Facebook Suspends Hundreds Of Apps

Did you just notice a Facebook  app you use  has disappeared?  After reviewing “thousands” of apps on its platform following a major data misuse scandal that blew up in March, Facebook has announced it has suspended around 200 apps, pending what it describes as a “thorough investigation” into whether or not their developers misused Facebook user data.

The action is part of a still ongoing audit of third party applications running on the platform announced by Facebook in the wake of the Cambridge Analytica data misuse scandal

Cambridge Analytica was a third party developer who used quiz apps to extract and pass Facebook user data to the consultancy for political ad targeting purposes.

CEO Mark Zuckerberg  announced the app audit on March 21, writing that the company would “investigate all apps that had access to large amounts of information before we changed our platform to dramatically reduce data access in 2014, and we will conduct a full audit of any app with suspicious activity”. Apps that would not agree to a “thorough audit” would also be banned, he said then.

Just under two months on and the tally is around 200 ‘suspicious’ app suspensions, though the review process is ongoing, and Facebook is not being more specific about the total number of apps it’s looked at so far (beyond saying “thousands”), so expect that figure to rise.

In the Cambridge Analytica  instance, Facebook admitted that personal information on as many as 87 million users may have been passed to the political consultancy, without most people’s knowledge or consent.

Giving an update on the app audit process in a blog post, Ime Archibong, Facebook’s VP of product partnerships, writes that the investigation is “in full swing”.

“We have large teams of internal and external experts working hard to investigate these apps as quickly as possible,” he says.

“To date thousands of apps have been investigated and around 200 have been suspended, pending a thorough investigation into whether they did in fact misuse any data... “Where we find evidence that these or other apps did misuse data, we will ban them and notify people via this website. It will show people if they or their friends installed an app that misused data before 2015, just as we did for Cambridge Analytica.”

Archibong does not confirm how much longer the audit will take, but does admit there’s a long way to go, writing that: “There is a lot more work to be done to find all the apps that may have misused people’s Facebook data – and it will take time.”

“We are investing heavily to make sure this investigation is as thorough and timely as possible,” he adds. 

Where Facebook does have concerns about an app, such as the 200 apps it has suspended pending a fuller probe, Archibong says it will conduct interviews; make requests for information (“which ask a series of detailed questions about the app and the data it has access to”); and perform audits “that may include on-site inspections”. So Facebook will not be doing on-site inspections in every suspicious app instance.

Given the likely scale of data misuse by developers on its platform there is an argument for Facebook to publish a public list of suspensions.

A Facebook spokeswoman has subsequenty been reported to say that the the company intends to provide more details about any apps it decides to ban after concluding each case-by-case investigation. Although she also said the company has not yet decided how it will share information about these apps. 

The spokeswoman declined to specify how many thousands of apps Facebook has reviewed at this stage; how long it believes the full investigation process will take; nor how large a quantity of user data it’s using as its benchmark to trigger individual app investigations. The process remains pretty shrouded and caveated, making its rigor and value hard to quantify.

Techcrunch

You Might Also Read: 

Facebook Collects Your Data Even If You Don’t Use Facebook:

Regulation Might Actually Protect Facebook:
 

 

« Turkey Using German Spy Software On Opposition Politicians & Activists
Barclays Bank Want To Stop Cybercrime »

Directory of Suppliers

Westgate Cyber Security

Westgate Cyber Security

Westgate Cyber Security is a UK-based company helping business and public sector bodies understand and overcome emerging cyber security threats.

Imperva

Imperva

Imperva is a leading provider of data and application security solutions including DDoS protection, Web application security, Data security and Cloud security.

Encryptics

Encryptics

Encryptics is a provider of SAAS based data encryption technology designed to protect and secure corporate data.

TNS pay

TNS pay

TNS provides networking, managed connectivity, data communications and value added services

European Privacy Association (EPA)

European Privacy Association (EPA)

The European Privacy Association (EPA) is a pan-European think tank based in Brussels that brings together experts from the fields of data protection,

Action Fraud

Action Fraud

Action Fraud is the UK’s national reporting centre for fraud and cyber crime

Nexenta

Nexenta

Nexenta is a leader in Software-Defined Storage solutions. Nexenta enables highly robust data protection, backup and business continuity/disaster recovery.

ByteGrid

ByteGrid

ByteGrid is the leading provider of Compliant Hosting solutions. Our data centers provide the latest technology, security and compliance support to help you strengthen and achieve your business goals.

CCN-CERT

CCN-CERT

CCN-CERT is the Spanish national government computer security incident response centre.

Zentri

Zentri

Zentri provides solutions for securely connecting and managing IoT devices and mobile apps.

NexDefense

NexDefense

NexDefense mission is to mitigate risks and further ensure safety, security and operational integrity to ICS network environments.

IMS Networks

IMS Networks

IMS Networks specializes in the design and management of high criticality networks and telecoms services including network security and Managed Security Services.

Cyanre

Cyanre

Cyanre delivers state of the art cyber forensic services through software technologies and procedures that exceed conformities of major law enforcement agencies across the globe.

Veriflow

Veriflow

Veriflow’s patented continuous network verification technology allows enterprises to predict all possible network-wide behavior and mathematically verify availability and security.