Facebook reportedly allowed senior executives, including CEO Mark Zuckerberg, to delete messages from recipients’ inboxes and chat threads, but it never disclosed the practice or offered the same capabilities to users.
Facebook secretly used technology to delete archived messages sent from Zuckerberg’s social media account, TechCrunch reported last week. Facebook told TechCrunch that it began using the tool after the 2014 hack of Sony Pictures as a means of protecting executive communications.
In conversations Zuckerberg had with internal employees, as well as chats with people outside the company, there are deleted passages that make it appear that the recipients were talking to themselves, TechCrunch reported, citing three anonymous sources.
In a subsequent update, TechCrunch said that Facebook disclosed plans to make the feature available to all users and said it had deactivated it for Zuckerberg and other execs until then.
The disclosures came amid a rising scandal at Facebook following the news that millions of private records belonging to users were accessed by British political data firm Cambridge Analytica, via a personality quiz that attracted the participation of thousands.
Facebook had allowed the firm to access the data, which it then used for the 2016 Trump campaign, according to whistleblower Christopher Wylie, who previously worked at Cambridge Analytica. Facebook failed to disclose its practices to investors or social media users.
Zuckerberg is scheduled to testify next week in separate House and Senate hearings amid a firestorm over the allegations. Facebook since has announced several steps to tighten up access to user data, including blocking the use of data brokers, allowing users to change their own privacy settings, and announcing a plan to make political issue ads more transparent.
Revelations of more data breaches are possible, Facebook COO Sheryl Sandberg said in a Today show interview that aired Friday.
Top executives could be held accountable for the Cambridge Analytica fiasco, she also remarked.
The disclosure about the secret deletion technology came as several major privacy watchdogs filed requests urging the Federal Trade Commission to investigate Facebook’s use of facial recognition technology to identify photographic images on the site.
That practice violates a 2011 consent order Facebook reached with the FTC, the groups alleged.
“We want Facebook to suspend the service pending resolution of the FTC investigation,” Marc Rotenberg, executive director of the Electronic Privacy Information Center, told the E-Commerce Times.
The FTC did receive the request from EPIC and the other groups, FTC spokesperson Juliana Gruenwald Henderson confirmed, but the commission had no comment on the issue.
The UK Information Commissioner’s Office has begun investigating 30 organizations, including Facebook, as part of a probe into how data was shared between Facebook and Cambridge Analytica, Commissioner Elizabeth Denham said last week.
The office also was looking into how social media platforms were being used in political campaigns, she added.
Cambridge Analytica, a political data analysis firm, has worked on campaigns across the globe in recent years.
However, the ICO would not engage in “providing a running commentary” on the Cambridge Analytica and Facebook investigation, spokesperson Steve Doohan said, particularly with regard to issues that might be outside its legal and geographic jurisdiction.
The latest disclosures definitely will hurt user engagement at Facebook, which already has undergone a year-over-year decline, said Michael Bertini, senior manager of search strategy at iQuanti.
“This whole scandal further proves that we can’t trust social media platforms with our personal data and our conversations, hoping that no one else will see them,” he told the E-Commerce Times.
If Facebook has this level of access to our personal data, there are likely holes that will allow cyberattackers to access that information as well, Bertini added.
Facebook has numerous potential products that leverage their core competencies, noted Wayne Kurtzman, research director for social and experiential solutions at IDC.
“They are being built and tested behind closed doors,” he told the E-Commerce Times. “Understandably, the public is viewing every program — or rumor of a program — with a negative lens.”
Facebook “needs to take a long trek to regain trust,” suggested Kurtzman, by demonstrating privacy and security in a way that a novice can understand. The company also should “get out of the news cycle” and find a way to prove rumors wrong — regardless of the platform on which they are started.