sdecoret - stock.adobe.com

Feds expand Facebook data sharing probe

The US federal probe into Facebook’s data sharing practices is expanding and MEPs are considering new measures as the firm reveals it granted extended access to 61 companies and admits to another data sharing software bug

The FBI, Securities Exchange Commission (SEC) and Federal Trade Commission (FTC) have joined the US Justice Department investigation into Facebook’s data sharing practices.

The three agencies are examining statements about the social networking firm’s controversial dealings with Cambridge Analytica to determine if the Facbook’s public declarations about the data sharing scandal afftecting 87 million users tie up with underying facts, according to The Washington Post.

The federal investigators are looking at what Facebook knew in 2015 when it discovered that Cambridge Analytica had used Facebook data to create voter profiles and why the company didn’t reveal it at the time to its users or investors.

According to unnamed sources, the investigators are also looking into any discrepancies in more recent accounts and scrutinising the testimony of Facebook officials.

News of the expanded probe sent Facebook’s shares down 1.4% in after-hours trading, according to Seeking Alpha. Investors may also have been influenced by news that Facebook continued sharing data with 61 companies despite a public commitment to restrict third party access to user data.

Facebook introduced stricter guidelines on accessing user data for third party apps in April 2014, but admits in documents submitted to the US Congress at the weekend that while it gave businesses a year to transition to the new rules, 60 firms were given a further six-month extension and one was given an eight-month extension.

The firms that benefited from the extended access to users’ public profiles and some data from their Facebook friends include Nike, Spotify, UPS, Panasonic, Oracle, AOL, Nissan, Audi, Spotify, dating app Hinge and accessibility app Serotek.

Read more about Facebook and privacy

Facebook also revealed it had granted special privileges to 52 other hardware and software firms, including Apple, Amazon and Huawei, to integrate “Facebook and Facebook features” into devices and services, which involved access to some basic user data, according to The Guardian.

However, Facebook said the firms were limited to building Facebook-approved products, that the integrations had all been approved by its engineering teams, and that 38 of the 52 had already been discontinued.

In the wake of the data sharing scandal with Cambridge Analytica, Facebook announced that it would start shutting down these application programming interfaces (APIs) and make other changes to restrict the information Facebook users can share.

Coinciding with the expanded federal probe, Facebook vice-president of product partnerships Ime Archibong announced additional API restrictions the company is putting in place to better protect people’s information.

“These changes will continue to enable developers to create social experiences, while protecting people’s information. We will keep you updated on additional changes we make,” he wrote in a blog post.

British MPs involved in the House of Commons inquiry into fake news have accused Facebook of attempting to avoid public scrutiny and Damian Collins, the chairman of the culture, media and sport select committee accused the firm of evasive behaviour.

Facebook’s chief executive, Mark Zuckerberg, has refused to give evidence to the committee, sending the company’s chief technical officer, Mike Schroepfer, to appear in April in his place.

Temporary bug

Adding to its data woes, Facebook has also admitted that it has uncovered a bug which temporarily unblocked people on Facebook and its Messenger app who had previously been blocked by users from messaging them and seeing things posted to a wider audience such as pictures shared with friends of friends.

More than 800,000 people were affected by the bug between 29 May and 5 June, according to Facebook, which starting notifying those affected on 2 July. Facebook issued an apology and said it would be informing affected users, but did not say how long it had been aware of the bug.

In an attempt to downplay the severity of the bug, Facebook’s chief privacy officer Erin Egan said 83% of people affected by the bug had only one person they had blocked temporarily unblocked.

“This issue has now been fixed and everyone has been blocked again,” she said in a blog post.

This is the second software bug in less than a month to affect users. In June, Facebook disclosed that a  bug led some users to post publicly by default regardless of their previous setting, affecting up to 14 million users over several days in May.

In Europe, parliamentarians discussed how to prevent repeats of the Facebook-Cambridge Analytica scandal with a Facebook representative and three EU Commissioners.

Policy solutions

At the third Facebook-Cambridge Analytica hearing, Richard Allan, vice-president of policy solutions at Facebook, answered MEPs’ questions about how Facebook intends to ensure that it complies fully with data protection laws and how it plans to prevent similar cases from recurring in the future.

MEPs also discussed possible policy solutions and remedies to ensure that EU citizens’ data are properly protected with Commission vice-president Andrus Ansip, justice commissioner Věra Jourová and security union commissioner Julian King.

The hearing concluded a series of hearings focusing on the Facebook-Cambridge Analytica scandal.

Civil Liberties Committee (LIBE) chair Claude Moraes said: “In the course of our investigation, it has become clear that real transparency is needed from companies such as Facebook in terms of data processing methods, tracking, profiling and use of algorithms in order to ensure consumer trust.

“My impression is that much needs to be done, particularly by commercial organisations, to ensure that their business model is by design and by default compliant with fundamental rights.

“After hearing from the competent authorities examining the case, we expect appropriate measures to enforce the law and ensure the respect of our fundamental rights will be taken,” he said. “We will now submit the outcome of our investigation and possible follow up for discussion with LIBE coordinators.”

Read more on Privacy and data protection

CIO
Security
Networking
Data Center
Data Management
Close