A series of internal emails have revealed that Facebook had seriously considered selling user data to third parties. The company also collected data about user calls and text messages through its Android app.
Selling user data
Between 2012 and 2014, Facebook was struggling with generating sufficient revenues. This triggered a debate on whether to sell user data. At that time, third-party app developers not only had access to user data, but also the data of their friends. Facebook realized that it was essentially giving away the data of millions of users for free.
“We were trying to figure out how to build a sustainable business… We had a lot of internal conversations about how we could do this,” a Facebook spokeswoman said to The Wall Street Journal.
For instance, the “This Is Your Digital Life” app apparently had access to the data of almost 87 million accounts. However, only a few thousand users had given explicit consent to the app to access their information. In 2015, Facebook plugged this loophole. But the company came to the conclusion that it could actually make money by letting developers continue to have access to user data.
One employee at Facebook suggested charging US$250,000 per year for such access. When the Royal Bank of Canada raised concerns about restricted data access, Facebook inquired about the bank’s advertising budget. Despite all the emails and discussions of selling user data, Facebook never actually went ahead with the decision. In fact, CEO Mark Zuckerberg wrote a post detailing this very thing.
“We decided on a model where we continued to provide the developer platform for free and developers could choose to buy ads if they wanted. This model has worked well. Other ideas we considered but decided against included charging developers for usage of our platform, similar to how developers pay to use Amazon AWS or Google Cloud. To be clear, that’s different from selling people’s data. We’ve never sold anyone’s data,” said Zuckerberg’s Facebook post.
Checking Android calls and messages
In 2015, Facebook decided to enter into a new partnership with Android that would allow its app to gain access to SMS and phone call logs. The company wanted to use the data to improve features like friend suggestions and news feed rankings.
Users were to be shown prompts where they would give permission to Facebook to collect their private data. Michael LeBeau, the then Facebook product manager, had warned that such an action risked triggering a PR nightmare for the company. Yet the growth team did not heed his concerns and went ahead with the plan.
In an email. he predicted a fallout in which a “screenshot of the scary Android permissions screen becomes a meme (as it has in the past), propagates around the web, it gets press attention, and enterprising journalists dig into what exactly the new update is requesting, then write stories about ‘Facebook uses new Android update to pry into your private life in ever more terrifying ways — reading your call logs, tracking you in businesses with beacons, etc.’” according to CNBC.
The proposed update was implemented and Facebook went on collecting user call logs and text records for the next few years. Only after there was a huge public backlash earlier this year did Facebook promise to delete records more than a year old.