×
You will be redirected back to your article in seconds

Netflix Says It Never Accessed Facebook Users’ Private Messages

Netflix had technical access to read — and even delete — personal messages of Facebook users who opted in to its now-defunct social-sharing integration with Facebook. But Netflix says it never exploited that ability.

According to a New York Times report based on internal Facebook documents, the social giant granted more than 150 partners special access to data on millions of users, with privileges beyond what Facebook has previously disclosed. That included giving three companies — Netflix, Spotify and the Royal Bank of Canada — the ability to read, write and delete users’ messages and view all participants on a message thread, per the report.

Facebook said that by necessity, it had enabled read/write/delete access for those partners to Messenger accounts of users who had opted-in to the features in order to make those integrations possible. Facebook also said that those features have been discontinued.

In 2014 Netflix introduced a feature that let members recommend TV shows and movies to their Facebook friends via Facebook Messenger or Netflix. According to Netflix, it had access to the friends’ lists of members who chose to use the feature, but it never accessed (or requested access to) anyone’s actual messages.

“At no time did we access people’s private messages on Facebook, or ask for the ability to do so,” a Netflix spokesman said in a statement. “Over the years we have tried various ways to make Netflix more social. [The Facebook integration] was never that popular so we shut the feature down in 2015.”

Spotify claimed it was unaware that it had the ability to access Facebook messages; RBC denied it had any access to private Facebook messages.

Facebook asserted that none of the partnerships or features that were detailed in the Times report gave companies access to information without users’ permission. “Our integration partners had to get authorization from people. You would have had to sign in with your Facebook account to use the integration offered by Apple, Amazon or another integration partner,” Konstantinos Papamiltiadis, Facebook’s director of developer platforms and programs, wrote in a blog post Wednesday in response to the NYT report.

Regarding access to its messaging functions, Facebook said users had to explicitly sign in to Facebook to use a partner’s messaging feature. That let them send and receive messages without leaving the partner’s app. “Our API provided partners with access to the person’s messages in order to power this type of feature,” Papamiltiadis wrote.

Facebook has “no evidence that data was used or misused,” Papamiltiadis wrote, but he acknowledged the company left access to APIs in place even after it ended some of its integration partnerships. Those included agreements with Yahoo, the New York Times and Yandex, a Russian search engine, according to the Times report. Facebook has needed “tighter management over how partners and developers can access information using our APIs,” the exec wrote. “We’re already in the process of reviewing all our APIs and the partners who can access them.”

The exceptional level of access Facebook granted certain business partners — even if those partners didn’t actually abuse those privileges in a way that violated users’ privacy — led critics to suggest that the deals ran afoul of Facebook’s FTC agreement approved in 2012. Under the settlement, Facebook is required to give consumers “clear and prominent notice” and must obtain “their express consent before sharing their information beyond their privacy settings.”

Facebook insisted the partnerships in question did not violate the FTC settlement, claiming partner companies like Netflix and Spotify were “service providers” that used data only for the purposes of providing feature extensions to Facebook.

Critics charged that the latest revelations about Facebook’s business practices with respect to user data demonstrate that it operates in a monopoly-like fashion and can’t be trusted to safeguard consumer information.

“We have to seriously challenge the claim by Facebook that they are not selling user data,” British lawmaker Damian Collins, chairman of the U.K. Parliament’s Digital, Culture, Media and Sport Committee, said in a statement Wednesday. “They may not be letting people take it away by the bucket load, but they do reward companies with access to data that others are denied, if they place a high value on the business they do together. This is just another form of selling.”

According to Facebook, in 2014 it shut down its “instant personalization” features, which had powered search results in Microsoft’s Bing and elsewhere based on info that Facebook users’ friends had shared. Over the last few months, Facebook said, it has terminated almost all of its remaining data-integration partnerships, with a few exceptions: It maintains agreements with Amazon and Apple, “which people continue to find useful and which are covered by active contracts,” Papamiltiadis wrote, as well as Swedish firm Tobii, which sells a product that lets people with ALS access Facebook, and with Alibaba, Mozilla and Opera for browser notifications.

