The New Gatekeepers

Facebook’s defense: ‘Everyone was doing it back then’

June 4, 2018

Hardly a week goes by without Facebook coming under fire for playing fast and loose with people’s data, and this week is no exception. In some cases, the social network has immediately fallen on its sword and begged for forgiveness, but in the latest case it appears to be arguing that this is just how the industry works, and therefore it shouldn’t be accused of bad behavior. For many, that attitude is not going to sit well, and it’s likely to increase pressure for some kind of regulatory oversight.

The New York Times reported on the weekend that Facebook has been sharing the personal data of possibly millions of users—and all of their friends—with device makers like Apple, BlackBerry, and Samsung. According to the Times, the social network did so without asking for permission or informing users that phone manufacturers were storing some or all of that data. As the story describes it:

Facebook allowed the device companies access to the data of users’ friends without their explicit consent, even after declaring that it would no longer share such information with outsiders. Some device makers could retrieve personal information even from users’ friends who believed they had barred any sharing, The New York Times found.

In previous cases, including the Cambridge Analytica data leak, messages of apology came from high up: usually either Facebook CEO Mark Zuckerberg or COO Sheryl Sandberg. In this case, the response came from a vice president of product partnerships—and the message was significantly less conciliatory. Entitled “Why We Disagree with The New York Times,” the post says the process of allowing device makers to extract data was necessary in order to allow those devices to incorporate Facebook functions in the days before smartphones came with standalone apps.

The company also says data was shared only when users gave explicit permission, even though this directly contradicts the reporting by the Times. According to the newspaper, users in their tests had information shared even when they had turned data sharing off. As former FTC Chief Technology Officer Ashkan Soltani pointed out on Twitter, this seems to go against Zuckerberg’s previous statements during the Cambridge Analytica uproar that Facebook shut down all such data sharing in 2014:

Sign up for CJR's daily email

In a series of tweets posted by Facebook linking to its response to the Times story, the company made the case that it restricted the amount of data shared with device makers, and also noted that it launched the device-integrated APIs in order to help get Facebook onto mobile devices before app stores had been invented. The company argued that doing so “was standard industry practice,” but that argument isn’t likely to hold much water for some Facebook critics.

Even one of Facebook’s most powerful executives—Adam Mosseri, until recently the man in charge of the all-powerful News Feed—admitted recently that this kind of attitude has been part of the problem not just with the social network but with many other Silicon Valley companies as well. Mosseri told attendees at a CJR event in San Francisco in May that Facebook and many other companies have suffered from a blind spot that caused them to ignore the potential downsides of a given technology. (You can also listen to his interview via the CJR podcast).

How much of Facebook’s behavior was seen by the company as “standard industry practice”? If this and the Cambridge Analytica cases suggest that the company has breached its 2011 consent decree with the FTC, we’re likely going to see more calls for the government to step in and take some kind of action.

Mathew Ingram is CJR’s chief digital writer. Previously, he was a senior writer with Fortune magazine. He has written about the intersection between media and technology since the earliest days of the commercial internet. His writing has been published in the Washington Post and the Financial Times as well as by Reuters and Bloomberg.