Facebook has once again come under scrutiny for the way it has handled users' data, but this time the company is defending its actions.
Just months after the Cambridge Analytica scandal brought light to what third-party apps did with users' data, the New York Times published an investigation claiming that Facebook has shared users' personal information, including friends' information, with device makers like Apple and Samsung.
What is this controversy about?
The Times investigation, published on Sunday, explores whether Facebook should be able to consider the information it shares with device manufacturers as part of the Facebook mobile experience, or whether these partnerships should be put under the same scrutiny as third-party applications.
What are APIs and what do they have to do with this controversyl?
APIs, short for application programming interfaces, are a set of tools that software developers use to allow programs to communicate with each other. Before the time of app stores, Facebook worked directly with the operating system and device manufacturers, using APIs to make Facebook compatible with devices. APIs made it possible to do things like sharing photos from your phone onto your Facebook account, but it also allowed devices to access to information from Facebook, the Times reports.
What does the New York Times report say?
The paper said it conducted tests to determine what information devices could access from Facebook, and they concluded that information included "relationship status, religion, political leaning and upcoming events, among other data." This also included the data of users' friends who had elected not to share information with third parties.
"It's like having door locks installed, only to find out that the locksmith also gave keys to all of his friends so they can come in and rifle through your stuff without having to ask you for permission," Ashkan Soltani, a former F.T.C.'s chief technologist, told the Times.
The Times also spoke to the person who was formerly responsible for Facebook's third-party advertising and privacy compliance, Sandy Parakilas, who said that this privacy issue was brought up internally years ago.
"It is shocking that this practice may still continue six years later, and it appears to contradict Facebook's testimony to Congress that all friend permissions were disabled," he said.
How did Facebook respond?
Facebook VP of Product Partnerships Ime Archibong, who was quoted in the Times article, wrote in a press release that Facebook disagrees with the article, saying that APIs were tightly controlled and used for a good reason.
"All these partnerships were built on a common interest - the desire for people to be able to use Facebook whatever their device or operating system. This was something I experienced firsthand as a Blackberry user who relied on Facebook and Messenger to stay in touch with family and friends back in Nigeria," he wrote.
Furthermore, he said that the data accessed by partners using APIs was not used for anything other than recreating the Facebook experience.
"Contrary to claims by the New York Times, friends' information, like photos, was only accessible on devices when people made a decision to share their information with those friends. We are not aware of any abuse by these companies," he wrote.
What is being done about it?
Apple told the Times that its phones no longer had access to this information as of September 2017. Facebook said it has been working since April to wind down these API partnerships and has ended 22 of the partnerships so far.
Here's everything you need to know about Facebook's latest privacy controversy