrand and new logos in an attempt to dampen its ailing image and more importantly, signal that its non-Facebook (such as Instagram and WhatsApp) are not entirely defined by Facebook, the social network.

Editors' Recommendations