Facebook Admits To Allowing Netflix And Spotify Access To Private Messages

Here we go again.


Facebook has found itself at the centre of another personal data controversy after admitting it allowed external companies access to millions of private messages.

Spotify and Netflix were two of the highest profile names included in the companies that Facebook shared private messages with.

The bombshell follows a New York Times report on how Facebook shares user data with partners, the company admitted it had given third-party companies extensive access to messages.

Facebook insisted access had been given so people could log into services like Spotify with their Facebook account and send messages through the app.


In a blog post, the company wrote:

“Did partners get access to messages? Yes. But people had to explicitly sign in to Facebook first to use a partner’s messaging feature. Take Spotify for example. After signing in to your Facebook account in Spotify’s desktop app, you could then send and receive messages without ever leaving the app. Our API provided partners with access to the person’s messages in order to power this type of feature.”

“To put it simply, this work was about helping people do two things. First, people could access their Facebook accounts or specific Facebook features on devices and platforms built by other companies like Apple, Amazon, Blackberry and Yahoo. These are known as integration partners. Second, people could have more social experiences – like seeing recommendations from their Facebook friends – on other popular apps and websites, like Netflix, The New York Times, Pandora and Spotify.

To be clear: none of these partnerships or features gave companies access to information without people’s permission, nor did they violate our 2012 settlement with the FTC.

How did people use these features?
People used these features in many different ways, including through:

  • Apps that allowed people to access their Facebook account on their Windows Phone device
  • Notifications about their activity on Facebook that they could turn on while they were using Safari or other browsers
  • “Social hubs” that consolidated their feeds across Facebook, Twitter, and other services
  • Messaging integrations that allowed people to recommend things like songs from Spotify to friends
  • Search results in Bing and elsewhere based on public information their friends shared
  • Tools that helped them find friends on Facebook by uploading their contacts from email providers like Yahoo

We’ve been public about these features and partnerships over the years because we wanted people to actually use them – and many people did. They were discussed, reviewed, and scrutinized by a wide variety of journalists and privacy advocates.”

According to internal Facebook documents seen by the Times, Spotify could see the messages of more than 70 million Facebook users a month. The Times reported that Spotify, Netflix, and the Royal Bank of Canada could read, write, and even delete people’s messages.

Send this to a friend