In response to reports alleging that Facebook Inc. gave major tech companies it partnered with greater access to user data than previously known, including the ability to read private messages, Facebook denied that it gave companies access to information without user consent and rejected the idea that the new revelations constitute a violation of its privacy order with the U.S. Federal Trade Commission.
A report by The New York Times claimed, based on an investigation of internal documents, that Facebook allowed Microsoft Corp.'s Bing search engine to see the names of many Facebook users' friends without approval. In addition, the social media giant allowed Netflix Inc. and Spotify Technology SA to read the private messages of users, according to the report. It also alleged that Facebook allowed Amazon.com Inc. and Yahoo more access to user data than previously known.
Facebook pushed back and largely denied any wrongdoing. "None of these partnerships or features gave companies access to information without people’s permission, nor did they violate our 2012 settlement with the FTC," wrote Konstantinos Papamiltiadis, Facebook's director of developer platforms and programs, in a Dec. 18 blog post.
Facebook has allowed users to access Facebook features on devices and platforms built by other companies such as Amazon, Apple Inc. and Yahoo. "These are known as integration partners," Papamiltiadis wrote. The goal is to enable more social experiences, such as seeing recommendations from Facebook friends, on other popular apps and websites, he said, noting that most of these features are now gone.
In March, the FTC said it was investigating whether Facebook violated this settlement. The results of the investigation have not yet been made public.
A Microsoft spokesperson told S&P Global Market Intelligence that throughout the company's engagement with Facebook, it respected all user preferences.
While Facebook said that partners did get access to users' messages, the social media company claimed that users would have first needed to sign into Facebook to use a partner’s messaging function.
Using Spotify as an example, Papamiltiadis said that after signing into Facebook on Spotify’s desktop app, users could send and receive messages without leaving Spotify and that Facebook’s software building tools gave partners access to users' messages to enable the feature.
In response, a Spotify spokesperson said it has no evidence that Spotify ever accessed users' private Facebook messages.
"Spotify cannot read users' private Facebook inbox messages across any of our current integrations," said the spokesperson in a Dec. 19 statement. "Previously, when users shared music from Spotify, they could add on text that was visible to Spotify. This has since been discontinued."
After a string of disclosures of privacy breaches, Facebook, along with other major social media platforms, has faced intense scrutiny from the public and lawmakers on privacy practices throughout the year. Lawmakers on both sides of the aisle have an appetite to pass federal privacy reform, and the issue is expected to be one of the few with bipartisan support in the next Congress.
Adding to Facebook’s legal and regulatory woes, Karl Racine, the attorney general for the District of Columbia filed a suit Dec. 19 against Facebook for failing to protect users' data, alleging that the company misled users about the security of their data and failed to properly monitor third-party apps' use of data, among other violations.
Racine's lawsuit seeks an injunction that would require the institution of protocols and safeguards to monitor users' data. The suit also seeks restitution for consumers, penalties and costs.