Facebook's worst privacy scandals and data disasters

10 of 12
  • An abuse of power?

    An abuse of power?

    It seems like every few weeks Facebook comes under fire for yet another privacy or data-related scandal. As one of the world's most popular social networks, the company is held to a high standard by regulators worldwide and is expected to maintain adequate privacy protections and to not abuse the power it holds.

    Whether or not Facebook does, however, is up to both regulators and users to decide. 

    Caption by: Charlie Osborne

  • Cambridge Analytica

    Cambridge Analytica

    Perhaps the most well-known example of a failure in Facebook's privacy and data management is the 2018 Cambridge Analytica scandal.

    Facebook permitted the "unfair" sharing of user data with developers without "clear and informed consent," regulators say. Up to 87 million users in the UK, US, and beyond are believed to have been affected. 

    User data, including names, liked content, and locations, may have been used to sway voters in the leadup to the US presidential elections. Russian interference is suspected.

    The abuse came from a personality profiling app which not only harvested information belonging to users but also their contacts.

    The social network was fined by the UK's Information Commissioner's Office (ICO) and Facebook CEO Mark Zuckerberg was hauled in front of US Congress to explain the firm's actions. 

    See also: Facebook must pay UK's ICO £500,000 over Cambridge Analytica scandalFacebook appeals £500,000 penalty over Cambridge Analytica scandalTrump-linked data firm Cambridge Analytica harvested data on 50 million Facebook profiles to help target voters | Data breach exposes Cambridge Analytica's data mining tools

    Caption by: Charlie Osborne

  • UK regulators respond to Zuckerberg's dismissal

    UK regulators respond to Zuckerberg's dismissal

    Following the public disclosure of the privacy issue, the UK also demanded Zuckerberg's presence in front of parliament. This request was continually ignored.

    When an executive from another company with access to confidential documents and internal communications related to the scandal visited London, the UK exercised parliamentary powers to force him to hand them over. The same documents were kept under seal in the US but the UK held the right to publish them at whim. 

    Read on: UK gov't seizes documents Facebook wanted to keep private in Cambridge Analytica battle

    Caption by: Charlie Osborne

  • Midterm meddling

    Midterm meddling

    In July 2018, Facebook revealed that threat actors were once again abusing the platform for political purposes; in particular, the US midterm elections.

    Read on: Facebook reveals new covert efforts to sway 2018 midterm elections

    Caption by: Charlie Osborne

  • A network breach

    A network breach

    Facebook's 2018 became worse in September when the company admitted to the existence of a network breach that affected almost 30 million user accounts. Facebook said attackers were able to exploit a vulnerability in the platform to steal access tokens. 

    In some cases, data including names, contact details, current city, dates of birth, relationship status, education, and work information was stolen.

    See also: Facebook discloses network breach affecting 50 million user accounts | Facebook downgrades breach count from 50 million to 30 million users

    Caption by: Charlie Osborne

  • Shady behavior?

    Shady behavior?

    In November 2018, the news broke that Facebook had hired Definers, a PR firm specializing in opposition research.

    Reports suggested that the company was tasked with gathering intelligence on public figures critical of the company, such as George Soros, who has deemed the social network a "menace to society."

    Facebook and Definers denied any wrongdoing.

    Caption by: Charlie Osborne

  • Photos for all

    Photos for all

    A bug in Facebook was revealed in December which may have exposed the private photos of up to 6.8 million users. It is believed that roughly 1,500 apps built by 876 developers could have accessed such content. 

    The vulnerability was present in backend code between September 13 to September 25, 2018. 

    Read on: Facebook bug exposed private photos of 6.8 million users

    Caption by: Charlie Osborne

  • Share and share alike

    Share and share alike

    In December, Facebook was forced to defend its data-sharing practices in relation to what is shared with other companies, including "special arrangements" with firms including Microsoft, Netflix, and Spotify.

    While Facebook said the deals -- agreed upon as far back as 2010 and potentially involving as many as 150 companies -- were made for the benefit of user experience, the APIs for these features were left in place long after sharing programs were shut down. Facebook said that the issue was being investigated. 

    See also: Facebook defends giving tech giants access to extensive user data

    Caption by: Charlie Osborne

  • Seized documents reveal all

    Seized documents reveal all

    The cache of documents seized by UK officials earlier in the year resurfaced in December -- which was certainly a busy month in Facebook's PR department -- and emails revealed that Facebook executives had discussed selling user data to major spenders.

    It was also revealed that Facebook had been recording call and text logs from Android phones in 2015, and user data scraped by free VPN provider Onavo, acquired by Facebook in 2014, had been used to determine future business deals. 

    Caption by: Charlie Osborne

  • The data begins to merge

    The data begins to merge

    January has not been quiet for Facebook, either.

    After announcing plans to merge WhatsApp, Instagram, and Facebook Messenger, EU regulators raised questions over whether or not the company would be capable of complying with the EU's GDPR regulations.

    Caption by: Charlie Osborne

  • The 10 year challenge

    The 10 year challenge

    Given Facebook's track record of data-slurping practices, when the "10- year challenge" meme began making the rounds, questions were asked concerning the true nature of the trend. 

    Users were asked to post images of themselves ten years' apart and critics suggested that this was a way for the social network to train its image recognition algorithms.

    It was suggested that perhaps Facebook was the creator of the challenge in the first place, which also spread across Twitter and Instagram. Facebook has denied these claims.

    Caption by: Charlie Osborne

  • $20 for all of your mobile data

    $20 for all of your mobile data

    To wrap up the month with a bang, a marketing research project conducted by Facebook which offered users between the ages of 13 and 35 money in return for downloading an app granted unfettered access to their data was revealed. 

    Offered to iOS and Android users, the app was downloaded outside of the official Apple and Google stores. Apple concluded that the iOS version of the app abused developer rules and revoked Facebook's enterprise developer program certificate. 

    Access was restored by Apple a day later, which also punished Google in the same way for overstepping app privacy boundaries.

    Read on: Facebook slammed over covert app that pays teenagers for dataApple pulls the plug on Facebook's internal iOS apps

    Caption by: Charlie Osborne

10 of 12

The data begins to merge

January has not been quiet for Facebook, either.

After announcing plans to merge WhatsApp, Instagram, and Facebook Messenger, EU regulators raised questions over whether or not the company would be capable of complying with the EU's GDPR regulations.

Caption by: Charlie Osborne

10 of 12

Related Topics:

Security TV Data Management CXO Data Centers

Related Galleries

    • 1 of 3