Facebook took years to clamp down on data harvesting: Former staffer

A former Facebook operations manager told a British parliamentary committee on Wednesday that data harvesting of member profiles by outside software developers was once routine and that the company took years to clamp down on the practice.

Sandy Parakilas, who was in charge of policing Facebook’s data handling procedures in 2011 and 2012, shed fresh light on business practices that are alleged to have enabled Cambridge Analytica to gain unauthorized access to the personal data of tens of millions of US voters.

The social networking giant has been rocked this week after a whistleblower said Cambridge Analytica, which US President Donald Trump hired for his 2016 election campaign, improperly accessed information on Facebook users to build detailed profiles on American voters.  “There was very little detection or enforcement,” Parakilas said in testimony via videolink before the House of Common’s Digital, Culture, Media and Sport Committee. “During my 16 months (at Facebook), I don’t remember a single physical audit of a developer” who was storing users’ data from the social network.

Parakilas highlighted vast potential abuses of a little-understood feature known as “friend permissions”, which enabled software developers to connect their apps up to the friends of users, and even the friends of friends, the so-called “social graph” at the heart of Facebook’s network of connections. “You are likely talking about tens of thousands of apps that got ‘friend permissions’ and some of those apps had tens - it was huge - or hundreds of millions of users, so there was a vast (amount) of data that passed out the door,” Parakilas said.

Facebook turned off the friend permissions feature in 2015.

Asked by a parliamentary committee member whether there were incidents where this data-sharing feature was misused, Parakilas said: “There may well have been.”