- Facebook provided major companies, including Amazon, Microsoft, Spotify and Netflix, special access to users' personal data, often in ways that appeared to run up against its own privacy policies, according to a New York Times report published Tuesday. The report, drawn from a trove of internal documents and interviews with more than 50 former Facebook employees and corporate partners, sheds light on practices more egregious than those previously revealed.
Speaking to the Times, Steve Satterfield, director of privacy and public policy at Facebook, said that all of these deals demanded partners adhere to Facebook guidelines and that none violated user privacy or a consent decree the social network struck with the FTC in 2011. Facebook did, however, admit that it had mismanaged some partnerships and let data continue to flow to certain partners after the features that required said data had wound down. Amazon, Microsoft, Yahoo and other Facebook partners told the Times they applied the user data they obtained appropriately, but did not share further details.
Facebook has become the obvious big red target when it comes to calling out non-transparent applications of online user data. But the latest Times report emphasizes the complicity of other major companies, including Microsoft, Netflix, Amazon and Spotify, in supporting an overall exploitative system, where care for the privacy of personal data is sacrificed to bolster revenue growth, product development and other services. Still, the potential offenses done by Facebook here are particularly damning, and could spur more concrete regulatory action against a platform that, to date, been largely free from that type of oversight.
The amount of data Facebook willingly shared with Amazon and Microsoft, for example, far outweighs the level of user information exploited by Cambridge Analytica, the data consulting firm whose abusive practices set off the current chain of Facebook crises this year. In the case of prior Facebook transparency scandals, around Russian election meddling or Cambridge Analytica, the social network has been quick to pin responsibility on bad actors finding gaps to exploit in its service. The revelations in the Times report Tuesday, like opening access to private messages, are less defensible and leave Facebook with few to blame.
The real question is how these explosive findings will affect the FTC's current investigation into whether Facebook violated its 2011 user consent decree. Privacy experts, including former FTC employees who worked on the case that resulted in the creation of the consent decree, suggested to the Times that the social network did overstep its bounds. If a violation of the decree is proven, Facebook could be hit with penalties of up to $40,000 per user per day, which, given the platform's enormous audience of 2.2 billion, could ostensibly add up to billions or even trillions of dollars, according to an analysis in CNET.
The FTC investigation, which launched in the spring, is just one of many clouds hanging over Facebook's head. Earlier this month, 250 pages of internal Facebook documents were made public as part of a U.K. parliamentary investigation into the company's data-sharing practices. The documents showed that top Facebook executives, including Co-founder and CEO Mark Zuckerberg, allowed preferential treatment when sharing user data with some third-party apps, such as Netflix, Airbnb and Lyft, while hampering others, like rival Twitter's video-looping app Vine. Following the release of the documents, Facebook defended what it called "whitelisting," calling the practice common in the industry and when testing out new features.