The largest social media platform of the world Facebook has admitted that email contacts of more than 1.5 million users had been “unintentionally” uploaded by it without the permission from the users.
The company said that a system used to verify the identity of new members was the route of the data harvesting.
New users were asked to provide Facebook with the password for their email account and retained a copy of their contacts thereafter.
Now, in order to stop contacts being uploaded, the way it handled new users has been changed, Facebook said. The company also said that it would notify all those members users whose contacts were taken and it would also delete all of the contacts that it had unintentionally copied and stored. It is believed that mapping of social and personal connections between users was done by Facebook with the help of the information that it had grabbed without permission.
Those users who had joined Facebook about a decade ago had most likely clicked “yes” when they were invited to upload all of their contacts, say experts. While apparently that does not seem to be anything that could cause harm to the user, following the various data scams that Facebook and other tech companies have had to face, there is reduced confidence on and trust in Facebook and users have grown a lot more cautious. Users now are weary of handing over information about social connections because of the potential harms that users now realize could happen. Such information could be critical for professionals who communicate with very important persons but does not want the world to know about those contacts.
The latest data breach as reported by Facebook reportedly took place over a period of three years when contacts of 1.5 million of its users were copied and stored without the permission of the users. Users are now also suspicious when Facebook prompts “people you may know”, and wonder how did the social media company come to know that the suggested individuals were known to the user.
For many, putting faith on Facebook with their data is diminishing by the day.
According to a report published in Business Insider,, where the news was first reported, the company started copying contacts of users without permission in May 2016, Facebook has told the media.
Prior to that date, new users were asked if they wanted to verify their identity via their email account and were also asked whether agreed to their address book being uploaded voluntarily. Facebook said that option and the text which specified that Facebook was grabbing the contacts was altered in May 2016 but it left intact the underlying code that actually scraped contacts.
In order to understand what happened and its consequences, Facebook has been engaged to by Ireland’s Data Protection Commissioner, which oversees Facebook in Europe.
(Adapted from BBC.com)