Facebook reveals new privacy mishap involving apps for groups

Facebook acknowledged another privacy mishap: some app developers may have wrongly accessed names and profile photos of users in certain groups. Roughly 100 “partners” may have accessed this information — including 11 that had done so within the past 60 days. Otherwise, Facebook declined to offer specifics, including who exactly might have seen the data and how many users had been affected. The trouble appears to stem from a functionality in Facebook’s groups service. Before April 2018, administrators for groups could authorize apps, which could access information about users in that group. After April 2018, Facebook said it imposed restrictions on developers, who would have to obtain group members’ permission before collecting information such as their name and profile photo. On Nov 5, Facebook announced it had “found that some apps retained access to group member information, like names and profile pictures in connection with group activity, from the Groups API, for longer than we intended.”