Almost exactly a year ago, The New York Times, The Guardian, and The Observer published stories that contained hard evidence of Facebook allowing Cambridge Analytica, a political think tank and consultancy firm, to wrongfully steal personal information from millions of Facebook profiles without those users’ permission.
Facebook’s stock price dropped substantially after the three aforementioned news sources’ pieces caused a ruckus across the global news circuit.
Later that year, news broke that Facebook had effectively given over 150 third-party service providers, among the likes of which were Yahoo, Spotify, Amazon, and Microsoft, full access to Facebook users’ personal, private messages, the contents of their address books, and posts that were made private by the users who posted them with the idea of preventing other people from seeing them.
Facebook had alleged earlier in 2018 that it had not, in fact, granted access to these third-party service providers. This was proven to be one of many lies perpetrated by Facebook. Shortly after this line of news broke, the public found out that the Facebook mobile application relays users’ physical location back to the company, even if users had explicitly opted out of such geolocation sharing.
Just last month, a variety of health mobile apps had collected Facebook users’ vital signs and other health information and submitted that private information to Facebook itself. The users of these health-related mobile apps had not granted them permission to share such information with the social media giant.
Even further, news also broke earlier this year that Facebook had spent many millions of dollars in the name of lobbying against governments’ proposed privacy protection laws. Such actions were taken by Facebook presumably to make it easier for the company to collect users’ personal information without their consent or knowledge.
Yet another damning piece of news broke a few days ago, indicating that Facebook had stored its users’ passwords in plain text. Passwords are supposed to be stored in an encrypted form, meaning that Facebook employees should not have been able to browse through them.
Evidence indicates that Facebook had stored some 600 million users’ passwords in plain text. Further, over 20,000 people who worked for Facebook over the years had access to those passwords. It’s also clear that some 2,000 employees collectively made some nine million searches for these users’ passwords. What’s next?
Dil Bole Oberoi
