Facebook has responded to a New York Times story that raises concerns about the privacy of APIs integrated into company devices, saying that "it does not agree [s] with the problems they have raised about these API ".
Header "Facebook gave device creators in-depth access to data about users and friends," the New York Times article criticizes the privacy protections of APIs built into devices, which were launched by Facebook a decade ago. . Before the application stores became common, the APIs allowed Facebook to establish alliances to share data with at least 60 device manufacturers, including Apple, Amazon, BlackBerry, Microsoft and Samsung, which allowed them to offer Facebook functions, such as messages , address books and As button, to its users.
But they may have given access to more data than is supposed, says the article. New York Times reporters Gabriel JX Dance, Nicholas Confessore and Michael LaForgia write that "the associations, whose scope has not been previously reported, raise concerns about the company's privacy protections," as well as their compliance with a consent decree signed with the Federation Trade Commission in 2011. The FTC is investigating Facebook's privacy practices in the light of the Cambridge Analytics data misuse scandal.
"Facebook allowed device companies to access user friends' data without their explicit consent, even after declaring it they would no longer share that information with outsiders," says the New York Times story. "Some device manufacturers could retrieve personal information even from friends of users who believed they had forbidden to share information," the New York Times said.
Facebook said in April that it would begin to close access to its built-in device APIs, but the New York Times says many of those partnerships remain in effect.
Facebook is already under intense scrutiny by lawmakers and regulators, including the FTC, due to the revelation of Cambridge Analytica, which generated serious concerns about public APIs used by third parties -party developers and data exchange policies of the company.
"In the furor that followed, Facebook leaders said that the type of access exploited by Cambridge in 2014 was cut off the following year, when Facebook banned developers from gathering information from friends of users," says the New York Times. "But company officials did not disclose that Facebook had exempted manufacturers of cell phones, tablets and other hardware from such restrictions."
Facebook told the New York Times that the exchange of data via APIs integrated into devices was in line with its privacy policies and the FTC's 2011 Agreement. The company also told the newspapers that it knew of no case in which a partner had used incorrect data. Facebook acknowledged that some partners stored user data, including their Facebook friends' data, on their own servers, but said those practices were in strict accordance.
In a blog post on Facebook, vice president of product associations Ime Archibong reiterates the company's stance that the APIs integrated into the device were tightly controlled.
"The partners could not integrate the user's Facebook functions with their devices without the user's permission, and our collaboration and engineering teams approved the Facebook experiences that these companies built," he continued. "Contrary to what the New York Times says, friends' information, such as photos, could only be accessed on devices when people decide to share their information with those friends, and we do not know of any abuse by these companies." .
But the New York Times report states that Facebook partners were able to retrieve user data on the status of the relationship, religion, political inclinations and upcoming events, and they were also able to obtain information about Facebook friends from its users, even if they did not have permission.
"The Times tests showed that partners requested and received data in the same way as other third parties," he says. "Facebook's view that device makers are no strangers allows partners to go further," The Times discovered: they can obtain data about a user's Facebook friends, even those who have denied Facebook permission to share information with third parties. "