Facebook's links to questions of privacy and data protection have come to the fore since the Cambridge Analytica scandal was revealed in 2018. In March of this year, its CEO Mark Zuckerberg made a statement about future plans for the platform's approach to privacy.

We wrote about how the statement was inherently ironic, as well as identifying a public need for better privacy that has been building traction for years. A deep dive into the platform's history lays out a trail of privacy issues since its inception, and provides crucial context for Facebook's changing stance.

1 August 2019

WhatsApp's "end to end encryption" turns out to be pointless?

  • Facebook can see what you type/say into WhatsApp before it is encrypted.
  • Forbes reports that Facebook can 'wiretap' WhatsApp and bypass encryption.

10 June 2019

25 million Android phones infected with malware hidden in WhatsApp

  • Up to 25 million Android users have been infected with malware that replaces the phone's app with a fake version full of adverts.
  • Forbes reports that 15 million victims are based in India, 300,000 in the USA, and 137,000 in the UK.

Screen-Shot-2019-03-13-at-10.21.51

13 May 2019

Serious hack of WhatsApp allows hackers to install spyware on iPhones and Androids

  • A software flaw in the audio call function of WhatsApp has allowed hackers to install spyware on users' iPhones and Androids.
  • Wired reports that hackers will have been given access to a huge amount of personal information.
  • Facebook's short report on the incident confirms hackers had "remote execution" powers, and the spyware could have been installed even if the users didn't answer the phone.

Screen-Shot-2019-03-13-at-10.21.51

18 April 2019

Facebook uploaded email contacts of 1.5m users without consent

  • The Guardian reports that Facebook has admitted to unintentionally uploading the address books of 1.5 million users without their consent.
  • Facebook had access to a vast amount of personal data and admitted that there were flaws in its usage of passwords.

Screen-Shot-2019-03-13-at-10.21.51

4 April 2019

Facebook partnering with The Daily Telegraph to publish sponsored articles downplaying 'technofears' and praising the company

  • Facebook is paying The Daily Telegraph to run a series of positive sponsored stories about it.
  • Business Insider reports the British newspaper is running dozens of stories that defend Facebook on controversial subjects like terrorism, hate speech, and cyber-bullying.

Screen-Shot-2019-03-13-at-10.21.51

3 April 2019

Hundreds of millions of Facebook records exposed on Amazon cloud servers

  • Third-party Facebook app developers have stored user data on Amazon's servers in a way that allowed it to be downloaded by the public, according to a report from UpGuard, a cybersecurity firm.
  • One of the companies stored more than 540 million records, including comments, likes, reactions and account names
  • Facebook has "no way of guaranteeing the safe storage of the data of their end users if they are going to allow app developers to harvest it in mass"

CNN

Screen-Shot-2019-03-13-at-10.21.51

30 March 2019

Historical Facebook posts by Mark Zuckerberg 'mistakenly deleted'

  • A number of blog posts and news updates previously published on Facebook by Mark Zuckerberg have been deleted, some dating back to 2011.
  • In a statement, a spokesperson for Facebook said the posts were “mistakenly deleted” after “technical errors”.
  • Some of the missing posts comment on significant events for the company, including its acquisition of Instagram in 2012.

Screen-Shot-2019-03-13-at-10.21.51

13 March 2019

Criminal probe into Facebook data deals

  • Two tech companies that make smartphones (unnamed in reports) have received a subpoena from the New York grand jury regarding data deals made with Facebook.
  • These deals involved integrating the developing products with Facebook platforms and features, in exchange for user data to inform the building of the product.
  • Users reportedly did not always know the extent of information shared.

Screen-Shot-2019-03-13-at-10.21.51

4 March 2019

Backlash over misuse of security phone numbers

  • Facebook users have been asked to add their phone number as two-factor authentification since 2011.
  • Backlash from editor of Emojipedia Jeremy Burge claims that the information can be used to search users, too, with an unclear opt-out system.
  • Facebook responded in a statement claiming that this search feature was disabled in April 2018.

Screen-Shot-2019-03-13-at-10.21.51

2 March 2019

Facebook's lobbying against data privacy laws revealed

  • Leaked internal documents reveal Facebook's global effort of incentivising politicians to lobby against data privacy laws.
  • This includes pressure to lobby against the "restrictive" GDPR, and the threat of withholding investment from countries who refused to support and pass Facebook-friendly laws.
  • The documents' association with the Six4Three lawsuit (see below) and their dispersal in breach of court order has prevented Facebook from commenting.

