A Facebook privacy mechanism blocks apps from receiving user data if users didn’t use an app for 90 days. Facebook said 5000 apps continued to receive user data regardless.
Social media giant Facebook disclosed on Wednesday a new user privacy incident. The company said that it continued sharing user data with approximately 5000 developers even after their application’s access expired.
The incident is related to a security control that Facebook added to its systems following the Cambridge Analytica scandal of early 2018.
Responding to criticism that it allowed app developers too much access to user information, Facebook added at the time a new mechanism to its API that prevented apps from accessing a user’s data if the user did not use the app for more than 90 days.
However, Facebook said that it recently discovered that in some instances, this safety mechanism failed to activate and allowed some apps to continue accessing user information even past the 90-day cutoff date.