Facebook’s decision to rebrand its Instagram and WhatsApp apps as part of the Facebook empire, seems ironically well-timed as the data privacy sins of the parent were revealed to be as common at the photo-sharing app.
Last week it emerged that Instagram allowed its users’ personal data to be violated by an outside company which harvested large amounts of info it wasn’t supposed to have.
Facebook quickly pointed out it was an unauthorised use of that data, but there’s no getting away from it: the world’s largest social network is just not as interested in its users’ privacy as its CEO Mark Zuckerberg always says it is.
Hyp3r, a San Francisco marketing company, is one of the preferred “Facebook Marketing Partners” and has spent the last year misappropriating “vast amounts of public user data [to]create detailed records of users’ physical whereabouts, personal bios, and photos that were intended to vanish after 24 hours”.
This “combination of configuration errors and lax oversight” was reported by Business Insider, leading to Facebook banning the marketing firm and making a technical change, it said, to its processes again.
“The wealth of the data contained in people’s fleeting Instagram activity, from family-vacation snapshots to restaurant appetizer photos, can provide valuable fodder for a variety of outside actors, who can repurpose the information in ways users never expected or agreed to,” BI reported.
Shades of Cambridge Analytica anyone?
Once again Facebook has allowed one of its partners to fleece unsuspecting users of their data. Sure, it’s publicly available and data harvesting is widely practised across the internet but Instagram and Facebook should’ve known better. Such broad platforms give unprecedented access to an unprecedented large audience. Instagram has 1.1bn users every month, of which 500m use it every day. Only Facebook and YouTube have more people logging on. Most importantly, 71% of Instagram’s global users are under the age of 35 – the very youthful audience that is dropping off Facebook itself.
Hyp3r says it has “a unique dataset of hundreds of millions of the highest value consumers in the world,” according to Business Insider, and that 90% of its data was sourced from Instagram, scraping 1-million posts a month.
The way Hyp3r was able to compile this database “raises significant questions” about the “due diligence” and “procedures to safeguard user data” practised by Instagram and Facebook, the site reported.
Sound familiar? Facebook – which was fined $5bn last month by the Federal Trade Commission for not telling its users about the Cambridge Analytica leak – allowed that firm similar access, based on its own poor privacy standards with its apps.
Let’s not forget how that data was used, essentially, to subvert democracy in the manipulation of the Brexit and 2016 US presidential elections.
This is hardly the “pivot to privacy” that Zuckerberg promised earlier this year, as he announced the integration of the back-end messaging for its Messenger, WhatsApp and Instagram that will let the users of each message each other. But this integration is widely seen as a ploy to make it harder for Facebook to be broken up when the inevitable antitrust hearings require it.
Facebook and Instagram should have known better.
This column first appeared in Financial Mail