In response to an incident involving third-party app developers and Cambridge Analytica getting millions of users data without their consent, Facebook launched an investigation into these app’s security breaches starting in March 2018.
“We initially identified apps for investigation based on how many users they had and how much data they could access,” wrote Ime Archibong, vice president of product partnerships at Facebook. “Now, we also identify apps based on signals associated with an app’s potential to abuse our policies. Where we have concerns, we conduct a more intensive examination. This includes a background investigation of the developer and a technical analysis of the app’s activity on the platform. Depending on the results, a range of actions could be taken from requiring developers to submit to in-depth questioning, to conducting inspections or banning an app from the platform.”
Facebook states that the investigation is far from over, but the current investigation has led to the investigation of third-party apps. Additionally, Archibong wrote that thousands of apps have been suspended for a variety of reasons while Facebook continues its investigation.
“It is important to understand that the apps that have been suspended are associated with about 400 developers,” Archibong wrote. “This is not necessarily an indication that these apps were posing a threat to people. Many were not live but were still in their testing phase when we suspended them. It is not unusual for developers to have multiple test apps that never get rolled out. And in many cases, the developers did not respond to our request for information so we suspended them, honoring our commitment to take action.”
Additionally, Facebook stated that it banned certain apps completely for reasons including “inappropriately sharing data, making data publicly available without protecting people’s identity, or something else that was in clear violation of Facebook’s policies.”
“We have not confirmed other instances of misuse to date other than those we have already notified the public about, but our investigation is not yet complete,” Archibong wrote. “We have been in touch with regulators and policymakers on these issues. We’ll continue working with them as our investigation continues. One app we banned was called myPersonality, which shared information with researchers and companies with only limited protections in place, and then refused our request to participate in an audit.”
Facebook filed lawsuits against a few companies that were in violation of their policies or failed to cooperate with the investigation.
“We detected the fraud, stopped the abuse and refunded advertisers,” Archibong wrote. “In another case, we sued two Ukrainian men, Gleb Sluchevsky and Andrey Gorbachov, for using quiz apps to scrape users’ data off our platform.”
Facebook states it continues to investigate and make improvements as it develops new policies going forward to protect its users.