Facebook Confirms Spotify Used Access To Private Messages, Other User Data

Facebook thumbs down[UPDATED] Spotify, Apple, Amazon and other companies were reportedly exempted from Facebook privacy rules and given more access to user data than the infamous Cambridge Analytica. Facebook has confirmed that Spotify also had access users’ private messages.


“For years, Facebook gave some of the world’s largest technology companies more intrusive access to users’ personal data than it has disclosed, effectively exempting those business partners from its usual privacy rules, according to internal records and interviews,” according to a New York Times investigative report. “The exchange was intended to benefit everyone. Pushing for explosive growth, Facebook got more users, lifting its advertising revenue. Partner companies acquired features to make their products more attractive.”

Access included the ability to view names and contact information through a users friends.  

Spotify newSpotify Could View 70M Private Messages Monthly

In addition to a level of access to private data than had been publicly disclosed, Spotify and Netflix were also given access to a users private messages. Citing internal Facebook documents, The Times said that Spotify could view the private messages of more than 70 million Facebook users monthly. 

“Facebook also allowed Spotify, Netflix and the Royal Bank of Canada to read, write and delete users’ private messages, and to see all participants on a thread – privileges that appeared to go beyond what the companies needed to integrate Facebook into their systems.”

Spotify told The Times that it had been “unaware of the broad powers Facebook had granted them.” Netflix issued a similar statement.

Facebook Confirms Spotify Used Private Access

Despite Spotify’s broad denial. Facebook confirmed much of the report in a blog post Thursday, including specifically how the streamer had used its access private messages.

Facebook wide logo“Did partners get access to messages? Yes. But people had to explicitly sign in to Facebook first to use a partner’s messaging feature. Take Spotify for example. After signing in to your Facebook account in Spotify’s desktop app, you could then send and receive messages without ever leaving the app. Our API provided partners with access to the person’s messages in order to power this type of feature.”

Lack Of Transparency

It should not be surprising that Facebook offered API level access to its users or that Spotify and others too advantage of it to power new features. But many users will find it unacceptable that neither Facebook or Spotify told then about  the extent to which their private data was being used.

Leave a comment

Your email address will not be published. Required fields are marked *