Facebook endured a new wave of criticism from lawmakers and regulators in the United States (US) and Europe on Monday after disclosures that the social media giant had allowed dozens of hardware manufacturers access its trove of personal user data.
Just months after being forced to explain its privacy measures and pledging reforms in the wake of the Cambridge Analytica scandal, Facebook found itself on the defensive once again, fending off questions about whether company executives had misled elected officials and why it had not fully disclosed the data-sharing agreements during recent testimony in the US and Europe.
The European authorities who last month enacted the world’s strictest data privacy law said Facebook’s sharing of personal information with cellphone-makers and other manufacturers deserved further investigation.
Germany’s top privacy regulator, Johannes Caspar, called Facebook’s partnerships “an unprecedented violation of privacy laws and user trust.”
And New York’s Attorney-General Barbara Underwood, said her office would expand its investigation of Facebook’s data practices to include Facebook’s sharing with hardware manufacturers.
The broad scope of Facebook’s data partnerships — with Apple, Samsung, Amazon and other companies that make or sell phones, tablets, televisions and video game consoles — was reported by The New York Times on Sunday, showing that Facebook had exempted at least 60 hardware-makers from restrictions imposed on other companies in 2015.
Those restrictions were intended to prevent games and other apps from gaining access to the Facebook information of their customers’ friends.
“I’m extremely concerned that we are just now learning that even more personal user data was provided without consent,” said Senator Amy Klobuchar of Minnesota, a senior Democrat on the Senate Judiciary Committee, and one of the lawmakers who questioned Facebook’s Chief Executive Mark Zuckerberg, at a hearing in April.
Mr Zuckerberg and other Facebook executives have repeatedly cited the 2015 restrictions to assure policy makers that no outside company could again harvest swaths of personal information without the explicit consent of users, as a contractor for Cambridge Analytica did in 2014.
But Facebook officials said this week that they did not consider hardware partners to be outside companies, under the terms of Facebook’s privacy policies and a 2011 decree with the Federal Trade Commission (FTC).
When Facebook delivers data to a partner device, a Facebook executive said in a statement posted on the company’s website on Sunday night, the device-maker effectively functions as an extension of Facebook.
And when Facebook users decide to share photos or phone numbers with their friends, they also consent to having that information flow to any partner devices their friends use.