UK Facebook internal docs reveal Zuckerberg plans for exploiting user data

UK ‘fake news’ committee reveals Facebook CEO Mark Zuckerberg’s plans for monetizing user data with developers.   

A UK parliamentary committee tasked with investigating fake news has published more than 200 pages of Facebook’s internal documents from 2012 to 2015 detailing its business strategies around developer access to user data. 

The documents include details about a Facebook whitelist for providing some companies with exclusive access to user data, “data reciprocity” between Facebook and app developers, and how Facebook used its data to target competitors. 

The documents include emails between Facebook CEO Mark Zuckerberg and other Facebook execs explaining plans how the company may monetize user data prior to its Cambridge Analytica scandal that surfaced in March. 

Some emails fill in gaps about Facebook secretly collecting SMS and call data from Android devices, which was discovered after users began downloading their data from Facebook in reaction to news it had shared data about 87 million users with political consultancy Cambridge Analytica. 

One exhibit includes email exchanges between Facebook managers and execs from February 2015 about Facebook’s “growth team” planning a update that would require Android users approve new permissions for the Facebook app. 

Users would see a request to 'read call log', followed by an in-app dialogue to opt-in to approve that the app continuously upload SMS and call log history to Facebook. 

The update aimed to improve Facebook’s “people you may know” (PYMK) suggestions, according to the emails. Facebook managers knew this could look bad. 

“This is a pretty high-risk thing to do from a PR perspective but it appears that the growth team will charge ahead and do it,” wrote a Facebook product manager. 

Damian Collins MP, Chair of the Digital, Culture, Media and Sport Committee (DCMS) Committee, said in notes to documents that Facebook was attempting to hide the consequences of the update to avoid bad PR. 

“Facebook planned to make it as hard of possible for users to know that this was one of the underlying features of the upgrade of their app,” he wrote. 

According to a Facebook privacy manager’s email, the goal of the update was to help users avoid accidentally posting to “Only Me”, a privacy feature that limits posts to a user’s own News Feed.

Zuckerberg, it was said, had requested the Only Me audience setting be made “unsticky”, to boost a key performance metric. Facebook uses “stickiness” to measure engagement based on the percentage of daily active users (DAU) that are also monthly active users (MAU). A ratio of 50 percent would mean the average user is using the app every other day in a given month. A higher percentage would be better for Facebook.

The whitelist detailed gave select companies access to user data after changes made in 2014 to block “abusive apps” from collecting data from users and their friends without user consent. Whitelisted companies included Netflix, AirBnB, Lyft, and dating app Badoo.

An email from Netflix in February 2015 said that it "will be whitelisted for getting all friends, not just connected friends”, suggesting Netflix could use this to reach beyond Facebook users who’d subscribed to Netflix. 

The documents were seized by the UK from an executive of app developer Six4Three using special parliamentary powers. Zuckerberg has repeatedly declined requests by the UK committee to explain its actions.     

Facebook told the New York Times that the documents were part of a “baseless” lawsuit by Six4three that was presented in a “misleading” way that omits context. 

It has since posted a statement that Six4Three “cherrypicked” the documents “to force Facebook to share information on friends of the app’s users.”    

Facebook says the whitelists were used to give some developers access to a user’s friends, but not their data. 

On the issue of accessing Android call and SMS history, it said that after a review in 2018 Facebook found that information was not as useful after about a year.  

 

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
CSO WANTED
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags FacebookUKFake news

More about FacebookNetflixNews

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Liam Tung

Latest Videos

More videos

Blog Posts