Facebook Gave 100 Apps Unauthorised Access to Data of Some Users

Posted on November 6, 2019 by Mehedi Hassan in Social with 1 Comment

Facebook announced on Tuesday that recent changes made to its Groups API led to some apps getting unauthorised access to user data. This wouldn’t be the first time Facebook has done something like this, so here we go once again.

In the past, the Groups API allowed app developers to get access to information from a Facebook Group whenever group admins authorized an app for the entire group. But in April 2018, Facebook changed that by preventing developers from accessing the user data from the groups unless the group members had opted-in.

But somehow, in the classic Facebook way, the change didn’t work as well as the company hoped. The company reported that an issue in the API led to around 100 “partners” being able to access member information like their names and profile pictures without their permission via Facebook Groups. 11 of these partners accessed user data in the last 60 days, though Facebook says the company hasn’t yet seen any evidence of abuse from these partners.

The company is apparently working with the app developers to get the member data deleted.

Tagged with , , ,

Join the discussion!


Don't have a login but want to join the conversation? Become a Thurrott Premium or Basic User to participate

Comments (1)

One response to “Facebook Gave 100 Apps Unauthorised Access to Data of Some Users”

  1. sandy

    Sounds like a GDPR violation; bring on the 4% global revenue fine, and maybe they'll actually properly test before deploying to production?