Scrutiny over Facebook’s data-management practices kicked into high gear after the news earlier this year that info on up to 87 million Facebook users was misappropriated by Cambridge Analytica, a data consultancy that was used by Donald Trump’s 2016 election campaign. The Cambridge Analytica scandal, along with evidence of Russian misuse of Facebook’s platform to attempt to influence the 2016 election, led to CEO Mark Zuckerberg’s testifying before congressional committees.

In early December, Collins’ U.K. parliamentary committee released a 250-page report, which included numerous internal company emails, detailing how Facebook granted favored partners including Netflix “whitelist” access to user info while it blocked rivals from accessing its data. Facebook said the documents, obtained through an app developer’s 2015 lawsuit against the company, were “cherry-picked” and lacked context.

And Facebook has disclosed several security breaches and vulnerabilities that exposed user data in recent months. In September, Facebook announced the biggest hack in its history after it discovered a security hole had compromised up to 50 million user accounts. The company later said hackers had successfully accessed data from 29 million Facebook members.

More Digital

  • BURBANK, CALIFORNIA - JANUARY 18: (EDITORIAL

    Dax Shepard, Bobby Bones, 'Breakfast Club' Among iHeartRadio Podcast Awards Winners

    iHeartRadio launched its first ever Podcast Awards on Friday (January 18) in Los Angeles. Among the winners in 22 categories were “Whine Down with Jana Kramer” (Best Entertainment TV Podcast); “Armchair Expert with Dax Shepard (Breakout Podcast); “Bobbycast” (Music Podcast); and “The Breakfast Club” (Best Multicultural Podcast). The winners were determined by iHeartRadio listeners. Taking the top prize of Podcast [...]

  • Velvet Buzzsaw trailer

    Netflix Original Movies: What to Look Forward To in 2019

    Following the biggest fourth-quarter worldwide subscriber gain ever and some controversy around increased prices in the U.S., Netflix looks to keep its momentum going into 2019. From Jan. 18 through March, the streaming site will release 10 original films, including action-packed thrillers, a post-apocalyptic sci-fi, quirky comedies, inspirational dramas, an artistic horror movie and a viral [...]

  • The Beatles Eight Days a Week

    Imagine's Documentary Arm Sets First-Look Pact With Apple (EXCLUSIVE)

    Brian Grazer and Ron Howard’s Imagine Documentaries has set a first-look pact with Apple to develop non-fiction features and series. The deal comes as Imagine is investing heavily in the premium non-fiction arena. The company in June recruited RadicalMedia veteran Justin Wilkes to head Imagine Documentaries as president. The deal suggests that Apple sees docu [...]

  • Walt Disney HQ LA

    Disney Unveils Financial Data for DTC Unit, Sets April 11 for Investor Presentation

    Disney has rejiggered its business segments for earnings reporting to make room for the new unit housing its global streaming operations. Disney on Friday released restated earnings for fiscal 2018, 2017 and 2016 to give investors and financial analysts better visibility into its spending on the launch of the Disney Plus, ESPN Plus and other [...]

  • Facebook Logo

    Release of Docs to Reveal How Facebook Made Money Off Children

    Documents related to a 2012 lawsuit against Facebook in which children, sometimes unwittingly, spent their parents’ money on games via the social site will be unsealed, according to a Monday ruling from the United States District Court. The court gave Facebook ten days to file unredacted documents in accordance with the ruling. The 2012 lawsuit [...]

  • Facebook Logo

    Facebook Sets Up New Product Group for AR Glasses (Report)

    Facebook has restructured its augmented and virtual reality research division and set up a new group tasked with building augmented reality (AR) glasses, according to a new Business Insider report. Facebook acknowledged the move in a statement given to the publication, saying that the move affected “a few hundred people.” The group has already built [...]

More From Our Brands

Access exclusive content