Facebook has admitted to sharing private user messages with third-party companies, including Spotify. In their blog post, they state:
“Did partners get access to messages? Yes. But people had to explicitly sign in to Facebook first to use a partner’s messaging feature. Take Spotify for example. After signing in to your Facebook account in Spotify’s desktop app, you could then send and receive messages without ever leaving the app. Our API provided partners with access to the person’s messages in order to power this type of feature.”
The New York Times stated that Spotify could access more than 70 million users a month. Not only could companies access these messages, but Spotify, Netflix, and the Royal Bank of Canada could read, write, and delete users’ private messages.
Spotify and Netflix have both stated that they were unaware that Facebook had granted them these powers. Facebook has stated it has seen no evidence of abuse of this access.
Sharing data with third-parties is not a new concept. Companies do this with “integration partners” so their company’s features can appear on other programs. Facebook said this is to do things such as see “recommendations from their Facebook friends – on other popular apps and websites, like Netflix, The New York Times, Pandora and Spotify.”
Facebook stated that they didn’t give access without permission from users:
“To be clear: none of these partnerships or features gave companies access to information without people’s permission, nor did they violate our 2012 settlement with the FTC.”
But people say there was a lack of transparency from Facebook with what exactly they were sharing with these companies. This comes in along with the Cambridge Analytica scandal in March.
The Washington Post wrote a perspective article which suggested that these data-sharing scandals could be solved if users agreed to a yearly payment. Facebook made $82 in advertising for each user in the US last year. Of course, Facebook is free and still makes that a selling point on its sign-up page: “It’s free and always will be”
Former FTC officials told the Times that its data sharing practices had most likely violated some regulations.