It’s the season of giving (away your data)

Some more news this week: Facebook keeps faceplanting, and now Twitter also joins in the fun.

In the latter case, the avian-logo’d social media platform has announced that an error in their support forms potentially exposed country codes of users’ phone numbers to anyone interested.  This might not seem like a major incident compared to others, and it might not be.  An investigation is still ongoing.  But if those interested, as TechCrunch alludes to, include oppressive regimes looking to silence critics, the problem becomes more severe.

Meanwhile, Facebook continues to reveal increasingly creative ways in which they violated users’ privacy and trust.  This time, they even roped in some accomplices.  An agreement has come to light, thanks to the New York Times reporting, that Facebook gave over 150 companies access to users’ personal information.  To businesses like Spotify and Netflix was granted private message collections.  Apple was gifted users’ Facebook contacts and calendar entries.  And Amazon, to continue in this festive spirit of giving, received names and contact information.

All these comprised different types of partnerships with Facebook, some of which remain active.  In many cases, this data-sharing went on without explicit user permission, and sometimes when it was either disabled or supposedly canceled.  It all reads of similar negligence as that shown during the Cambridge Analytica (CA) scandal, which is fitting, as this new revelation coincides with the first CA lawsuit being brought against Facebook by the Washington, DC Attorney General.

Netflix, for their part, somehow managed to worsen the situation by tweeting jokes about the news, which naturally drew widespread objection.  The streaming service later took a more serious tone and insisted they had never used that particular feature of their Facebook partnership.  Unsurprisingly, this has not proven convincing in the eyes of many users, as it would be fairly simple for any employee without management knowing.

The initial Times story raises the question of “whether Facebook ran afoul of a 2011 consent agreement with the Federal Trade Commission that barred the social network from sharing user data without explicit permission.”  It would be something if we’re now seeing the roots of future legal trouble at the same time this current litigation has started blooming.  Regardless, however, the endless muck-ups Facebook keeps revealing, time after time, must be incredibly frustrating to users.

Such mistakes might call for a Menlo Park visit from the three ghosts of data security past, present and future.


By: Jonathan Weicher, post on December 20, 2018
Originally published at:
Copyright: NetLib Security