A new book reveals secrets from inside Facebook: 52 developers have abused their position and privileges and thus accessed sensitive data from women.
The authors Cecilia Kang and Sheera Frenkel report in their book “An Ugly Truth: Inside Facebook’s Battle for Domination” massive grievances in the development team of the social media platform Facebook. In the period from January 2014 to August 2015, 52 Facebook employees are said to have violated internal rules in order to gain unauthorized access to data.
Among the violations were several men who looked at the profile details of their dates. “Facebook’s internal systems offer a wealth of information, including private chats on Facebook Messenger, events attended, likes given or posts that have been clicked on and photos – including those that have been deleted,” the authors write in an article Telegraph.co.uk.
Woman found in hotel
A programmer who was chasing his date saw in the system the categories into which Facebook had classified the woman for advertisers: According to Facebook, she was in her thirties, led an active life and was politically left. A whole spectrum of interests was also covered – her love for dogs and her time in Southeast Asia. In addition, the man saw their location in real-time via the Facebook app installed on the cell phone. “What he saw was more information than he could have found out over the course of a dozen dates,” write the authors.
Another developer went a step further, the book says. He was abusing his privileges to confront a woman. The man had gone on vacation to Europe with the woman. There they fell out and she moved out of the hotel they shared. The man then used his access to the internal data to find out their location and to track them down in the new hotel, it is said.
“Zero tolerance for abuse”
According to the two authors, 52 developers were terminated because they had abused their access. All of them had used work laptops to access the data. While the developers were warned when they started their jobs that they were not allowed to use the access for personal purposes, according to Telegraph.co.uk there were no corresponding security measures at the time.
“We always had zero tolerance for abuse and dismissed every single employee who found unauthorized access to data,” explains a Facebook spokesman for Nypost.com. In addition, employee training has been introduced since 2015 and protocols for detecting and preventing abuse have been improved. “We are also further reducing the need for developers to access certain types of data while they are working on the platform,” it says.