2018 is just not Facebook’s year.
And it isn’t letting up here in the final stretch.
The latest kerfuffle deals with Facebook’s accidental exposure of millions of users' private photographs.
But they weren’t viewable to just regular Facebook users, only to third-party app developers.
In a disclosure on their blog released today, Facebook more or less cops to the issue and discusses steps the company has taken to fix the bug.
What went down is that, when using third-party apps, Facebook users often authorize them to view information about the account, one piece of which includes the user’s photos. Yet this was supposed to be limited to the user’s timeline photos, not general pictures. The fact that these third-party apps got access to all of user’s pictures is pretty disconcerting, especially for people who already have privacy concerns with the platform.
The company explains how it all works in quite clear language on their website The blog post reads in part: “When someone gives permission for an app to access their photos on Facebook, we usually only grant the app access to photos people share on their timeline. In this case, the bug potentially gave developers access to other photos, such as those shared on Marketplace or Facebook Stories. The bug also impacted photos that people uploaded to Facebook but chose not to post. For example, if someone uploads a photo to Facebook but doesn't finish posting it – maybe because they've lost reception or walked into a meeting – we store a copy of that photo for three days so the person has it when they come back to the app to complete their post.”
It wasn’t just a small segment of users either, though, in the larger scheme of Facebook’s total audience, the number are thankfully quite small. The company wrote in the blog post discussing the issue, “Currently, we believe this may have affected up to 6.8 million users and up to 1,500 apps built by 876 developers.”
