An internal email accidentally leaked by Facebook to a journalist has revealed the firm’s intentions to frame a recent data scraping incident as “normalized” and a “broad industry issue.”
Facebook has recently been at the center of a data scraping controversy. Earlier this month, Hudson Rock researchers revealed that information belonging to roughly 533 million users had been posted online, including phone numbers, Facebook IDs, full names, and dates of birth.
The social media giant confirmed the leak of the “old” data, which had been scraped in 2019. A functionality issue in the platform’s contact platform, now fixed, allowed the automatic data pillaging to take place.
The scraping and subsequent online posting of user data raised widespread criticism and on April 14, the Irish Data Protection Commission (DPC) said it planned to launch an inquiry to ascertain if GDPR regulations and/or the Data Protection Act 2018 have been “infringed by Facebook.”
Now, an internal email leaked to the media (Dutch article, translated) has potentially revealed how Facebook wishes to handle the blowback.
This month, Data News editor Pieterjan Van Leemputten sent several queries to Facebook requesting an update on the data scraping incident and further clarity concerning the breach timeline.
However, Facebook accidentally included the journalist in an internal emailed discussion thread.
In the original emails sent to EMEA region PR staff, viewed by ZDNet and dated from April 8, Facebook’s team outlined an overall “long-term strategy” for dealing with coverage of data scraping incidents.
“Assuming press volume continues to decline, we’re not planning additional statements on this issue,” the email reads. “Longer term, though, we expect more scraping incidents and think it’s important to both frame this as a broad industry issue and normalize the fact that this activity happens regularly.”
“To do this, the team is proposing a follow-up post in the next several weeks that talks more broadly about our anti-scraping work and provides more transparency around the amount of work we’re doing in this area,” the message continues. “While this may reflect a significant volume of scraping activity, we hope this will help to normalize the fact that this activity is ongoing and avoid criticism that we aren’t being transparent about particular incidents.”
A redacted portion of the email thread is shown below.
The thread also includes lists of existing global coverage surrounding the story, including by ZDNet, CNET, Graham Cluley, Reuters, The Guardian, and The Wall Street Journal, to name a few; broadcast coverage, and tweets considered “notable,” as well as statistics on social conversion and mentions on Twitter.
While describing overall coverage, the email says that publications “have offered more critical takes of Facebook’s response framing it as evasive, a deflection of blame and absent of an apology for the users impacted.”
“These pieces are often driven by quotes from data experts or regulators, keen on criticizing the company’s response as insufficient of framing the company’s assertion that the information was already public as misleading,” the team added. “With regulators fully zeroed in on the issue, expect the steady drumbeat of criticism to continue in the press.”
Update 13.52 BST: A Facebook spokesperson told ZDNet:
“We are committed to continuing to educate users about data scraping. We understand people’s concerns, which is why we continue to strengthen our systems to make scraping from Facebook without our permission more difficult and go after the people behind it.
That’s why we devote substantial resources to combat it and will continue to build out our capabilities to help stay ahead of this challenge.”
Previous and related coverage
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0