Send to All: Facebook has Harvested the Email Contacts of 1.5 Million Users

May 15, 2019


Facebook data harvest icon

2 min read

Sign up to our mailing list! 👇

What's going on here?

Facebook claims that it “unintentionally” copied the email contacts of 1.5 million users without their consent.

What does this mean?

Facebook asked new users to verify their identity by providing the password for their email accounts. Using a new system, contacts from those accounts were then copied (without consent) in an attempt to help users find new friends. Facebook has apologised and said that all contacts taken without consent would be deleted and all users affected would be notified. However, this non-consensual data harvesting process actually started in May 2016. The data harvesting was initially noticed by users on twitter who pointed out that asking Facebook users for email passwords was a questionable security tactic. Whilst 1.5 million people’s contacts were harvested using the new email system, the number of people’s contact details that were illegally taken since 2016 could be as many as 100 million.

What's the big picture effect?

In today’s world, protecting privacy online is more important than ever as the popularity of social media continues to skyrocket. With billions of active users on Facebook, ensuring it remains secure for users is an issue of paramount importance. The next step will be for Ireland’s Data Protection Commissioner (which oversees Facebook in Europe) to look into what has happened and what the consequences will be for Facebook. The nature of this data breach is yet another worrying scandal – for journalists and whistleblowers, it puts at risk their emails with contacts and regulators. The breach is a devastating blow to users’ trust in Facebook and to its recently declining reputation.

That decline in reputation is a result of numerous other privacy scandals that Facebook has been involved in. In March, Facebook discovered that it had stored 600 million users’ passwords in plain text. In early 2018 the Cambridge Analytica scandal was yet another example of how tens of millions of users’ data could be harvested illegally (to read our report on that, click here). Yet Facebook’s share price remained unaffected during the scandal, despite the Democrat Representative Alexandria Ocasio-Cortez quitting the social network in protest. It is becoming clear that Facebook is surprisingly negligent about how it harvests and stores data.

The key issue is now about how users will react, but the question has to be asked as what they can actually do? Although Facebook allows users to change their privacy settings, the slew of recent scandals involving data harvesting calls into question the efficacy of those settings. It seems the only real choice users have is to stop using the popular platform to take back control of their privacy or continue to use the service and leave their information in the hands of the social media giant. This imbalance will hopefully be addressed following further investigation and stern consequences for breaches of privacy.

Report written by Will H

If you’d like to write for LittleLaw, click here!

Share this now!