Facebook Gave Your Messages to Netflix
Your private messages on Facebook weren’t private. The New York Times got hold of documents showing that Facebook had handed other companies the keys—Netflix, Spotify, banks, Microsoft, Sony, Amazon, Apple, Pandora. Official partnerships, open APIs, workarounds. The door was open. Whether or not these companies actually read what you wrote probably depends who you ask.
The mechanism was simple. You’d connect Netflix to your Facebook account and approve the permissions. Grant access to Spotify. Link your bank. And every time you did, you were opening a window. The apps could see your messages, your friends’ contact information, sometimes your financial situation. Netflix had a line to what you watched. Spotify could track your listening habits. Banks could check your account balance. All the data that Facebook had, and had no particular reason to protect from third parties.
Everyone involved denies the really bad part—that they actually read your private messages. They say the access was more technical than that, that they didn’t exploit it, that it was all legitimate partnerships. Maybe that’s true. Maybe they just had the ability and chose not to use it. The distinction feels thin.
The New York Times broke the story by publishing the secret documents. Which would have been a good clean journalism moment if the Times’ own app hadn’t been doing the exact same thing. Their older version had been harvesting Facebook user data the whole time. So while they were reporting on Facebook’s data practices, they were also part of the problem. They’ve removed the feature. Facebook says they’ve wound down most of these deals. Everyone apologizes and promises to do better. It’s the same cycle every time.
A lot of people left Facebook years ago over this kind of thing. A lot of people are still there. You’re either the type who deletes it or the type who stays because that’s where everyone else is, and there’s no real middle ground. If you use Instagram or WhatsApp, you’re on Facebook’s system anyway. The company’s had plenty of chances to prove it cares about your data. It hasn’t.