Facebook Shared User Data with 5,000 Developers Despite 90 Days Limit
Jul. 2, 2020According to Facebook’s blog post, the flawallowed approximately 5,000 developers to access user data. The developers shouldn’t have been able to access the data if Facebook users don’t use their app for 90 days.
“From the last several months of data we have available, we currently estimate this issue enabled approximately 5,000 developers to continue receiving information beyond 90 days of inactivity as recognized by our systems,”wrote Facebook’s VP of Platform Partnerships Konstantinos Papamiltiadis.
Facebookclaims to have fixed the issue the day after they discovered it. The company, however, did not reveal how many users were impacted by this problem. The compromised data includes, but is not limited to, language and gender. However, the social media giant clarifies that the apps did not have additional permissions to user data. In other words, the app’s access to data was limited to what the user had previously allowed when using it.
In the same blog post, the company has announced newplatform terms and developer policiesto prevent such incidents from happening in the future. The company says that businesses and developers are required to comply with their new policies. According to Papamiltiadis, these new terms will“limit the information developers can share with third parties without explicit consent”. The new guidelines will also require developers to delete data if it is no longer needed.
Subin writes about consumer tech, software, and security. He secretly misses the headphone jack while pretending he’s better off with the wireless freedom.
