Leaked internal emails show Facebook’s panic over near-miss privacy breach

25 Feb 2019

The Facebook taskbar. Image: grinvalds/Depositphotos

60 pages of internal Facebook emails have revealed how the company narrowly missed a privacy breach that could have been ‘near fatal’ for third-party apps.

Last year the UK government invoked a rare parliamentary mechanism to force the founder of US software company Six4Three, Ted Kramer, into handing over communications obtained during a legal battle with Facebook regarding an app the developer had invested $250,000 in.

Now, according to The Guardian, 60 pages of internal communications between Facebook’s most senior executives have appeared on hosting service GitHub. Posted anonymously, the documents include a “highly confidential” memo dating back to 2012 when a near-miss privacy breach could have had serious ramifications for Facebook.

While the complete authenticity of the unredacted emails has not been confirmed, they do appear to align with previously released emails that were redacted.

‘I’m super, super serious here’

The documents revealed a close call whereby a third-party app developer could have revealed Facebook’s financial results way ahead of schedule, leading Facebook’s former director of product management, Avichal Garg, to note: “Wow that would have been a disaster.”

In response, Facebook’s former vice-president, Michael Vernal, confirmed the seriousness of the situation, saying that if it “had accidentally disclosed earnings ahead of time because a platform app violated his privacy … literally, that would have basically been fatal for Login/Open Graph/etc”.

Unsurprisingly, Vernal was quick to ensure news of this event would never make it out, saying: “Listen guys/gals – DO NOT REPEAT THIS STORY OFF OF THIS THREAD.

“I’m super, super serious here. I want us to follow up on this and respond urgently here, but I also do not want this story spreading inside of Facebook or off of this thread at all. I can’t tell you how terrible this would have been for all of us had this not been caught quickly.”

‘One side of a story’

Other emails posted on GitHub revealed Facebook’s plans for data collection on Android devices and how various executives attempted to attract leading global politicians to use the social network.

In response, Facebook issued a statement that did not deny the emails’ authenticity, but said they lacked vital context.

“Like the other documents that were cherrypicked and released in violation of a court order last year, these by design tell one side of a story and omit important context,”a spokesperson for the company said.

“As we’ve said, these selective leaks came from a lawsuit where Six4Three, the creators of an app known as Pikinis, hoped to force Facebook to share information on friends of the app’s users. These documents have been sealed by a Californian court so we’re not able to discuss them in detail.”

The leaked emails come a week after the UK parliament’s select committee on digital, culture, media and sport published a damning conclusion on Facebook’s business practices, accusing the company of behaving as “digital gangsters”.

The Facebook taskbar. Image: grinvalds/Depositphotos

Colm Gorey was a senior journalist with Silicon Republic