Facebook Inc offered some companies, including Netflix and Airbnb, access to data about users’ friends that it did not make available to most other apps in 2015, according to documents released by a British lawmaker who said the social media company dodged questions about privacy practices and market dominance.
The document , released on Wednesday, were internal communications from 2012 to 2015 between company leaders, including Chief Executive Mark Zuckerberg, providing fresh evidence and sparking new political scrutiny about previously aired allegations that Facebook has picked favourites and engaged in anti-competitive behaviour.
Facebook said it stood by its deliberations and decisions. “The facts are clear. We’ve never sold people’s data,” it said.
The company said it would relax one “out-of-date” policy that restricted competitors' use of its data. Previously, “Mark level sign-off” would have been required for an exemption to the policy, according to one document, referring to Zuckerberg.
The documents show that Facebook tracked growth of competitors and denied them access to key data.
Zuckerberg agreed to senior executive Justin Osofsky's request in 2013 to stop giving friends' list access to Vine on the day that social media rival Twitter Inc launched the video-sharing service. “We’ve prepared reactive PR,” Osofsky wrote, to which Zuckerberg replied, “Yup, go for it.”
“Scary” permissions
Among non-competitors, Facebook still drew distinctions.
Ride service Lyft, which does not compete with Facebook, wanted access to comprehensive lists of users' friends to show carpool riders their mutual friends as an “ice breaker”. Facebook approved the request, saying in an email it would add to a feeling of safety for riders.
In 2014, the company described about 100 apps as being either “Mark's friends” or “Sheryl's friends” and also tracked how many apps were spending money on Facebook ads, according to the documents, referring to Zuckerberg and Chief Operating Officer Sheryl Sandberg.
Other emails describe Facebook denying online ticket seller Ticketmaster and an automotive technology supplier extended access to complete lists of users' friends after Facebook questioned how the date would be used.
The documents also raised questions about Facebook's transparency.
An exchange from 2015 shows Facebook leaders discussing how to begin collecting call logs from Android users' smartphones without subjecting them to “scary” permissions screens.
The effort began with some disclosures in 2015. But when the data-collecting became more well known this year amid increased scrutiny on Facebook, the company drew criticism from lawmakers about not doing more to inform users.
Misuse of data
Misuse of Facebook user data by Cambridge Analytica, a political consulting firm, along with another data breach this year and revelations about Facebook's lobbying tactics have heightened government scrutiny globally on the company's privacy and content moderation practices.
Stifel analysts on Wednesday lowered their rating on Facebook shares to “hold,” saying that “political and regulatory blowback seems like it may lead to restrictions on how Facebook operates, over time.”
US Senator Richard Blumenthal described the documents as part of “mounting evidence that Facebook acted chaotically, recklessly and lawlessly by granting access to private consumer data for financial gain.”
Company executives weighed charging other apps for access to its developer tools, including the friends lists, if they did not buy a certain amount of advertising from Facebook, according to the emails. In one from 2012, Zuckerberg wrote that he was drawing inspiration for business models from books he had been reading about the banking industry. Facebook said it ultimately maintained free access to the tools.
Damian Collins, a Conservative British parliamentarian who leads a Committee on Media and Culture, made the internal documents public after demanding them last month under threat of sanction from Six4Three.
The developer of the defunct app, which allowed people to find pictures of people wearing bikinis, obtained the documents as part of its ongoing lawsuit in California state court alleging that Facebook violated promises to app developers when it ended their access to likes, photos and other data of users' friends in 2015.
Facebook, which has described the Six4Three case as baseless, said the released communications were “selectively leaked.”
Though filed under seal and redacted in the lawsuit, the internal communications needed to be made public because “they raise important questions about how Facebook treats users' data, their policies for working with app developers, and how they exercise their dominant position in the social media market,” Collins said on Twitter.
Dating app Badoo, Netflix and Airbnb were among companies 'whitelisted' for access to data about users' friends, the documents showed.
Netflix, Airbnb, Lyft and Badoo did not respond to requests for comment. Facebook described such deals as short-term extensions, but it is unclear exactly when the various agreements ended.
Security risks overlooked
Friends' data had stoked the growth of many apps because it enabled people to easily connect with Facebook buddies on a new service. Many complained about being shut out as others got extensions.
The glimpse into Facebook shows that Zuckerberg considered the competitive risks posed by allowing third-party developers to piggyback on his company's user data, but may have failed to appreciated the security risks.
“At some level I think helping your competitors is a fact of life,” he wrote in a 2012 email to a lieutenant. “We need to make sure we're not doing this to an extent that it destroys us, but we also shouldn't be so rigid as to rule out any model where competitors get benefit from us.”
By 2014, Facebook realised that some developers had built “sketchy” apps and overhauled its tools for all developers, he wrote in a post on Wednesday. “This change meant that a lot of sketchy apps - like the quiz app that sold data to Cambridge Analytica - could no longer operate on our platform,” he said.
He wrote that the company could have prevented the Cambridge Analytica data breach scandal had it cracked down on app developers a year earlier in 2014.