On the same day that Facebook released a batch of emails revealing new details about how it shared data with political advertisers, the company also launched a sweeping review of its marketing partners in a renewed push to uncover data abusers, including on Instagram.
On Friday, under pressure from regulators and lawmakers, Facebook released a series of emails from 2015 and 2016 that help define the timeline around when the company first understood the threat from political data brokers. The most notorious data broker being Cambridge Analytica, which collected data on 87 million Facebook users.
Facebook says the e-mails corroborate testimony it has given consistently and that it was not aware of the extent of Cambridge Analytica’s policy violations until December 2015. Although there are many emails from the company about multiple potential bad actors prior to that date, it appears Facebook did not have a full grasp of Cambridge Analytica’s violations until December 2015, based on the emails.
The emails offer a unique look into Facebook employees’ thinking at the time regarding sharing data with marketing partners, specifically in the political realm, just as the 2016 presidential primary race was heating up. The emails show that Facebook employees were debating whether a number of political data brokers and ad partners, not just Cambridge Analytica, were in compliance with its policies surrounding user data.
In an October 2015 email, a Facebook employee says a firm called NationBuilder was likely in violation of its rules because it was allegedly collecting information from public posts and sharing it with data brokers.
According to the emails, NationBuilder offered its services to For America, a politically active Facebook page with 7.6 million followers. NationBuilder claimed it could leverage data about For America’s fans to build a database with names, street addresses and dates of birth on hundreds of thousands of the people.
NationBuilder still does digital work for political groups, including services that interact with Facebook. NationBuilder’s website touts work it's done most recently for Democratic presidential candidate Andrew Yang.
NationBuilder did not return a request for comment. Facebook declined to comment except to point to its latest data policies and updated vetting procedures.
Since Cambridge Analytica’s activities came to light, the social network has launched reviews of developers that use its API—application programming interface. The API is a way for the outside companies to tap into Facebook tools and services to build their own products. Facebook has reformed its API policies over the past two years, restricting what data is available.
Facebook also has been reviewing partners as it looks for any mishandled data. In July, Facebook agreed to a $5 billion settlement with the FTC over its data-sharing lapses.
On Friday, the company also said it was reviewing hundreds of marketing partners. Facebook was responding to a recent exposé from Business Insider that showed marketing partners cataloged Instagram users’ data. One partner, Hyp3r was accused of preserving people’s Stories videos, which users believe are deleted within 24 hours, and keeping detailed location history information.
Facebook says it has taken action against marketing partners, including Storrito, Sked Social and Stackla. Facebook Marketing Partners is an official program within the company that allows select firms to technologically integrate with its platforms.
Marketing partners have been accused of engaging in similar behavior to the political marketers by scraping data. That’s when they crawl through pages on Facebook or Instagram and build records of seemingly public information on thousands or even millions of people. To an ordinary web user, building such a database would be too time-consuming, but a marketing partner with access to an API can build tools to do the scraping.
“Scraping violates our policies,” a Facebook spokeswoman said in an email statement. “We have taken action against several of these companies and are investigating the rest. This is an industry-wide problem. At Facebook we’re taking the following steps: developing more proactive data-scraping detection methods and conducting a review of our Facebook Marketing Partners. We know these efforts won't catch every violation, but they will help.”