Facebook has been giving some of the world's largest technology companies - more than 150 of them, far more intrusive access to users' personal data than it has ever disclosed according to an investigation by the New York Times. The Times interviewed over 60 people including current and former employees of Facebook and its partners, former government officials and privacy advocates - and reviewed over 270 pages of Facebook's internal documents while performing technical tests and analysis to monitor what data Facebook has been handing out like candy.

The records, generated in 2017 by the company’s internal system for tracking partnerships, provide the most complete picture yet of the social network’s data-sharing practices. They also underscore how personal data has become the most prized commodity of the digital age, traded on a vast scale by some of the most powerful companies in Silicon Valley and beyond. -NYT
The discovery goes far beyond the Cambridge Analytica data harvesting scandal in which basic data was collected on up to 87 million users through a lifestyle survey app. Thanks to the United States having no general consumer privacy law, up to 400 million people's private information was freely shared with the likes of Google, Microsoft, Netflix, Spotify and other partners - and they didn't sell it; Facebook gave everyone's information away for free throughout the tech community in order to foster industry relationships and advance their own interests.
The exchange was intended to benefit everyone. Pushing for explosive growth, Facebook got more users, lifting its advertising revenue. Partner companies acquired features to make their products more attractive. Facebook users connected with friends across different devices and websites. But Facebook also assumed extraordinary power over the personal information of its 2.2 billion users — control it has wielded with little transparency or outside oversight. -NYT
The company allowed Microsoft's Bing search engine to see the names of virtually all Facebook users' friends without their consent.
Netflix and Spotify were given the ability to read and delete Facebook users' private messages.
Facebook also allowed Spotify, Netflix and the Royal Bank of Canada to read, write and delete users’ private messages, and to see all participants on a thread — privileges that appeared to go beyond what the companies needed to integrate Facebook into their systems, the records show. -NYT
Both Netflix and Spotify claim they had no idea they had such broad capabilities, while a Royal Bank of Canada spokesman denied that the bank had any such access.
Amazon was granted access to users' names and contact information through their friends, while Yahoo! was able to view streams of friends' posts as recently as this summer despite Facebook promising that it had stopped this type of sharing years earlier.
What's more? China's Huawei and Russian search giant Yandex - accused last year by Ukraine of funneling user data to the Kremlin - had access to Facebook's unique user IDs.
Facebook records show Yandex had access in 2017 to Facebook’s unique user IDs even after the social network stopped sharing them with other applications, citing privacy risks. A spokeswoman for Yandex, which was accused last year by Ukraine’s security service of funneling its user data to the Kremlin, said the company was unaware of the access and did not know why Facebook had allowed it to continue. She added that the Ukrainian allegations “have no merit.” -NYT
The list of companies with which Facebook shared your private information includes China's Huawei and Russia's Yandex -- which is to say, companies regarded as partners of Chinese and Russian intelligence.https://t.co/PbFP9D4vTj
— Binyamin Appelbaum (@BCAppelbaum) December 19, 2018
In April, reeling from the Cambridge Analytica scandal, Facebook CEO Mark Zuckerberg promised lawmakers that people "have complete control" over their information on Facebook. Except it looks like certain "partners" were able to access user data anyway.
In all, the deals described in the documents benefited more than 150 companies — most of them tech businesses, including online retailers and entertainment sites, but also automakers and media organizations. Their applications sought the data of hundreds of millions of people a month, the records show. The deals, the oldest of which date to 2010, were all active in 2017. Some were still in effect this year. -NYT
Facebook was able to circumvent a 2011 consent agreement with the Federal Trade Commission (FTC) which barred the company from sharing user data without explicit permission, because Facebook considered the partners extensions of itself - "service providers that allowed users to interact with their Facebook friends." This allowed the company to grant such unprecedented access to everyone's information. The partners were reportedly prohibited from using the personal information from purposes outside the scope of their agreement, however there has been little to no oversight.
According to Facebook, most of its data partnerships fall under an exemption to the F.T.C. agreement. The company argues that the partner companies are service providers — companies that use the data only “for and at the direction of” Facebook and function as an extension of the social network.
...
Pam Dixon, executive director of the World Privacy Forum, a nonprofit privacy research group, said that Facebook would have little power over what happens to users’ information after sharing it broadly. “It travels,” Ms. Dixon said. “It could be customized. It could be fed into an algorithm and decisions could be made about you based on that data.” -NYT
"This is just giving third parties permission to harvest data without you being informed of it or giving consent to it," said former FTC consumer protection bureau chief David Vladeck. "I don’t understand how this unconsented-to data harvesting can at all be justified under the consent decree."
“I don’t believe it is legitimate to enter into data-sharing partnerships where there is not prior informed consent from the user,” said Roger McNamee, an early investor in Facebook. “No one should trust Facebook until they change their business model.” -NYT
Facebook began forming data partnerships as a relatively young company, as Zuckerberg and crew sought to deeply integrate the social media network into other sites and platforms in order to stay relevant and stoke growth. Each corporate partner that used Facebook data helped drive the company's expansion by onboarding new users, which drove up advertising revenue. At the same time, Facebook was collecting data from its partners on users as well.
According to two mid-level employees, Facebook had entered into so many partnerships by 2013 that it could hardly keep track of them. In order to manage the agreements, a tool was built which turned the special data access on and off, while also keeping records on what were internally referred to as "capabilities," or the level of special privileges which allowed companies to obtain data.

More at: https://www.zerohedge.com/news/2018-...d-read-private