Did you just notice a Facebook app has gone AWOL? After reviewing “thousands” of apps on its platform following a major data misuse scandal that blew up in March, Facebook has announced it’s suspended around 200 apps — pending what it describes as a “thorough investigation” into whether or not their developers misused Facebook user data.
The action is part of a still ongoing audit of third party applications running on the platform announced by Facebook in the wake of the Cambridge Analytica data misuse scandal where a third party developer used quiz apps to extract and pass Facebook user data to the consultancy for political ad targeting purposes.
CEO Mark Zuckerberg announced the app audit on March 21, writing that the company would “investigate all apps that had access to large amounts of information before we changed our platform to dramatically reduce data access in 2014, and we will conduct a full audit of any app with suspicious activity”.
Apps that would not agree to a “thorough audit” would also be banned, he said then.
Just under two months on and the tally is ~200 ‘suspicious’ app suspensions, though the review process is ongoing — and Facebook is not being more specific about the total number of apps it’s looked at so far (beyond saying “thousands”) — so expect that figure to rise.
In the Cambridge Analytica instance, Facebook admitted that personal information on as many as 87 million users may have been passed to the political consultancy — without most people’s knowledge or consent.
Giving an update on the app audit process in a blog post, Ime Archibong, Facebook’sVP of product partnerships, writes that the investigation is “in full swing”.
“We have large teams of internal and external experts working hard to investigate these apps as quickly as possible,” he says. “To date thousands of apps have been investigated and around 200 have been suspended — pending a thorough investigation into whether they did in fact misuse any data. Where we find evidence that these or other apps did misuse data, we will ban them and notify people via this website. It will show people if they or their friends installed an app that misused data before 2015 — just as we did for Cambridge Analytica.”
Archibong does not confirm how much longer the audit will take — but does admit there’s a long way to go, writing that: “There is a lot more work to be done to find all the apps that may have misused people’s Facebook data – and it will take time.”
“We are investing heavily to make sure this investigation is as thorough and timely as possible,” he adds.
Where Facebook does have concerns about an app — such as the ~200 apps it has suspended pending a fuller probe — Archibong says it will conduct interviews; make requests for information (“which ask a series of detailed questions about the app and the data it has access to”); and perform audits “that may include on-site inspections”.
So Facebook will not be doing on site inspections in every suspicious app instance.
We’ve asked Facebook a series of follow up questions about the ~200 suspicious apps it’s identified, and more broadly about the ongoing audit process and will update this post with any response.
For instance it’s not clear whether the company will publish a public list of every app that it suspends or deems to have misused user data — or whether it will just notify affected individuals.
Given the likely scale of data misuse by developers on its platform there is an argument for Facebook to publish a public list of suspensions.
Update: A Facebook spokeswoman told us the company intends to provide more details about any apps it decides to ban after concluding each case-by-case investigation. Although she also said the company has not yet decided how it will share information about these apps. So it’s not clear whether or not it will provide a public list of apps it bans for misusing user data — or whether banned apps will only be visible to logged in users whose personal data was specifically misused.
The spokeswoman also declined to specify how many thousands of apps Facebook has reviewed at this stage; how long it believes the full investigation process will take; nor how large a quantity of user data it’s using as its benchmark to trigger individual app investigations. So the process remains pretty shrouded and caveated — making its rigor and value hard to quantify.