Facebook is once again facing public opinion as it admitted that it granted special access to users’ data to 61 technology companies. A 747-page document has been handed over to the US House of Represantives’ Energy and Commerce Committee on Friday where the social giant has “confessed”.
The access to these companies was in the form of a one-time extension so that they could update their apps in order to comply with a Terms of Service change which was applied a few years ago, in May 2015.
61 Tech Companies Granted Access to Facebook User Data
Here is the full list of the companies:
1. ABCSocial, ABC Television Network
2. Actiance
3. Adium
4. Anschutz Entertainment Group
5. AOL
6. Arktan / Janrain
7. Audi
8. biNu
9. Cerulean Studios
10. Coffee Meets Bagel
11. DataSift
12. Dingtone
13. Double Down Interactive
14. Endomondo
15. Flowics, Zauber Labs
16. Garena
17. Global Relay Communications
18. Hearsay Systems
19. Hinge
20. HiQ International AB
21. Hootsuite
22. Krush Technologies
23. LiveFyre / Adobe Systems
24. Mail.ru
25. MiggoChat
26. Monterosa Productions Limited
27. never.no AS
28. NIKE
29. Nimbuzz
30. NISSAN MOTOR CO / Airbiquity Inc.
31. Oracle
32. Panasonic
33. Playtika
34. Postano, TigerLogic Corporation
35. Raidcall
36. RealNetworks, Inc.
37. RegED / Stoneriver RegED
38. Reliance/Saavn
39. Rovi
40. Salesforce/Radian6
41. SeaChange International
42. Serotek Corp.
43. Shape Services
44. Smarsh
45. Snap
46. Social SafeGuard
47. Socialeyes LLC
48. SocialNewsdesk
49. Socialware / Proofpoint
50. SoundayMusic
51. Spotify
52. Spredfast
53. Sprinklr / Sprinklr Japan
54. Storyful Limited / News Corp
55. Tagboard
56. Telescope
57. Tradable Bits, TradableBits Media Inc.
58. UPS
59. Vidpresso
60. Vizrt Group AS
61. Wayin
According to this document, the listed companies got a six-month extension from May 25 onward. In that period, Facebook restricted its API so applications didn’t have access to too much data on users, including data of the users’ friends. There have been cases of apps using the Facebook API to harvest Facebook users’ data on a massive scale, and a change had to be applied.
In May 2015, the social giant found out that apps were exploiting a loophole in the permission system to lure a user into granting permissions to the personal data of his friends. This is when Facebook decided to restrict the API to prevent indirect data harvesting in the described shady manner.
Here is where these 61 specific companies come into play. The companies developed and ran some apps which became popular among users, and so they received an exemption to the API change. During that period the companies may have abused Facebook API to harvest data on users and their friends.
Such data that may have been collected this way includes name, gender, birth date, location, photos and page likes – an abundance of personal information.
Whether the 61 companies have abused this extension period to harvest data – it is unclear as Facebook hasn’t confirmed nor denied it.
In addition to the list of these 61 companies Facebook has included 5 other companies that theoretically may have harvested users’ friends’ data white testing beta versions of their apps:
1. Activision / Bizarre Creations
2. Fun2Shoot
3. Golden Union Co.
4. IQ Zone / PicDial
5. PeekSocial
Facebook said that they’re not aware that any of these companies used this access, and that they have now revoked any technical capability they may have had to access any friends’ data.
It appears that Facebook is doing its best to narrow down the chances of other privacy scandals. To eliminate the possibility of future data harvesting, the company discontinued 38 other partnerships where it authorized companies to build versions of Facebook or features of Facebook for custom devices and products.
Popular Apps Harvesting Personal Data from Facebook Users
In May 2018 it became evident that yet another Facebook app, called myPersonality app was gathering personal details from millions of users, and selling it to interested parties. It also became evident that the data from millions of Facebook users who used myPersonality app, including their answers to intimate questionnaires, was left exposed online for anyone to access, as was revealed by a researchers’ report.
On top of that, last week another quiz app was found to have obtained access to the details of more than 120 million Facebook users. As explained by Inti De Ceukelaire, the researcher who found the app:
Nametests.com, the website behind the quizzes, recently fixed a flaw that publicly exposed information of their more than 120 million monthly users — even after they deleted the app.
On July 2nd, 2018 Facebook announced several Facebook API changes some of which concern developers as several APIs have been or are about to be deprecated, such as the Graph API Explorer App, Profile Expression Kit, Trending API, the Signal tool, Trending Topics, Hashtag Voting, Topic Search, Topic Insights, Topic Feed, and Public Figure. You can read more about this in our article.