The ongoing breaches and other criticisms of Facebook are also prompting some high-profile users to bow out. Facebook has admitted it “unintentionally” uploaded the email contacts of 1.5 million users without their consent.
Facebook asked new users to supply the password for their email account, and took a copy of their contacts. The social media giant said it had now changed the way it handled new users to stop contacts being uploaded.
Contacts were taken without consent as far back as May 2016. Before this date, new users were asked if they wanted to verify their identity via their email account. They were also asked if they wanted to upload their address book voluntarily.
Facebook confirmed that this option and the text specifying that contacts were being grabbed were changed in May 2016 but the code that scraped contacts was left intact.
Anyone who, like me, joined Facebook a decade or more ago, probably clicked “yes” when invited to upload all of their contacts.
The email contacts case is the latest in a long series in which Facebook has mishandled the data of some of its billions of users.In late March, Facebook found that the passwords of about 600 million users were stored internally in plain text for months.
Ireland’s Data Protection Commissioner, which oversees Facebook in Europe, is engaged with the firm to understand what happened and its consequences.
Meanwhile, a company spokesperson said the contacts were not shared with anyone and Facebook is deleting them.