Profile picture
Michael LaForgia @laforgia_
, 12 tweets, 2 min read Read on Twitter
We wanted to learn more about what kinds of data Facebook makes available to “partners” that manufacture phones and other devices.
We were curious because Facebook was supposed to have made it impossible for third-party developers to access data from a user’s friends in 2014-15.
So we plugged my Facebook account info into a 5-year-old BlackBerry device. My colleague @gabrieldance used a computer program to monitor the network traffic — what the phone was asking for and getting.
Right away, and even though we had deleted the Facebook app from the phone, it started sucking down lots of my Facebook information. It pulled in my name and global user id — which can be synced up with all kinds of other, non-FB databases to get details about me.
It got my email address and cellphone number, my location, my profile picture, both sides of my private messages, and the names and user ids of the people I exchanged messages with. (Sorry, Mom.)
Then we went a little further. We found out the phone could get the user ids, birthdays and work and education histories of nearly all my friends, even though access to such info was supposed to have been walled off years ago. It could also tell which of my friends was online.
(Remember, this isn’t Facebook making the calls for this data; it’s a device manufactured by an outside company, using an app built by that company, that Facebook has given special access to.)
My friends could not have stopped the device from snagging their information even by going to their settings and disabling all sharing with third-parties, an option known as turning off the platform.
So we could be sure about that, we had one of them turn off the platform, THEN add in new profile information for the first time, and then set it to be shared only with friends.
Right away, the third-party BlackBerry device pulled down all the information we had disallowed any third party apps from obtaining.
Then we watched the device go even further. Turns out it can jump from my modest 550-something friend list to access the names and all-important global user ids for most of my friends’ friends — a total of about 295,000 people.
For more, including Facebook’s explanation for this, check out our story:
nytimes.com/interactive/20…
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Michael LaForgia
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($3.00/month or $30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!