Facebook has been put under more pressure in recent days over the way it deals with its users’ privacy. The social media giant has faced increased criticism over the last year, particularly after the revelations that the data-mining firm, Cambridge Analytica, accessed the data of 87 million of its users without consent. This time, the focus has been on the way Facebook has failed to protect the privacy of those in patient health and other groups, along with its relationship with third-party apps.
In a complaint lodged with US regulators, the way Facebook interacts with users was described as “unfair, deceptive and misleading”. Facebook users who are members of patient health and other groups may have had their data downloaded without notification. Under US law, Facebook ought to have notified users within 60 days and the FTC within ten business days, but failed to do either.
Many of these health groups could hold extremely sensitive information, meaning some users may have been exposed to “life-threatening privacy violations”. The process of using Facebook health groups has therefore been described as “effectively a game of privacy roulette in which users are unable to know in advance which ‘connections’ will hurt them by downloading the data from posts in closed and secret groups”. Facebook’s responded with the statement that “[i]t’s intentionally clear to people that when they join any group on Facebook, other members of that group can see that they are a part of that community and can see posts they choose to share with that community”. Such a response is unlikely to satisfy complaints.
Several days later, a fresh story broke about how Facebook is receiving highly personal data from third-party apps. The Wall Street Journal found that in some cases, Facebook can receive information from apps even if the user does not actually have a Facebook account. Of more than 70 popular apps, it was found that at least eleven sent potentially sensitive information to Facebook.
Apps such as the Flo Period & Ovulation Tracker reportedly shared with Facebook when users were trying to become pregnant or were having their periods. Clearly information like this is highly sensitive, and raises questions around Facebook’s claim that it “prohibits app developers from sending us sensitive data”.
Privacy issues surrounding social media giants like Facebook have now become a regular occurrence in the last few years. The big question now is how these organisations will react to these challenges, particularly with regulation such as GDPR now becoming commonplace.