In April, Mark Zuckerberg told a US congressional hearing, “I can’t be clearer on this topic: We don’t sell data.” But just because Facebook doesn’t currently sell data, it doesn’t mean they didn’t actively mull it over. Improperly redacted court documents from February 2017 show that Facebook explored charging companies for access to user data.
The Wall Street Journal broke news of the botched redaction yesterday, while Ars Technica noted you could simply copy paste the redacted portions into a text editor. Gizmodo replicated the process and indeed, the redacted sections reveal Facebook employees pushed advertisers to pay up if they wanted to maintain unfettered access to user data.
Essentially, the court documents reference internal Facebook memos and emails from 2012 to 2014, where employees embarked on a campaign reaching out to large companies and threatening to turn off data access if they didn’t pay at least $250,000 (£196,000) a year. The redacted portions describe a “whitelisting” system used by Facebook to determine which companies got data access based on their “data reciprocity.”
While Facebook inevitably decided not to go through with charging, it did try to extract deals for extended access to its Graph API from some major players. In 2013, Facebook was in the process of negotiating a whitelist deal with Amazon. The documents detail one Facebook employee advising another not to promise data access to Amazon until it agreed to pay. In the same year, Facebook had a similar exchange with the Royal Bank of Canada. When the bank expressed concern about its data access, a Facebook employee internally asked whether the bank had an existing advertising agreement. Other companies that had whitelist agreements in place include Lyft, Nissan, Airbnb, Netflix, and Chrysler/Fiat.
The documents are loosely tied into the ongoing UK investigation into the Cambridge Analytica scandal. They were seized by Parliament earlier this week from Six4Three founder Ted Kramer while he was visiting London. Six4Three is the maker of an app called Pikini, which let Facebook users search for photos of friends in bikinis. The app maker sued Facebook alleging that revoking access to the data API destroyed its business. While Six4Three and Pikini aren’t actually related to the Cambridge Analytica investigations, the documents are perceived to illustrate Facebook’s cavalier attitude to data privacy during the same time period. The documents are currently under seal under California law, but Damian Collins, chair of the Digital, Culture, Media and Sport Select Committee that ordered the seizure, has tweeted the UK can publish the papers.
The @CommonsCMS has received the documents it ordered from Six4Three relating to Facebook. I have reviewed them and the committee will discuss how we will proceed early next week. Under UK law & parliamentary privilege we can publish papers if we choose to as part of our inquiry
— Damian Collins (@DamianCollins) November 25, 2018