Skip to Main Content
PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.

Facebook: Groups API Shared Data Even After Access Was Restricted

Despite Facebook making changes to the Groups API in 2018, some developers still had access to member names and profile pictures and up to 100 may have retained such data.

November 6, 2019
Facebook Groups Discover Feature

Facebook has admitted that some developers have retained personal information collected by its Groups API, even after changes the social network implemented in 2018 to limit the data access external companies had with Facebook groups.

Prior to April 2018, app developers had access to the names of the members in a Facebook group, their profile pictures, as well as the group name, the number of users, and the content that was posted in the group - as long as permission was authorized by an administrator of the group. After that date, developers could only see the group name, content, and the number of members; if they wanted the other information, individuals would have to opt-in.

However, in a blog post, the social media giant has said that some developers enjoyed continued access to the profile pictures and names of members after the change to the Groups API. Further, up to 100 partners may have retained such data, and in the last 60 days 11 partners accessed group information. These apps, according to Facebook, were mostly social media management and video streaming apps: "If a business managed a large community consisting of many members across multiple groups, they could use a social media management app to provide customer service, including customized responses."

Facebook says that it has seen no evidence of abuse and will be asking app developers to delete any member data they have retained, as well as conducting audits to ensure that the data has been properly deleted.

In a statement, Facebook said that it aims to "to maintain a high standard of security on our platform and to treat our developers fairly. As we've said in the past, the new framework under our agreement with the FTC means more accountability and transparency into how we build and maintain products."

"As we continue to work through this process we expect to find more examples of where we can improve, either through our products or changing how data is accessed. We are committed to this work and supporting the people on our platform."

This is not the first time Facebook has had to investigate developer access to personal information. After the infamous Cambridge Analytica scandal the social media company had to suspend tens of thousands of apps while auditing whether developers had improper access to user data.

Facebook reveals privacy breach discreetly
PCMag Logo Facebook reveals privacy breach discreetly

Get Our Best Stories!

Sign up for What's New Now to get our top stories delivered to your inbox every morning.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.


Thanks for signing up!

Your subscription has been confirmed. Keep an eye on your inbox!

Sign up for other newsletters

TRENDING

About Adam Smith

Adam Smith is the Contributing Editor for PCMag UK, and has written about technology for a number of publications including What Hi-Fi?, Stuff, WhatCulture, and MacFormat, reviewing smartphones, speakers, projectors, and all manner of weird tech. Always online, occasionally cromulent, you can follow him on Twitter @adamndsmith.

Read Adam's full bio

Read the latest from Adam Smith