Screen-Shot-2019-03-13-at-10.21.51

22 Feb 2019

Intimate personal information shared to Facebook by third-party apps

  • A report by the Wall Street Journal revealed that highly personal information such as heart rate, menstrual cycle, and weight, is being shared to Facebook from third-party apps.
  • The data is shared even if the user is not signed up to Facebook.
  • Apps involved such as Flo Period & Ovulation Tracker share the data in order to use a Facebook analytics tool that informs how they develop their product and personalise ads.

Screen-Shot-2019-03-13-at-10.21.51

28 Jan 2019

Irish Data Protection Commission raises concern over Facebook's merger with WhatsApp and Instagram

  • Body that regulates Facebook in the EU called an urgent meeting with Facebook Ireland to discuss plans for its merger with Instagram and WhatsApp
  • The DPC has stated its desire to closely follow developments in the project, particularly concerning how data is shared and used across the platforms.
  • It emphasised that the merger could not become effective in the EU if it did not meet requirements of the GDPR.

Screen-Shot-2019-03-13-at-10.21.51

30 April 2018

WhatsApp founder steps down four years after service is bought by Facebook

  • Jan Koum sold the messaging giant to Facebook in 2014, emphasising at the time that user privacy was "coded into [their] DNA," and that "if partnering with Facebook meant that we had to change our values, we wouldn’t have done it."
  • Koum has now stepped down from the position with no explanation for his exit beyond that it is time for him "to move on".
  • His parting Facebook status was met with encouraging comments from Mark Zuckerberg and Sheryl Sandberg, though an anonymous company executive claimed that Koum had stepped down after becoming concerned with Facebook's position on privacy.

Screen-Shot-2019-03-13-at-10.21.51

17 March 2018

Cambridge Analytica Files published by The Guardian

  • Facebook's biggest ever data breach at the time, in which the data from 50 million user profiles was co-opted by political consultancy Cambridge Analytica.
  • A whistleblower revealed that the information had been used to profile audiences for Trump's election campaign material as well as the efforts of Vote Leave.
  • The $1m dollar profile-harvesting operation brought the importance of data protection to the fore and illustrated the power of data as a commodity.

Screen-Shot-2019-03-13-at-10.21.51

25 May 2017

Facebook Files published by The Guardian

  • A deep dive into the workings of Facebook's moderation process, after criticism that the site hosts harmful, hateful and damaging content.
  • Reports include testimonies from Facebook moderators themselves, an investigation into the details of moderation guidelines, and a look into the extremes of some of the content that has been allowed to exist on the site.
  • The reports as a whole reinforced a need for transparency from Facebook in all areas, given the scope and influence of content shared on its platform.

Screen-Shot-2019-03-13-at-10.21.51

2012-2014

Facebook discusses selling users' data in documents revealed by lawsuit

  • In 2017 app developer Six4Three sued Facebook for closing its API from developers like themselves, who were dependent on user data to build products.
  • Documents involved in the case (that Facebook attempted to keep sealed with a court order) reveal conversations as early as 2012 in which the platform discusses monetising user data.
  • Facebook declined to comment on the contents of the documents, beyond Konstantinos Papamiltiadis, director of developer platforms and programs, claiming that the fact that they were "presented in a way that is very misleading without additional context".

Screen-Shot-2019-03-13-at-10.21.51

10 May 2011

Third parties found to have access to Facebook users' personal data

  • A report by Symantec found that applications integrated with Facebook had been leaking users' personal data to third parties.
  • Symantec estimated that close to 100,000 applications had been leaking access to this information.

Screen-Shot-2019-03-13-at-10.21.51

14 August 2008

Facebook allegedly violates federal wiretap law

  • Soon after launching their Beacon programme, a federal class action lawsuit alleged that Facebook had been analysing and publishing the behaviour of users without their consent.
  • Users had their purchases on sites like Blockbuster and Zappos published to their news feed, in one instance ruining a plaintiff's Christmas present for his wife.
  • The suit highlighted Facebook as approaching violations of anti-hacking law and wiretap law a decade before the Cambridge Analytica scandal.

Screen-Shot-2019-03-13-at-10.21.51

4 February 2004

Facebook is founded

  • The details of Facebook's inception have long been disputed, not least because of the lawsuit filed by twins Tyler and Cameron Winklevoss, claiming that Mark Zuckerberg stole their idea for a social network.
  • A follow up to this lawsuit implicated evidence that Zuckerberg had hacked into two users' private email addresses at the time.
  • Though the success of Facebook was clearly not affected by the lawsuit, these early days of the platform associated it with questions of privacy from the beginning.

Photo by Thought Catalogue on Unsplash