Facebook is once again facing public opinion as it admitted that it granted special access to users’ data to 61 technology companies. A 747-page document has been handed over to the US House of Represantives’ Energy and Commerce Committee on Friday where the social giant has “confessed”.
The access to these companies was in the form of a one-time extension so that they could update their apps in order to comply with a Terms of Service change which was applied a few years ago, in May 2015.
61 Tech Companies Granted Access to Facebook User Data
Here is the full list of the companies:
1. ABCSocial, ABC Television Network
4. Anschutz Entertainment Group
6. Arktan / Janrain
9. Cerulean Studios
10. Coffee Meets Bagel
13. Double Down Interactive
15. Flowics, Zauber Labs
17. Global Relay Communications
18. Hearsay Systems
20. HiQ International AB
22. Krush Technologies
23. LiveFyre / Adobe Systems
26. Monterosa Productions Limited
27. never.no AS
30. NISSAN MOTOR CO / Airbiquity Inc.
34. Postano, TigerLogic Corporation
36. RealNetworks, Inc.
37. RegED / Stoneriver RegED
41. SeaChange International
42. Serotek Corp.
43. Shape Services
46. Social SafeGuard
47. Socialeyes LLC
49. Socialware / Proofpoint
53. Sprinklr / Sprinklr Japan
54. Storyful Limited / News Corp
57. Tradable Bits, TradableBits Media Inc.
60. Vizrt Group AS
According to this document, the listed companies got a six-month extension from May 25 onward. In that period, Facebook restricted its API so applications didn’t have access to too much data on users, including data of the users’ friends. There have been cases of apps using the Facebook API to harvest Facebook users’ data on a massive scale, and a change had to be applied.
In May 2015, the social giant found out that apps were exploiting a loophole in the permission system to lure a user into granting permissions to the personal data of his friends. This is when Facebook decided to restrict the API to prevent indirect data harvesting in the described shady manner.
Here is where these 61 specific companies come into play. The companies developed and ran some apps which became popular among users, and so they received an exemption to the API change. During that period the companies may have abused Facebook API to harvest data on users and their friends.
Such data that may have been collected this way includes name, gender, birth date, location, photos and page likes – an abundance of personal information.
Whether the 61 companies have abused this extension period to harvest data – it is unclear as Facebook hasn’t confirmed nor denied it.
In addition to the list of these 61 companies Facebook has included 5 other companies that theoretically may have harvested users’ friends’ data white testing beta versions of their apps:
1. Activision / Bizarre Creations
3. Golden Union Co.
4. IQ Zone / PicDial
Facebook said that they’re not aware that any of these companies used this access, and that they have now revoked any technical capability they may have had to access any friends’ data.
It appears that Facebook is doing its best to narrow down the chances of other privacy scandals. To eliminate the possibility of future data harvesting, the company discontinued 38 other partnerships where it authorized companies to build versions of Facebook or features of Facebook for custom devices and products.
Popular Apps Harvesting Personal Data from Facebook Users
In May 2018 it became evident that yet another Facebook app, called myPersonality app was gathering personal details from millions of users, and selling it to interested parties. It also became evident that the data from millions of Facebook users who used myPersonality app, including their answers to intimate questionnaires, was left exposed online for anyone to access, as was revealed by a researchers’ report.
On top of that, last week another quiz app was found to have obtained access to the details of more than 120 million Facebook users. As explained by Inti De Ceukelaire, the researcher who found the app:
Nametests.com, the website behind the quizzes, recently fixed a flaw that publicly exposed information of their more than 120 million monthly users — even after they deleted the app.
On July 2nd, 2018 Facebook announced several Facebook API changes some of which concern developers as several APIs have been or are about to be deprecated, such as the Graph API Explorer App, Profile Expression Kit, Trending API, the Signal tool, Trending Topics, Hashtag Voting, Topic Search, Topic Insights, Topic Feed, and Public Figure. You can read more about this in our article.