Facebook’s privacy situation just keeps getting worse.
The firm discovered — and made public a bug that had affected its app between September 13 and September 25. This bug would allow apps which were granted access to Facebook photos even deeper access than normal. They would see photos that users had uploaded, but for one reason or the other had stopped just short of posting.
Facebook’s Tomer Bar explains:
When someone gives permission for an app to access their photos on Facebook, we usually only grant the app access to photos people share on their timeline. In this case, the bug potentially gave developers access to other photos, such as those shared on Marketplace or Facebook Stories. The bug also impacted photos that people uploaded to Facebook but chose not to post. For example, if someone uploads a photo to Facebook but doesn’t finish posting it – maybe because they’ve lost reception or walked into a meeting – we store a copy of that photo for three days so the person has it when they come back to the app to complete their post.
This violation doesn’t fall afoul of the European GDPR regulations,
Facebook has come under fire for so many privacy violations including its Android SMS and contacts scandal that was covered five thousand years ago in March. As more scandals like this come out, it becomes more likely the firm will be unable to shake its tainted reputation and/or regain consumer trust.