Stop if you’ve heard this before: Facebook gave user data to external developers, even after specifically telling users they wouldn’t.
In a blog post on Wednesday, Facebook announced that (oops!) Thousands of developers continued to receive updates of users’ non-public information beyond the point they should have received it. Specifically, Facebook said that, for an unspecified number of users, it was unable to cut the data spigot, as it promised it would return in 2018, 90 days after a person last used an app.
We contacted Facebook in an attempt to determine how many users incorrectly submitted their data to third-party applications, but did not receive an immediate response.
However, the Facebook blog post does provide some information, albeit limited, about the privacy mishap. The company writes that the information for the user in question possibly involved email addresses, birthdays, language and gender, and was sent to around 5,000 applications beyond the 90-day threshold.
“[Recently]We found that in some cases applications continued to receive data that people had previously authorized, even if it appeared that they had not used the application in the past 90 days, “Konstantinos Papamiltiadis, vice president of Facebook platform associations, writes in the post. from blog: “For example, this could happen if someone were to use a fitness app to invite their friends from their hometown for a workout, but we did not recognize that some of their friends had been inactive for many months.”
We also asked Facebook how “recently” it discovered the error, but received no immediate response.
In particular, this is not the first time that external developers have inadequate access to the data of Facebook users. In late 2019, Papamiltiadis wrote another blog post featuring the surprisingly familiar situation.
“[We] We recently discovered that some apps withheld group member information, such as names and profile pictures related to group activity, from the Groups API for longer than we intended, “Papamiltiadis wrote in that moment.” We know that at least 11 members have accessed the group member information in the last 60 days. “
Oh yes, and in 2018 Papamiltiadis was forced to uncomfortably explain why certain third-party companies received worrying amounts of access to the data of Facebook users. He assured everyone then, as he assured everyone today, that the company was working on it.
SEE ALSO: Here are the (many) companies that pull their Facebook ads
“We have taken several steps this year to limit developer access to people’s Facebook information, and as part of that ongoing effort, we are reviewing all of our APIs and the partners that can access them.” wrote
Sigh. No wonder this all sounded so familiar.
.
