Production Perig - stock.adobe.c
Facebook planned to spy on Android phone users, internal emails reveal
Facebook planned to use its Android app to track the location of its customers and to allow advertisers to send political advertising and invites to dating sites to ‘single’ people, confidential documents show
Facebook project teams developed technology to allow the company to track the location of its customers from their mobile phones.
Documents seen by Computer Weekly also reveal plans by Facebook to pass data on “single” Facebook users to companies selling dating services and organisations that wanted to target them with “political” advertisements.
The documents, marked “confidential”, reveal a secret programme by Facebook’s “growth team” to collect and exploit data from customers with Android mobile phones.
Their disclosure comes only a week after a critical report by a UK parliamentary committee investigating disinformation and fake news called for an independent regulator to oversee Facebook and other social media companies.
The documents are a previously unpublished part of a cache seized when the Digital, Culture, Media and Sport Committee dispatched Parliament’s serjeant-at-arms to arrest Ted Kramer, founder of Six4Three. Kramer was forced to hand over hundreds of legal documents disclosed in his company’s lawsuit with Facebook in the wake of the Cambridge Analytica scandal.
According to internal emails published on Github, Facebook planned to use its Android app to match users’ location data with mobile phone basestation IDs to deliver “location-aware” products.
Marne Lynn Levine, then vice-president of global public policy, disclosed Facebook’s plans to exploit data from Android phones in an email in 2012.
Tracking Android phones
“We’ll be collecting users’ location data and matching it with cell site IDs. This information will be stored in anonymous form, but will allow us to roll out ‘feature phone’ products in the future,” she wrote.
Levine, who is now chief operating officer of Instagram, revealed that Facebook had changed its policies to make it easier for advertisers to target single people on Facebook, including serving them with political advertisements through a self-service interface.
“We revised our policy to allow advertisers to target users who haven’t indicated that they are ‘married’ or ‘in a relationship’ (instead of only allowing targeting of ‘single’ users),” she wrote.
“This targeting capability is only currently available for dating, but the ads product team is working to expand it to other verticals (like political) and make it available via self-serve.”
The news is likely to raise further questions about the use of Facebook for political purposes, following revelations that it was used by Russia to attempt to influence the Brexit vote.
Facebook’s project, which Levine described as a “policy relaxation”, was expected to boost Facebook’s revenues, Levine said.
“This is a big win for the dating vertical specifically, but also supports our efforts to examine ‘good’ revenue opportunities resulting from policy relaxation/changes,” she wrote.
The documents show that Facebook also wanted to use its Android app to gain competitive intelligence about rival firms.
According to Levine’s email, the growth team planned to use the app to discover whether users were using rival app stores rather than Google’s own app store to buy and download applications.
The company also planned to collect data about how rival apps used Facebook functions, such as camera and messages, for “competitive analysis”.
“The privacy team is working with the team to determine the best alternatives for collecting this information while minimising policy risk,” the email read.
Fraudulent charity apps
In other email chains, Facebook executives raised concerns that customers were falling victim to fraudulent apps purporting to raise money for charitable purposes.
Facebook, which charged 30% service fees on the transactions, revealed in the internal email, “that an overwhelming majority of apps using Facebook Payments to solicit funds are likely fraudulent”.
The company said it had addressed the problem by changing its policy, so payments to transfer funds to charitable causes were approved by Facebook first.
Privacy blunder covered up
The documents reveal that Facebook executives raised serious concerns about the privacy of the Facebook platform after issues with one application sparked an internal panic.
Michael Vernal, the executive responsible for Facebook’s platform team, warned in an email in October 2013 that an issue with “Login V4” could have been “near-fatal” for Facebook platform, Login, and other technology projects.
“If Mark [Zuckerberg] had accidentally disclosed earnings ahead of time because a platform app violated his privacy ... literally, that would have basically been fatal for Login/Open Graph, etc,” he said, to retorts of “holy crap” from another executive.
“I want us to follow up on this and respond urgently here, but I also do not want this story spreading inside of Facebook or off of this thread at all. I can’t tell you how terrible this would have been for all of us had this not been caught quickly,” said Vernal.
The documents reveal internal discussions among senior Facebook executives on how Facebook could extract data from independently developed applications.
In an email to senior executives, Facebook CEO Mark Zuckerberg outlined plans that would give Facebook access to customers’ data from games and apps developed by independent developers, in return for giving the developers access to data on Facebook users.
Zuckerberg said app developers could create special-purpose apps and make them social by “having Facebook plug into it”.
“However, that may be good for the world, but it’s not good for us unless people also share back to Facebook and that content increases the value of our network. So ultimately, I think the purpose of platform … is to increase sharing back into Facebook,” he said.
Zuckerberg proposed a tiered model where developers could pay to get access to a dialogue to invite more of each customer’s friends to join the app through Facebook’s “coefficient” service and “full friends list”.
“Through coefficient and full friends list, they can upsell a person to invite their friends much more effectively throughout their app as well. I’d estimate that these two things alone would increase conversion by 20-30% for developers. That means they should be willing to pay us roughly 20-30% of the value of each user who signs up,” he said.
A spokesperson for Facebook said the leaked documents only told one part of the story and omitted important explanatory context.
“Like the other documents that were cherry-picked and released in violation of a court order last year, these, by design, tell one side of a story and omit important context. As we’ve said, these selective leaks came from a lawsuit where Six4Three, the creators of an app known as Pikinis, hoped to force Facebook to share information on friends of the app’s users. These documents have been sealed by a Californian court so we’re not able to discuss them in detail.”
This story was updated with additional material on 25 February 2019