Facebook discloses that it shared user data with dozens of other tech firms

2 Jul 2018

Facebook login page. Image: Tomislav Pinter/Shutterstock

Facebook has admitted to continuing to share information with hardware and software firms after it said it discontinued the practice in May 2015.

Lawmakers at US Congress last week received a 747-page document from Facebook containing answers to some of the numerous questions posed to CEO Mark Zuckerberg earlier this year.

Subjects addressed ranged from how the company enforces its terms of service and its audit process, to the thorny issue of data sharing with third parties, stemming from the Cambridge Analytica scandal from earlier in the year.

Numerous integration partnerships

Facebook stated that it has shared user data with 52 firms, including Chinese companies such as Alibaba, Huawei, Lenovo and Oppo. 38 of these integration partnerships have come to an end, with seven more due to expire in July 2018 and one in October.

“We engaged companies to build integrations for a variety of devices, operating systems and other products where we and our partners wanted to offer people a way to receive Facebook or Facebook experiences,” the company said. “These integrations were built by our partners for our users, but approved by Facebook.”

Three are set to continue – Amazon has a deal, Apple has an agreement extending beyond October and accessibility app Tobii requires the partnership to work on a product to make Facebook accessible to those with motor neurone disease.

Mozilla, Alibaba and Opera also have continuing integration partnerships to enable Facebook notifications in browsers, but data sharing is not included in these agreements.

Data-sharing exceptions

According to the document, Facebook also continued sharing data with 61 third-party developers after it said the practice had been discontinued in May 2015. The social media firm said the “small set of companies” was given a one-time extension of less than six months beyond the May deadline.

The special exception came as a result of the April 2014 decision to more tightly restrict Facebook’s platform APIs to prevent them being abused. The companies that were granted the extension were given extra time to come into compliance with the changes made to Facebook’s new review restrictions and migrate to the new, more restrictive API. Data shared included friends’ names, genders and dates of birth.

Companies that benefited from this particular extension included dating app Hinge, Hootsuite, Spotify and Snap, among others. The Facebook documents also stated that the company had found that five other companies “theoretically could have accessed limited friends’ data”.

Once a new app had been launched after 30 April 2014, developers would have been required to use the new, stricter APIs.

The New York Times had previously reported that Facebook shared data with at least 60 device makers, mostly smartphone manufacturers.

Facebook said that the data was provided to boost the platforms’ interoperability on different devices. “People went online using a wide variety of text-only phones, feature phones and early smartphones with varying capabilities. In that environment, the demand for internet services like Facebook, Twitter and YouTube outpaced our industry’s ability to build versions of our services that worked on every phone and operating system.”

While the document presented to Congress does answer some of the questions put to Zuckerberg by US officials, there are still some questions left without answers. According to the The Washington Post, it didn’t explain why apps such as This Is Your Digital Life – used in the Cambridge Analytica data collection strategy – had not been audited, among other queries.

Facebook login page. Image: Tomislav Pinter/Shutterstock

Ellen Tannam was a journalist with Silicon Republic, covering all manner of business and tech subjects