Facebook Inc. logo. (Photographer: Andrew Harrer/Bloomberg)

Facebook Again Botches a Data Crisis

(Bloomberg Opinion) -- The worst thing about the latest revelation involving Facebook Inc. and its questionable stewardship of people's personal information is that the company has again shown that it never learns from its own mistakes. 

In an article published late Sunday, the New York Times reported that dozens of hardware companies such as BlackBerry Ltd. and Apple Inc. had far more ability to tap information from Facebook user accounts that was previously understood. 

There are legitimate and useful reasons for a smartphones and other internet-connected gadgets to strike agreements permitting them access to Facebook's user information. If people want to share a photo taken on their smartphone camera to Facebook, it's handy if the phone maker is able to let them tap one button on their phone to do so. That's normal.

What's harder to understand is other aspects of the Times reporting, which found that those hardware companies also had in prior years — and in some cases, continued to have years after those first Facebook data-sharing arrangements were made — the ability to collect much more information from Facebook user accounts including religious affiliation, event attendance and data from the social media accounts of Facebook users' friends. What was the point of permitting these hardware makers to have this information? Facebook doesn't say.

The existence of these hardware arrangements isn't new, and the Times reporting isn't a five-alarm fire on its own. The story's revelations, however, are worrying given the context of Facebook's endless series of privacy landmines, and its response to them. Facebook's rebuttal in the Times article and in a blog post dodges the obvious questions about the scope of Facebook's data-sharing arrangements with outside companies. As usual, when Facebook is given an option to be open and transparent, it opts for obfuscation. That's so Facebook. 

Facebook told the Times that the device makers can only harness social network account information to provide versions of the "Facebook experience," although the Times reporting shows that device makers seemed to have access to information that went beyond what was necessary to build useful apps. Facebook's rebuttal also leans heavily on an explanation that many of those data agreements with smartphone companies were struck when it was common for BlackBerry, Samsung and others to have customized apps for people to use their social network accounts. (A conventional Facebook smartphone app didn't even exist until 2012.)

But while Facebook focuses on the past, it doesn't explain why it didn't stop or significantly revise those data-sharing partnerships with hardware makers years ago. It's the same question I had in April when Facebook announced a wave of restrictions on how outside parties could access information from the social network's 2 billion users. It shouldn’t have taken so many years and so many Facebook crises over lax data-sharing for the company to end outside companies' access to certain information, including a feature that allowed third parties to see what private events people had indicated on Facebook that they planned to attend.

Remember, the company has been in damage-control mode since March, when the Times was among the news organizations that disclosed details about how the mysterious political consulting firm Cambridge Analytica was able to obtain information on tens of millions of Facebook users largely without their knowledge or permission, thanks to an endless series of data barn doors that Facebook had left open. 

Facebook must know at this point that regulators and politicians smell blood when it comes to the company. Every article that contains the words "Facebook" and "potential privacy violation" compounds the sense that the social network is an irresponsible steward of people's information. 

Facebook even is disingenuous when it is trying to be complimentary. Facebook's rebuttal begins by saying it has mostly agreed with prior concerns the Times has raised "about the controls over Facebook information shared with" outside companies such as Cambridge Analytica. In fact, Facebook appeared to have stonewalled the Times and another news organization before the first wave of stories about Cambridge Analytica in March, then quibbled over verbal semantics and pointed the blame at people associated with Cambridge Analytica rather than take stock of what Facebook had done wrong. It’s laughable for Facebook to now say it has nodded its head in agreement when the newspaper questioned the company's control over user data. 

Facebook's inability to respond sensibly to critiques isn't a trivial matter for investors. I genuinely wonder whether Facebook would be in a penalty box today with politicians and the public if the company hadn't fought against the first news reports about Cambridge Analytica, and instead done a full accounting of its role. 

To me, the company's latest ham-handed response to criticism shows that Facebook still isn’t interested in making sure the public understands what it does. It's still not interested in holding itself accountable —  and it’s still not interested in becoming more transparent, despite saying that's what it wants to do. 

©2018 Bloomberg L.P.

Bloomberg
View Opinions From Business And Policy Experts On BloombergQuint