Group App Data Access Continues

Forum Moderators: not2easy

Message Too Old, No Replies

Group App Data Access Continues

not2easy

5:15 am on Nov 6, 2019 (gmt 0)

Back in September Facebook Announced an expansion in their cleanup [webmasterworld.com] of privacy issues in apps where access to personal data would become limited to new user-approved levels. Facebook placed new restrictions on developers, who would have to obtain group members’ permission before collecting information such as their name and profile photo.

Today Facebook announced [developers.facebook.com] that some apps in use before April 2018 were missed in that cleanup and there have been additional cases of group data exposure:

On Tuesday, Facebook announced it had “found that some apps retained access to group member information, like names and profile pictures in connection with group activity, from the Groups API, for longer than we intended.”

engine

3:59 pm on Nov 6, 2019 (gmt 0)

Facebook has said it discovered roughly 100 "partners" still had access to the Groups API, subsequent to restrictions it tightened up on in April 2018. [newsroom.fb.com]

Those "partner's" access to Groups API has now been removed.

Today we are also reaching out to roughly 100 partners who may have accessed this information since we announced restrictions to the Groups API, although it's likely that the number that actually did is smaller and decreased over time. We know at least 11 partners accessed group members’ information in the last 60 days. Although we’ve seen no evidence of abuse, we will ask them to delete any member data they may have retained and we will conduct audits to confirm that it has been deleted.

[developers.facebook.com...]

[edited by: not2easy at 4:39 pm (utc) on Nov 6, 2019]
[edit reason] splice cleanup [/edit]