Facebook throws the book at thousands of app developers for failing to comply with its privacy policy

Special thanks to Martha Medina for her contributions to this post.

Facebook has suspended tens of thousands of applications (“apps”) as a result of its ongoing investigation, which began in March 2018 following the Cambridge Analytica controversy.

The now obsolete Cambridge Analytica was a political consulting firm that made a Facebook app through which they were able to collect data from over 87 million Facebook users. Although Facebook had a policy in place that prohibited the sale of its user data, Cambridge Analytica sold it anyway.

After its initial investigation, Facebook flagged about 400 apps that presented possible privacy issues. Fast forward a year and a half later, Facebook has now suspended tens of thousands of apps. Two such examples of the apps suspended include myPersonality and any apps associated with South Korean analytics company, Rankwave. In a company blog post, Facebook Vice President of product partnerships, Ime Archibong, stated the app developers for Rankwave refused Facebook’s request to participate in an audit while the app myPersonality was found to share information with researchers and companies with only limited protections in place.

Archibong expressed, however, that the recent suspension “wasn’t necessarily an indication that these apps were posing a threat to people.”

“In a few cases, we have banned apps completely. That can happen for any number of reasons including inappropriately sharing data obtained from us, making data publicly available without protecting people’s identity[,] or something else that was in clear violation of our policies,” Archibong wrote.

The suspension of these apps likely follows the result of Facebook’s settlement with the Federal Trade Commission (“FTC”) earlier this year. In a separate case, Facebook was fined a record-breaking $5 billion for mishandling user privacy. Part of its settlement with the FTC requires that a privacy committee be independently created and also requires Facebook to exercise greater oversight over third-party apps. This includes “terminating app developers that fail to certify they’re in compliance with Facebook’s platform policies or fail to justify their need for specific user data,” according to the FTC.