It seems like Facebook has been battling crisis after crisis over the numerous privacy issues it has had to deal with in the last year. But the company has never been too good at privacy — after all, when we share more, the company is able to make more money — and it all started back in 2006, just when the company was getting its footing.
That was the year Facebook introduced the News Feed, a centralized homepage to show a everything a user’s network is posting. Then it introduced Beacon, which was a partnership between e-commerce websites like Blockbuster, eBay and others to broadcast what users were purchasing — with no clear or easy way to completely opt out of the service.
This all caused the FTC to become involved, launching a lawsuit that forced the company to not make “misrepresentations about the privacy or security of consumers' personal information” and “obtain consumers' affirmative express consent before enacting changes that override their privacy preferences.” Now because of the recent issues Facebook has faced, the company is being re-examined for breaking its promises.
While it’s clear that Facebook had a lot to deal with in 2018, the criticism and skepticism of the company’s ability to gain back its user’s trust will likely linger for years to come.
Here’s a look back at the events that have caused Facebook to get where it is today:
Cambridge Analytica data breach
The now-closed data analytics firm was found to have harvested millions of profiles on voters in the US — an estimated 87 million, according to Facebook. This information was used to build software that was able to influence people’s voting choices going into the federal election.
But what made the company more untrustworthy is that it was owned by Robert Mercer, a major supporter of Trump, and was headed by Trump’s key adviser Steve Bannon. In a report to The Guardian, Christopher Wylie — the man who worked with an academic from Cambridge University to get the data — told the following:
“We exploited Facebook to harvest millions of people’s profiles. And built models to exploit what we knew about them and target their inner demons. That was the basis the entire company was built on.”
We learned that Facebook had been collecting text and call records, without consent
It came to light that Facebook had been logging metadata from text messages and phone calls, without users actually agreeing to this. Twitter user Mat Johnson was one of the first to make this information public, but Facebook was quick to rebut this by claiming that “uploading this information has always been opt-in only.”
Zuckerberg testifies before Congress
The Facebook CEO spent two days on Capitol Hill testifying about the Cambridge Analytica scandal, but mostly delayed and deflected questions — a lot of the time answering questions by saying “my team will get back to you.”
Facebook was caught sharing data with Huawei, Oppo, Lenovo and TCL
The company revealed that it had made agreements dating back to 2010 with select Chinese companies, allowing them to collect data including addresses, likes and connections to help them develop Facebook apps for their respective devices. This news comes at a time when the US government is becoming more skeptical of Huawei for being “too close to the government.”
32 politically-driven accounts with possible ties to Russia are found
Facebook found a number of accounts and pages that were a part of a political influence campaign, with possible ties to the Russian Internet Research Agency. The social network discovered the pages engaged in “coordinated inauthentic behavior,” it revealed in a blog post, that included the creation and protest of an event in Washington, DC. Though the company later noted that the pages didn’t directly promote any candidates ahead of the 2018 elections, they did heavily post about sensitive social issues — which still could have helped push ahead one candidate over another.
A glitch accidentally makes 14 million private posts public
Facebook then stumbled upon a glitch in its “audience selector” tool that, instead of causing the setting to remain on the last selected option (“Public”, “Friends”, “Friends except…” or “Only me”), defaulted the option to have posts viewable by everybody. The issue impacted 14 million users between May 18-27.
In a statement to CNN, who first broke the news, Chief Privacy Officer Erin Egan explained the issue:
“We have fixed this issue and starting today we are letting everyone affected know and asking them to review any posts they made during that time. To be clear, this bug did not impact anything people had posted before -- and they could still choose their audience just as they always have.”
The company admits it’s been “too slow” to act
Both Facebook and Twitter (Google didn’t bother showing up) appeared before the US Senate in September to speak about disinformation, privacy and how both companies handle propaganda and fake news. Facebook COO Sheryl Sandberg admitted that Facebook was “too slow” to act, while Twitter CEO Jack Dorsey said his platform was "unprepared and ill-equipped" for the amount of disinformation spread.
Facebook faced a hack
Then Facebook faced an attack that impacted at least 50 million users, the company reported in a statement.
“But it’s clear that attackers exploited a vulnerability in Facebook’s code that impacted “View As” a feature that lets people see what their own profile looks like to someone else. This allowed them to steal Facebook access tokens which they could then use to take over people’s accounts. Access tokens are the equivalent of digital keys that keep people logged in to Facebook so they don’t need to re-enter their password every time they use the app.”
The company later revised this number down from 50 to 30 million — a lot less than initially reported, but nonetheless still a lot. There were three groups of people impacted by the hack, each with separate information accessed: one group had only their name and contact details accessed, while another had their profile details accessed too (username, gender, location and language, relationship status, religion, hometown, current city, birthdate, device types, education, work, latest 10 checkins, website, people and Pages they follow and their 15 most recent searches), and a third group had no information accessed at all.
The company has a help page set up that will tell people if their accounts were impacted by the hack.
The UK government seizes internal Facebook documents
The UK Parliament used its legal powers to seize internal Facebook documents after Mark Zuckerberg repeatedly refused to show up to answer MPs questions. These publicly available documents included a lot of information, including confidential emails between execs detailing a possible plan to charge developers to access your data among other revelations, which we covered in detail.
During the questioning, it was revealed that Facebook was initially warned in 2014 by an employee that users based in Russia were collecting huge amounts of data, but when the issue was investigated, it wasn’t deemed to be a breach.
A bug allowed developers to see photos that were uploaded, but not posted
To make matters worse, Facebook found a bug in its API that let app developers see photos users had uploaded, but not posted to the social network. The apps could see photos that users had uploaded to their newsfeed, Stories and Marketplace; however, the only apps that could see the photos were ones that users had already given permission to access public photos.
Around 6.8 million users and 1,500 apps made by 876 developers were impacted.
A Canadian ethics committee votes to subpoena Mark Zuckerberg
The Canadian Parliament’s ethics committee voted to subpoena Mark Zuckerberg and Sheryl Sandberg to testify before an international committee, which they failed to show up for, reports the CBC. Included in the meeting were several representatives from the UK, who made the journey across the pond in hopes of hearing from the CEO or COO.
Special counsel Robert Mueller releases his report
The Mueller indictment explained how 13 employees of the Russian Internet Research Agency created fake profiles on Facebook and Instagram to publish controversial opinions and gain attention — including to promote #MAGA, attack opponents and commit other scandalous acts online.
We’ve updated this article to include more Facebook scandals.