New concerns arise over Facebook deep access data-sharing on users and friends

Avatar By Le Williams | 3 years ago

Facebook has reached data-sharing partnerships with at least 60 device makers, including Apple, Amazon, BlackBerry, Microsoft, and Samsung, over the last decade, starting before Facebook apps were widely available on smartphones, company officials have explained.

Partnership deals allowed Facebook to expand its reach and let device makers offer customers popular features of the social network, such as messaging, “like” buttons and address books.

However, partnerships, whose scope has not previously been reported, raise concerns about the company’s privacy protections and compliance with a 2011 consent decree with the Federal Trade Commission. Facebook allowed the device companies access to the data of users’ friends without their explicit consent, even after declaring that it would no longer share such information with outsiders. Some device makers could retrieve personal information even from users’ friends who believed they had barred any sharing, The New York Times found.

“You might think that Facebook or the device manufacturer is trustworthy,” said Serge Egelman, a privacy researcher at the University of California, Berkeley, who studies the security of mobile apps. “But the problem is that as more and more data is collected on the device — and if it can be accessed by apps on the device — it creates serious privacy and security risks.”

Some device partners can retrieve Facebook users’ relationship status, religion, political leaning and upcoming events, among other data.

Tests by The Times showed that the partners requested and received data in the same way other third parties did.

Facebook’s view that the device makers are not outsiders lets the partners go even further, The Times found: They can obtain data about a user’s Facebook friends, even those who have denied Facebook permission to share information with any third parties.

“It’s like having door locks installed, only to find out that the locksmith also gave keys to all of his friends so they can come in and rifle through your stuff without having to ask you for permission,” said Ashkan Soltani, a research and privacy consultant who formerly served as the F.T.C.’s chief technologist.