/>
X

Facebook's worst privacy scandals and data disasters

Time and time again, Facebook has been slammed for privacy practices and data handling. Here are some of the most prominent, recent scandals of note.
charlie-osborne.jpg
screenshot-2019-01-31-at-17-25-36.png
1 of 12 Charlie Osborne/ZDNet

An abuse of power?

It seems like every few weeks Facebook comes under fire for yet another privacy or data-related scandal. As one of the world's most popular social networks, the company is held to a high standard by regulators worldwide and is expected to maintain adequate privacy protections and to not abuse the power it holds.

Whether or not Facebook does, however, is up to both regulators and users to decide. 

screenshot-2019-01-31-at-16-54-16.png
2 of 12 Charlie Osborne/ZDNet

Cambridge Analytica

Perhaps the most well-known example of a failure in Facebook's privacy and data management is the 2018 Cambridge Analytica scandal.

Facebook permitted the "unfair" sharing of user data with developers without "clear and informed consent," regulators say. Up to 87 million users in the UK, US, and beyond are believed to have been affected. 

User data, including names, liked content, and locations, may have been used to sway voters in the leadup to the US presidential elections. Russian interference is suspected.

The abuse came from a personality profiling app which not only harvested information belonging to users but also their contacts.

The social network was fined by the UK's Information Commissioner's Office (ICO) and Facebook CEO Mark Zuckerberg was hauled in front of US Congress to explain the firm's actions. 

See also: Facebook must pay UK's ICO £500,000 over Cambridge Analytica scandalFacebook appeals £500,000 penalty over Cambridge Analytica scandalTrump-linked data firm Cambridge Analytica harvested data on 50 million Facebook profiles to help target voters | Data breach exposes Cambridge Analytica's data mining tools

screenshot-2019-01-31-at-16-59-56.png
3 of 12 Charlie Osborne/ZDNet

UK regulators respond to Zuckerberg's dismissal

Following the public disclosure of the privacy issue, the UK also demanded Zuckerberg's presence in front of parliament. This request was continually ignored.

When an executive from another company with access to confidential documents and internal communications related to the scandal visited London, the UK exercised parliamentary powers to force him to hand them over. The same documents were kept under seal in the US but the UK held the right to publish them at whim. 

Read on: UK gov't seizes documents Facebook wanted to keep private in Cambridge Analytica battle

screenshot-2019-01-31-at-17-01-11.png
4 of 12 Charlie Osborne/ZDNet

Midterm meddling

In July 2018, Facebook revealed that threat actors were once again abusing the platform for political purposes; in particular, the US midterm elections.

Read on: Facebook reveals new covert efforts to sway 2018 midterm elections

screenshot-2019-01-31-at-17-00-36.png
5 of 12 Charlie Osborne/ZDNet

A network breach

Facebook's 2018 became worse in September when the company admitted to the existence of a network breach that affected almost 30 million user accounts. Facebook said attackers were able to exploit a vulnerability in the platform to steal access tokens. 

In some cases, data including names, contact details, current city, dates of birth, relationship status, education, and work information was stolen.

See also: Facebook discloses network breach affecting 50 million user accounts | Facebook downgrades breach count from 50 million to 30 million users

screenshot-2019-01-31-at-17-01-41.png
6 of 12 Charlie Osborne/ZDNet

Shady behavior?

In November 2018, the news broke that Facebook had hired Definers, a PR firm specializing in opposition research.

Reports suggested that the company was tasked with gathering intelligence on public figures critical of the company, such as George Soros, who has deemed the social network a "menace to society."

Facebook and Definers denied any wrongdoing.

screenshot-2019-01-31-at-17-03-05.png
7 of 12 Charlie Osborne/ZDNet

Photos for all

A bug in Facebook was revealed in December which may have exposed the private photos of up to 6.8 million users. It is believed that roughly 1,500 apps built by 876 developers could have accessed such content. 

