Facebook Privacy Glitch Gave 5K Developers Access to ‘Expired’ Data

Facebook Privacy Glitch Gave 5K Developers Access to ‘Expired’ Data

Facebook has fixed a privacy issue that gave developers access to user data long after the 90-day "expiration" date. Threatpost has reached out to Facebook for further comment on the privacy flaw.

Facebook has fixed a privacy issue that gave developers access to user data long after the 90-day “expiration” date.

Facebook is facing yet another privacy faux pas in how its users’ data is collected and used by third-party apps. The social media giant said that it recently discovered that 5,000 developers received data from Facebook users — long after their access to that data should have expired.

In 2018, on the heels of the Cambridge Analytica privacy incident, Facebook debuted stricter controls over data collection by third-party app developers. As part of that, Facebook announced it would automatically expire an app’s ability to receive a user’s data if they hadn’t used the app in 90 days.

However, recently, “we discovered that in some instances apps continued to receive the data that people had previously authorized, even if it appeared they hadn’t used the app in the last 90 days,” said Konstantinos Papamiltiadis, vice president of Platform Partnerships with Facebook, in a Wednesday post.

For example, “this could happen if someone used a fitness app to invite their friends from their hometown to a workout, but we didn’t recognize that some of their friends had been inactive for many months,” he said.

Facebook estimates that 5,000 developers were able to continually receive information (such as language or gender) on “inactive” app users, in this manner. It has since fixed the issue.

The company said it hasn’t seen evidence that this issue resulted in sharing information that was inconsistent with the permissions people gave when they logged in using Facebook, however.

Facebook’s privacy troubles began in 2018 after its Cambridge Analytica privacy snafu. After that, the company said it suspended tens of thousands of apps as part of its ongoing investigation into how third-party apps on its platform collect, handle and utilize users’ personal data. And then in 2019, Facebook found that 100 third-party app developers improperly accessed the names and profile pictures of members in various Facebook groups.

“Facebook is a data-aggregation company first and foremost. Given this, it’s of no surprise that slip ups occasionally occur around the handling of the vast amount of raw and post-processed data they house,” Jonn Callahan, principal AppSec consultant at nVisium, told Threatpost. “This is especially true given their track record. It’s clear that proper handling of the collected data comes second to the monetization of the data.”

To bolster its privacy policies, earlier in June, Facebook said it had started to report its privacy practices to a newly formed, independent Privacy Committee. The creation of the independent committee was part of the company’s settlement a year ago with the Federal Trade Commission (FTC) over data-privacy violations, which came in addition to a $5 billion fine (which was derided as “chump change” by lawmakers and privacy analysts).

Facebook said on Wednesday it would attempt to further tighten its policies around third-party data collection by providing developers with clearer guidance around data usage and sharing.

“Today we’re also introducing new Platform Terms and Developer Policies to ensure businesses and developers clearly understand their responsibility to safeguard data and respect people’s privacy when using our platform,” Papamiltiadis said. “These new terms limit the information developers can share with third parties without explicit consent from people. They also strengthen data security req

facebook privacy data developer security social media third party app

Bootstrap 5 Complete Course with Examples

Bootstrap 5 Tutorial - Bootstrap 5 Crash Course for Beginners

Nest.JS Tutorial for Beginners

Hello Vue 3: A First Look at Vue 3 and the Composition API

Building a simple Applications with Vue 3

Deno Crash Course: Explore Deno and Create a full REST API with Deno

How to Build a Real-time Chat App with Deno and WebSockets

Convert HTML to Markdown Online

HTML entity encoder decoder Online

Top 5 Social Media App Development Strategies 2020 - Mobiweb

Work on latest social media app development strategies and design a best social networking mobile app in 2020. To design Social app connect with Mobiweb.

How long does it take to develop/build an app?

This article covers A-Z about the mobile and web app development process and answers your question on how long does it take to develop/build an app.

How to Build a Social Media App in 7 Steps?

Today, the world became all about networking and connectivity and the most convenient way to do this is through social media networking. Digital platforms now have great importance in our life and it changed the way the world interacts. Social media is a computer-mediated technology that helps in creating and sharing ideas, information, career interests, and others through a virtual community and network. Social media app development can be fun and challenging and you can be assured of a successful social media…

Social Media App Development

Social Media App Development Company- Get quality social media, networking app design and development services from experts. Hire developers and create your own social network app.

Top 5 Social Network App Development Companies

In this article we are sharing a curated list of Top 5 Social Network App Development Companies which have extensive and years of experience in developing custom social network solutions.