Facebook Internal Emails Show Need for Users to Safeguard Personal Data
According to a UK report, the company allowed 'friends' access to Netflix, Lyft, and Airbnb after the practice had been halted
Internal Facebook emails and other court documents released as part of a United Kingdom probe demonstrate the need for users to take steps to safeguard personal data on social media.
The 250 pages of documents (PDF) released Wednesday by the U.K. Parliament suggest that Facebook shared sensitive consumer information with select business partners in an attempt to boost its fledgling mobile ad-sales business.
The documents reveal that the company at least debated monetizing customer data by sharing it with certain partners in the hopes that they would buy Facebook ads and other products.
“The question is always ‘How can we grow our bottom line?’ and the privacy interests of consumers never come up,” says Justin Brookman, director of consumer privacy and technology policy at Consumer Reports.
This news is another reminder that consumers need to take measures to safeguard their privacy and security as they use digital products and services.
Facebook offers a host of privacy settings, and while the defaults tend to be set up to maximize data collection, you can adjust them to better protect your personal info.
For details and instructions on Facebook’s various privacy settings, you can consult CR’s comprehensive guide. Below we provide some quick advice, including instructions on how to delete your account.
In a statement published Wednesday on Facebook, founder and CEO Mark Zuckerberg stressed that the company has never sold consumer data. “Developers could choose to buy ads if they wanted,” he wrote. “To be clear, that’s different from selling people’s data.”
Facebook has called the Six4Three lawsuit “baseless,” claiming that the firm’s attorneys “cherrypicked” the evidence released Wednesday. “The set of documents, by design, tells only one side of the story and omits important context,” the company said in a post on its online newsroom.
The documents don’t contain a bombshell revelation on the scale of this spring’s Cambridge Analytica scandal, but they do shed new light on the company’s discussions about consumer privacy.
The documents reveal Facebook’s thoughts about sharing consumer data with potential partners who might do business with the company.
“So instead of every [sic] paying us directly, they’d just use our payments or ads products,” CEO Mark Zuckerberg wrote in a 2012 e-mail released today.
The released documents also suggest that the company used access to consumer data to thwart competitors. In 2013, Facebook shut down “friends API access” for rival Twitter, as it was releasing a product called Vine, which allowed users to post 6-second videos. The change prevented Vine users from finding friends via Facebook.
In 2015, Facebook also changed its policies governing Android mobile users, which allowed the company to continuously collect a record of calls and texts from those Facebook users.
The emails also show that Facebook executives worried about blowback from the Android update. “This is a pretty high-risk thing to do from a PR perspective,” Mark Tonkelowitz, Facebook engineering manager, wrote in a 2015 email. In response, Yul Kwon, Facebook’s director of product management, seemed to suggest that one solution would be an update that circumvented asking users’ permission, which would avoid drawing attention to the change.
What You Can Do
Keep your whereabouts to yourself. Each time you use the Facebook mobile app to “check in” to your favorite diner or tag that family photo op on the Golden Gate Bridge, Facebook pinpoints your location using GPS data and signals from WiFi access points, cell towers, and other sources.
The company also uses that technology to identify the places you routinely visit and nearby businesses that may want to target you with ads. If you use the Facebook app or website, the company reserves the right to glean details about your location no matter what you do. But it’s easy to make the information Facebook gathers a little less precise. Here’s how to turn off location tracking on your phone. (Android instructions may vary slightly by model.)
On an Android phone: Go to the phone’s Settings > Apps (or Apps & Notifications) > Facebook > Permissions > Location > Off.
On an iPhone: Go to the phone’s Settings > Privacy > Location >
Facebook > While Using the App or Never.
Limit data collection by Facebook’s partners. The Facebook Login feature is a quick and easy way to sign in to websites and mobile apps for services such as The New York Times, Pandora, and Yelp. But it also gives companies access to a lot of personal information. Think your name, email, schools you attended, workplaces, Facebook comments, and “likes”—the sort of data that was mined for behavioral patterns during the Cambridge Analytica scandal.
It’s all but impossible to find and delete personal info once it has been harvested by other companies, or to determine what they ultimately do with the information. But you can see which apps are currently collecting data from your account and stop them. You will no longer be able to access these apps using your Facebook log-in, so create a new log-in and password for each app before making changes.
On a computer: Click on the downward arrow at the top right of your Facebook page and choose Settings > Apps and Websites > Active > Click on the box next to the app’s logo > Remove.
Restrict Facebook from tracking your activity on other websites. Facebook’s snooping does not stop when you leave the platform. If you’ve ever visited a website that uses Facebook services—Like and Share buttons, your Facebook log-in, or the company’s analytics tools—you’ve provided info on the stories you’ve read, the videos you’ve watched, even the products you’ve viewed and placed in an online shopping cart.
When you see those buttons on a website, it’s safe to assume Facebook is collecting your data. The company doesn’t offer any settings to put a stop to this process, but you can disrupt Facebook’s efforts to keep tabs on your browsing history by installing an ad blocking extension, such as Disconnect, Privacy Badger, or Ublock, on your browser.
The Mozilla Foundation designed an ad blocker for its Firefox browser specifically for this task. Called Facebook Container, it takes only a few clicks to install, and the directions are easy to find online.
Delete your Facebook account. If you’re ready to part with Facebook for good, you can delete your account.
Beware: Once you cross this line, there’s no going back. Your photos, posts, and messages will disappear, so you may want to save that and other data by downloading your personal information first. Facebook will generate a copy of your personal archive and send it via an email with a link to a .zip file. Be sure to save that file before you hit “delete.”
Again, if you use your Facebook log-in to access third-party apps and sites, you may also want to create new log-ins and passwords for these accounts that so you don’t lose access. Check out the Apps section in Settings for a complete list of apps and websites linked to your Facebook account.
When you’re ready to make your grand exit, it’s relatively simple: Go to this page and click “Delete my account.”
The decision won’t take effect immediately; Facebook delays erasing your account for 30 days to give you time to change your mind. If you log back in to your account during that stretch, your deletion request will be canceled. It may take up to 90 days from the start of the deletion process for all your information to be deleted from Facebook’s backup systems, according to the company.
Keep in mind that it’s hard to be sure you’ve scrubbed yourself completely from every Facebook platform: Messages you’ve sent to friends will still be visible in their inboxes, for example, and any posts you’ve made in groups will remain unless you delete them before cutting ties with Facebook.