Facebook says it has suspended “tens of thousands of apps” in its ongoing review of partners that have had deep access to personal data on the service—a far larger pool of potential bad actors than previously known.
On Friday, Facebook announced an update to its app review investigation, which it opened in 2018 in the wake of Cambridge Analytica, the third-party data provider that abused data on up to 87 million users of the social network. The company said that it flagged 400 developers that supported “tens of thousands” of apps. “This is not necessarily an indication that these apps were posing a threat to people,” says Ime Archibong, VP of product partnerships at Facebook, in a blog post on Friday. “Many were not live but were still in their testing phase when we suspended them. It is not unusual for developers to have multiple test apps that never get rolled out.”
Facebook has been looking for any developers that might have engaged in activity similar to Cambridge Analytica. For years, developers, marketers and other partners have been able to tap into Facebook through its application programming interface—API. Developers create apps that provide services for the users of the platforms, but that also means the developers need access to people’s data.
Last summer, Facebook revealed that it identified 400 apps for potential data violations. Facebook declined to comment further for this story. It did not name any of the developers beyond a handful that it had already revealed in past disclosures.
Since Cambridge Analytica, Facebook has reduced access to API, limiting the amount of data it shares with marketing partners. Also, it now allows partners to access user data only if they provide a useful service. For instance, personality quizzes have been banned, because developers behind those seemingly frivolous apps could use them as a backdoor to get permission from users to see more data than necessary. (Cambridge Analytica harvested data through personality quizzes.)
Facebook recently agreed to a $5 billion settlement with the Federal Trade Commission over its data-sharing practices. But it is still the subject of ongoing inquiries from states and federal lawmakers.
CEO Mark Zuckerberg was on Capitol Hill just this week to meet with Congressional leaders to discuss anti-trust concerns. Prominent members of Congress, like Sens. Elizabeth Warren and Josh Hawley, have called for the break-up of Facebook, which would require it to sell Instagram and WhatsApp.
Also, the Massachusetts Attorney General’s Office is investigating Facebook’s data practices. On Friday, a Massachusetts court unsealed documents related to the case, The New York Times reported. The filings showed that 69,000 apps were suspended. Facebook suspended most of them because the developers did not cooperate with its data audits, and not because wrongdoing was necessarily uncovered. However, 10,000 apps were singled out for potentially misusing personal data, according to The Times.
Facebook did not name the apps involved.
Last month, Facebook broadened its data sweep to include hundreds of marketing partners. The company was responding to Business Insider reports that uncovered marketers scraping data from Instagram. Scraping is a method of harvesting data from public profiles on websites, and it often requires access to an API. At the time, Facebook said it was “developing more proactive data-scraping detection methods and conducting a review of our Facebook Marketing Partners.”