The vulnerability was present in backend code between September 13 to September 25, 2018. 

Read on: Facebook bug exposed private photos of 6.8 million users

screenshot-2019-01-31-at-17-02-27.png
8 of 12 Charlie Osborne/ZDNet

Share and share alike

In December, Facebook was forced to defend its data-sharing practices in relation to what is shared with other companies, including "special arrangements" with firms including Microsoft, Netflix, and Spotify.

While Facebook said the deals -- agreed upon as far back as 2010 and potentially involving as many as 150 companies -- were made for the benefit of user experience, the APIs for these features were left in place long after sharing programs were shut down. Facebook said that the issue was being investigated. 

See also: Facebook defends giving tech giants access to extensive user data

screenshot-2019-01-31-at-17-26-20.png
9 of 12 Charlie Osborne/ZDNet

Seized documents reveal all

The cache of documents seized by UK officials earlier in the year resurfaced in December -- which was certainly a busy month in Facebook's PR department -- and emails revealed that Facebook executives had discussed selling user data to major spenders.

It was also revealed that Facebook had been recording call and text logs from Android phones in 2015, and user data scraped by free VPN provider Onavo, acquired by Facebook in 2014, had been used to determine future business deals. 

screenshot-2019-01-31-at-17-26-59.png
10 of 12 Charlie Osborne/ZDNet

The data begins to merge

January has not been quiet for Facebook, either.

After announcing plans to merge WhatsApp, Instagram, and Facebook Messenger, EU regulators raised questions over whether or not the company would be capable of complying with the EU's GDPR regulations.

screenshot-2019-01-31-at-18-18-35.png
11 of 12 Charlie Osborne/ZDNet

The 10 year challenge

Given Facebook's track record of data-slurping practices, when the "10- year challenge" meme began making the rounds, questions were asked concerning the true nature of the trend. 

Users were asked to post images of themselves ten years' apart and critics suggested that this was a way for the social network to train its image recognition algorithms.

It was suggested that perhaps Facebook was the creator of the challenge in the first place, which also spread across Twitter and Instagram. Facebook has denied these claims.

screenshot-2019-01-31-at-17-27-36.png
12 of 12 Charlie Osborne/ZDNet

$20 for all of your mobile data

To wrap up the month with a bang, a marketing research project conducted by Facebook which offered users between the ages of 13 and 35 money in return for downloading an app granted unfettered access to their data was revealed. 

Offered to iOS and Android users, the app was downloaded outside of the official Apple and Google stores. Apple concluded that the iOS version of the app abused developer rules and revoked Facebook's enterprise developer program certificate. 

Access was restored by Apple a day later, which also punished Google in the same way for overstepping app privacy boundaries.

Read on: Facebook slammed over covert app that pays teenagers for dataApple pulls the plug on Facebook's internal iOS apps

Related Galleries

Developer trends, zero-day risks, 5G speeds, and more: Tech research roundup
Person seated at a booth in a cafe looks at their phone and laptop.

Related Galleries

Developer trends, zero-day risks, 5G speeds, and more: Tech research roundup

10 Photos
Tech salaries, developer skills, cybersecurity, and more: ZDNet's research roundup
remote-working-from-home-man-employee-small-desk.jpg

Related Galleries

Tech salaries, developer skills, cybersecurity, and more: ZDNet's research roundup

8 Photos
Yubikey Security Key C NFC
Security Key C NFC

Related Galleries

Yubikey Security Key C NFC

8 Photos
First look at the YubiKey Bio
YubiKey Bio

Related Galleries

First look at the YubiKey Bio

10 Photos
iVerify (version 17)
iVerify for iOS and iPadOS

Related Galleries

iVerify (version 17)

5 Photos
OnlyKey hardware security key
OnlyKey

Related Galleries

OnlyKey hardware security key

19 Photos
SoloKeys Solo V2
Solo V2

Related Galleries

SoloKeys Solo V2

10 Photos