The New York Times has published the result of an investigation which, it claims, reveals that Facebook provided fellow technology companies including Amazon, Microsoft, and Spotify intrusive access to its users' personal data - including the ability to read private messages.
Fresh from the publication of internal and, the company claims, out-of-context communications by Damian Collins MP as part of a Parliamentary investigation into the Cambridge Analytica scandal, Facebook is the target of additional ire following a report in the New York Times which claims the company gave intrusive access to its users' personal data to big-name technology companies - a claim which, if proven, effectively means founder and chief executive Mark Zuckerberg lied during his testimony to US Congress on the matter.
In its report, the paper details 'special arrangements' discovered in internal documentation obtained by its reporters and used to track company partnerships throughout 2017. These arrangements, it is claimed, gave partner companies considerable access to user data, with the paper claiming specifically that: Microsoft's Bing search division was given access to the names of all Facebook users' friends without their consent; Amazon was allowed to obtain both friends' names and contact information; Yahoo was able to view friends' post streams; and - most egregiously - media streaming giants Netflix and Spotify were allowed to read users' private messages.
Facebook, for its part, claims that any and all data sharing between it and partner companies was legitimate and with full user consent. 'Today, we’re facing questions about whether Facebook gave large tech companies access to people’s information and, if so, why we did this,' the company's rebuttal, written by director of developer platforms and programmes Konstantinos Papamiltiadis, begins. 'To put it simply, this work was about helping people do two things.
'First, people could access their Facebook accounts or specific Facebook features on devices and platforms built by other companies like Apple, Amazon, Blackberry and Yahoo. These are known as integration partners. Second, people could have more social experiences – like seeing recommendations from their Facebook friends – on other popular apps and websites, like Netflix, The New York Times, Pandora and Spotify. To be clear: none of these partnerships or features gave companies access to information without people’s permission, nor did they violate our 2012 settlement with the FTC.
'Our integration partners had to get authorisation from people. You would have had to sign in with your Facebook account to use the integration offered by Apple, Amazon or another integration partner. Did partners get access to messages? Yes. But people had to explicitly sign in to Facebook first to use a partner's messaging feature. Take Spotify for example. After signing in to your Facebook account in Spotify's desktop app, you could then send and receive messages without ever leaving the app. Our API provided partners with access to the person's messages in order to power this type of feature.'
As well as confirming that partner companies did, indeed, receive access to users' messages, Papamiltiadis admitted that this access continued after the instant personalisation feature was closed: 'Instant personalisation only involved public information, and we have no evidence that data was used or misused after the program was shut down,' he claims. 'However, we shouldn't have left the APIs in place after we shut down instant personalisation.'
In its official response to the New York Times, Facebook has admitted that it needs to work to 'regain people's trust' following this and other reports on its use and abuse of user data.