Facebook has admitted that user data continued to be passed on to 3rd [arty developers.
In a post on its official blog, Konstantinos Papamiltiadis, VP of Platform Partnerships, FB said it was found recently that in some instances apps continued to receive the data that people had previously authorized, even if it appeared they hadn’t used the app in the last 90 days.
Giving an example, Konstantinos said this could happen if someone used a fitness app to invite their friends from their hometown to a workout, FB had failed to recognize that some of their friends had been inactive for many months.
According to FB, this issue enabled approximately 5,000 developers to continue receiving information — for example, language or gender — beyond 90 days of inactivity.
It said it had found no evidence that this issue had resulted in sharing information that was inconsistent with the permissions people gave when they logged in using Facebook.
It was in 2014 that FB had introduced more granular controls for people to decide which non-public information — such as their email address or their birthdate — to share when they used Facebook to sign into apps. Later, in 2018, FB had said it would automatically expire an app’s ability to receive any updates to this information if its systems didn’t recognize a person as having used the app within the last 90 days.
