Facebook’s arrangements with Amazon, Apple, BlackBerry and Samsung that allowed their devices to access data from the social network’s users could further expose Facebook to steep fines and other penalties, experts said.
The practice — which may have occurred without users’ full knowledge — drew sharp rebukes from lawmakers on Monday, who said Facebook has misled them about the way it collects and swaps consumers’ data.
And it could spark additional scrutiny from the Federal Trade Commission, which already is investigating Facebook for a series of other recent, privacy mishaps.
“I think the more unauthorized sharing that comes out, the more the FTC is going to be inclined to impose a significant civil penalty on Facebook,” said David Vladeck, a former top official at the agency when it punished Facebook in 2011.
On the Hill, Sen. Richard Blumenthal, D-Conn., said the new reports showed that Facebook “has failed to come clean with the American people about the extent, the scope and the scale, of data sharing. The secret agreements raise serious credibility issues about recent testimony.”
Newly at issue is a series of relationships brokered over the past decade between Facebook and roughly 60 businesses, including Amazon, Apple, BlackBerry, HTC, Microsoft and Samsung.
Through a combination of legal agreements and software, Facebook “allowed companies to recreate Facebook-like experiences for their individual devices or operating systems,” the social giant acknowledged in a blog post Monday. The New York Times first reported on the matter.
An arrangement with Apple, for example, allowed Facebook users to download profile photos for their friends and use them in their iPhone contact lists.
Apple contends it did not store the data for itself.
An older BlackBerry device, meanwhile, appeared to access many categories of data, including messages, while tapping data about friends and others one step removed on the network, the Times found.
In response, a spokesman for BlackBerry stressed that it “has always been in the business of protecting, not monetizing, customer data.”
Facebook declined Monday to detail a full list of device makers with which it had brokered such arrangements. But the company said it phased out its system in April.
It acknowledged that device-makers may have kept data on their servers. And Facebook stressed in a blog post it is “not aware of any abuse by these companies.”