Facebook on Thursday confirmed that advertisers were privy to phone numbers given by members of the social network for enhanced security.
A group of educational researchers from Northeastern University and Princeton University, along with Gizmodo reporters, have used real-world tests to demonstrate how Facebook’s latest deceptive follow works. They found that Facebook harvests user phone numbers for targeted advertising in two disturbing ways: two-factor authentication (2FA) phone numbers, and “shadow” contact data.
Two-factor authentication is intended to enhance security by requiring a second step, like getting into codes sent via text messages, as well as passwords to get into accounts. Phone numbers added to profiles, for security functions, or for electronic messaging were potential fodder for advertisers, according to the study.
In other words, Facebook is engaged in a bait-and-switch. It’s taking info that users provide it for the purpose of serving to build their accounts more secure and using it to violate their privacy — without being entirely clear to users what it’s doing.
A group of professors from Northeastern University said that users may naturally provide this data with only security purposes in mind; if used for advertising, this may significantly violate a user’s privacy expectations.
The study supported concerns that Facebook uses “shadow” sources of data not given to the social network for the purpose of sharing to make money on advertising.
Facebook has a poor privacy report
It means that even if users are trying to protect their private information from the company or advertisers, that information can be exposed without their say or knowledge. That’s great for Facebook and its advertisers, but bad for users’ privacy.
But these latest revelations indicate that these efforts are largely just that — a show. Facebook is what it’s always been, a data harvesting, ad targeting machine. And its post-Cambridge Analytica privacy epiphany hasn’t changed that.