Leaked Facebook Email Details Evasive Strategy To Downplay User Data Scraping Fiasco
Earlier this month, Facebook worked to downplay a data scraping operation that impacted nearly 533 million users on its social media platform. At that time, we viewed it as Facebook's attempt to simultaneously be evasive and attempt to save face. It seems this is legitimately Facebook's modus operandi; however, after an internal email explaining Facebook's long-term strategy involving the incident was accidentally leaked to a journalist.
Dating back to 2019, users' information, including names, birth date, gender, location, phone number, and email addresses, were available to be scraped off Facebook using a tool created by the social media company. While not all these pieces of data were in every user record collected, it still proved to be a problematic privacy concern. The leak even managed to snare Facebook founders Mark Zuckerberg, Chris Hughes, and Dustin Moskovitz. How is that for irony?
After the reports of this leak came out, Facebook made quick moves to downplay and normalize what had happened. At first, some Facebook employees took to Twitter and likely other social media platforms in an attempt to put out the fires. Following that, the company made a blog post explaining what happened and why it was not a big deal, but that was quickly dismissed as utilizing similar tactics to the tweets. At this point, perhaps Facebook should have owned up to the mistake rather than explaining that the data was already "public."
Instead, the company seemingly went quiet with the hope that this would blow over. Up until now, it largely had blown over until a new internal email from Facebook was leaked. Journalist Pieterjan Van Leemputten of DataNews was accidentally included on the communications strategy email discussing the data scraping incident with some interesting information. The email explained that Facebook is expecting more data scraping incidents and believes "it's important to both frame this as a broad industry issue and normalize the fact that this activity happens regularly."
In efforts to do this, Facebook may make follow-up posts in the coming week that "talks more broadly about [Facebook's] anti-scraping work" to provide more transparency. While this latter part is not necessarily bad, attempting to normalize an issue that can severely affect people is not the way to go.
With this new information in mind, Facebook still needs to step up to the plate to tackle data scraping head-on. Furthermore, an explanation of what was learned, so others do not make the same mistakes, would go quite a long way. Moreover, spearheading data privacy legislation could be good, but Facebook would not want that because, at the end of the day, your data is its data.