UK Parliament's report has a sample agreement that Facebook had with companies that whitelisted them and gave them extended access to user data when they publicly represented that the APIs had been deprecated

Folks should check out this article that explains how Facebook intentionally did not pass along privacy metadata to developers. Shows how a lot of the so called "breaches" happened. Hint: they weren't breaches, it was privacy violation by design. https://medium.com/@six4three/deceit-by-design-zucks-dirty-s...

This other article that got posted today might explain why this happened in more detail: https://medium.com/@six4three/deceit-by-design-zucks-dirty-s...

Seems to suggest that FB platform apis were designed to not share any privacy metadata with devs. Maybe not the same as how apps like At The Pool stored that data, but might explain the firehose of data that FB gave devs and now they will point the finger and say it was their fault for these leaks/breaches. Food for thought.

Developers would have to intentionally write extra code to respect privacy metadata, so it seems unlikely that would have made a difference.

Criminals seem unlikely to follow laws, so why bother having them? Of course devs would need to intentionally follow the privacy wishes of users but without metadata, even responsible developers who want to, can't.

I guess my question for you, considering it looks like you worked with devs at FB, is this article regarding FB platform design accurate? That's the most shocking thing to me that this article conveys, that even if you wanted to ensure data privacy as a dev, you couldn't unless you built a custom tool. I'd be pretty surprised if most (or any) would.

Curious on your thoughts.

Oh jeez. So you think that medium article is accurate? It would be pretty nuts if what they are saying is true. Makes something like Cambridge Analytica and whatever happened today with At The Pool be a question of "when" and not "if" when it comes to the leaking of FB user data.