Facebook addresses controversy over third-party access to private messages
Facebook has been the source of much privacy-related controversy over the years, particularly over the last year or so. The past few days have been no different, with the social networking giant facing questions over the level of access it granted partners to private user data.
Of particular concern to users is the suggestion that Facebook gave the likes of Spotify and Netflix access to users' private messages. Having already gone on the defensive about some of the allegations leveled at it, Facebook is now trying to defend itself about the messaging allegations -- or, as the company puts it "we wanted to provide more facts about our messaging partnerships".
- Facebook gave dozens of companies access to user data such as friends lists and private messages
- Facebook Messenger update adds Boomerang looping videos, new Selfie mode and AR stickers
- Facebook API bug may have exposed 6.8 million users' private photos
Facebook says that it has "been accused of disclosing people’s private messages to partners without their knowledge". It's simple response to this allegation is: " That’s not true".
In a defensive blog post entitled "Facts About Facebook's Messaging Partnerships", Ime Archibong, vice president of Product Partnerships, says:
We worked closely with four partners to integrate messaging capabilities into their products so people could message their Facebook friends -- but only if they chose to use Facebook Login. These experiences are common in our industry-- think of being able to have Alexa read your email aloud or to read your email on Apple's Mail app.
People could message their friends about what they were listening to on Spotify or watching on Netflix, share folders on Dropbox, or get receipts from money transfers through the Royal Bank of Canada app. These experiences were publicly discussed. And they were clear to users and only available when people logged into these services with Facebook. However, they were experimental and have now been shut down for nearly three years.
He goes on to explain the reasons for giving various companies and apps access to people's messages, particular the ability to read, write and delete messages. In order to allow people to send messages from an app to a Facebook friend, he says, permission had to be granted to access messages:
In order for you to write a message to a Facebook friend from within Spotify, for instance, we needed to give Spotify "write access". For you to be able to read messages back, we needed Spotify to have "read access". "Delete access" meant that if you deleted a message from within Spotify, it would also delete from Facebook. No third party was reading your private messages, or writing messages to your friends without your permission. Many news stories imply we were shipping over private messages to partners, which is not correct.
Archibong concludes by saying that the partnerships that have been in the spotlight in recent days "were agreed via extensive negotiations and documentation, detailing how the third party would use the API, and what data they could and couldn't access".
Facebook may well be looking to draw a line under this issue, and will almost certainly be hoping that its recent statements are enough to calm concerns. But this is unlikely to be the case, and the suspicion with which Facebook is increasingly faced shows that it has an uphill struggle on its hands to regain lost user trust.