Facebook

Facebook Accused Of Exposing User Data Via Groups

ftc-facebook-complaint-privacy-health-closed-groups

The Federal Trade Commission (FTC) has received a complaint against Facebook that alleges the social media giant wrongfully disclosed information on members of closed groups.

The complaint, which was filed with the FTC last month, alleges that “Facebook deceptively solicited patients to use its ‘Groups’ product to share personal health information about their health issues. Facebook has marketed this product as a Personal Health Record. Facebook then leaked to the public health data that those patients uploaded. At least in some cases, this was done contrary to the specific privacy decisions made by Facebook users.”

The issue came to light last summer when members of a group for women with the BRCA gene discovered that their personal information, including names and email addresses, could easily be downloaded in bulk, either manually or through a Chrome extension.

And while Facebook did make changes to Groups that ended the practice, the complaint explains that this did not fix the entire problem.

“While it is no longer possible for non-Group-members to download the member lists from thousands of Closed Groups and millions of users in a single attack, it is still possible to download the member list if you are a member of the Group,” according to the complaint, which was filed by a security researcher and BRCA advocates, among others. “We have seen some evidence in an uptick in ‘fake membership applications’ to a small sample of Closed clinical Groups. We believe that this could be the response of malicious actors who are now using Suck Puppet accounts that previously had generous access to Closed Group membership data, that are now seeking to restore their access.”

In addition, the complaint goes on to say that Facebook hasn’t been clear about what personal information users might be giving up when they join a group.

——————————–

Latest Insights: 

Our data and analytics team has developed a number of creative methodologies and frameworks that measure and benchmark the innovation that’s reshaping the payments and commerce ecosystem. The July 2019 Pay Advances: The Gig Economy’s New Normal, a PYMNTS and Mastercard collaboration, examines pay advances – full or partial payments received before an ad hoc job is completed – including how gig workers currently use them and their potential for future adoption.

TRENDING RIGHT NOW

To Top