Facebook has been caught on the back foot again over its data privacy practices, following an investigation by the New York Times.
The newspaper has disclosed fresh details about ways the social network shared access to users' data with other tech firms, including Amazon, Apple, Microsoft, Netflix, Spotify and Yandex.
In some cases, the other companies have said they were not even aware they had special access.
Facebook has defended its behaviour.
It said it never gave others access to personal data without people's permission and had seen no evidence that the data had been misused.
However, it has acknowledged again that it should have prevented third parties being able to tap into users' data, after publicly announcing that it had ended the privilege for security reasons.
Examples given by the NYT include allowing others' products the ability to read users' private messages and to see the names, contact details and activities of their friends.
Facebook's handling of the matter has drawn criticism, including tweets from its own former chief security officer Alex Stamos, who has called on it to disclose more details about what special access it provided to whom.
The latest revelations follow a series of scandals including the Cambridge Analytica data harvest, incitement to violence in Myanmar, also known as Burma, evidence of Russian and Iranian meddling in the US elections, and several data-exposing bugs.
These have undermined public confidence in Facebook, led to calls for new regulations and prompted demands for a leadership rethink.
"We have to seriously challenge the claim by Facebook that they are not selling user data," commented Damian Collins MP, chair of the UK Parliament's Digital, Culture, Media and Sport Committee.
"They may not be letting people take it away by the bucket load, but they do reward companies with access to data that others are denied, if they place a high value on the business they do together. This is just another form of selling."
Facebook, as ever, thinks it's being unfairly picked on. Indeed, as recently as this week, former security boss Alex Stamos described the Cambridge Analytica scandal as an overreaction.
With its statement on Wednesday, Facebook took the same tone it has since this whole mess began in March: users gave consent, everybody knew, nothing to see here.
For added cheekiness, its statement linked to a piece in the New York Times from 2010 that seemed to reference at least one of features revealed in this latest investigation.
But what Facebook underestimates, continually, is the extent to which this year has produced a "data-awakening" among the general public, and how now is the time for the company to lay it all out on the table.
If I was a Facebook employee, or shareholder, I'd be telling Mark Zuckerberg: "It's time to be completely open about who has or had access to data."
That's the only way to stop 2019 being like 2018: a drip-drip of headlines that have eroded Facebook's reputation, perhaps irreparably.
What is Facebook's response?
The firm distinguishes between two different types of relationships it formed.
The first type it calls "integration partnerships". It defines these as arrangements that allowed others to offer Facebook's features outside of its own app or website.
Facebook actually provided a long list of such partners to Congress in July.
It said the arrangement made it possible for other companies to do things like consolidate posts from Facebook, Twitter and other social media providers in a single app, or provide alerts from a range of services via a web browser.
But it noted that to do this, its members had to have signed into their Facebook accounts to give permission. It added that "nearly all" of these partnerships had been shut down in recent months.
Facebook refers to the second type of arrangements as being "instant personalisation".
It said these allowed other apps to see Facebook's private messages so that, for example you could send a song recommendation to a friend without having to leave Spotify's app.
It added that users' public information was also shared so that, for example, you could see what TV shows your friends had watched within Netflix.
Facebook said that for the most part, it ended its personalisation partnerships in 2014, but continued in some select cases into 2017.
It acknowledged, however, that it had not always withdrawn the application programming interfaces (APIs) that allowed others to tap into its data, as it should have.
"We're in the midst of reviewing all our APIs and the partners who can access them," it concluded.
What have the other firms said?
Microsoft has issued a brief statement saying: "Throughout our engagement with Facebook, we respected all user preferences."
The BBC understands it ended its Bing contract with Facebook in February 2016, and the social network's data stopped appearing in its search results at that point.
Netflix has said that it stopped taking advantage of its ability to recommend content to members' Facebook friends in 2015 as the service had not been popular.
"At no time did we access people's private messages on Facebook or ask for the ability to do so," it added.
Spotify had indicated it was unaware of the degree of access Facebook had provided to it. Apple has also said that it was also not aware of its devices being granted special access.
Yahoo said it only tapped into Facebook's data once users had opted in, and did not do so for advertising purposes.
Yandex has said its arrangement was limited to users in Russia, Turkey, Ukraine, Belarus, Kazakhstan and other Commonwealth of Independent States (CIS) countries, and addedthat it stopped receiving Facebook's data in 2015.
Why does this matter?
Part of the issue is that Facebook promised a US regulator - the Federal Trade Commission (FTC) - in 2011 that it would not share user data without explicit consent.
Facebook insists it has not breached that pledge, but some privacy experts suggest otherwise.
Furthermore, despite Facebook executives claiming to have been transparent over the years about the firm's privacy policy shifts, campaign groups suggest new laws are needed to restrict its activities.
"Time and again Facebook has been unable to clearly and in plain language explain to people how the company is collecting, storing, sharing, and retaining people's data," a spokeswoman for Privacy International told the BBC.
"The sheer scope of the Facebook scandals in 2018 alone is mind-boggling and shows that data exploitation is a rampant and systemic."
The other risk is that the more negative stories there are in the press, the more likely users are to quit Facebook and its other apps - including Instagram and WhatsApp - or at least stop sharing personal information with them.
Latest Stories
-
At least 69 migrants dead after boat sank off Morocco on Dec. 19, Mali says
16 minutes -
Telecel Ghana Foundation’s Healthfest impacts over 400 residents in Techiman
23 minutes -
EPA issues alert over Harmattan induced air pollution
29 minutes -
South Korea votes to impeach acting president Han Duck-soo
38 minutes -
Supreme Court to hear NDC’s challenge against High Court-ordered election re-collation today
2 hours -
The Nigerian watch-lover lost in time
2 hours -
At least 10 killed after Nigerian military jet targeting bandits bomb civilians
2 hours -
Regional challenges cost Egypt around $7bn of Suez Canal revenues in 2024, Sisi says
2 hours -
Morocco proposes family law reforms to improve women’s rights
2 hours -
Bawumia could have conceded defeat earlier – Omane Boamah
2 hours -
Upper East, North East: PURC receives 591 complaints, resolves 550 in 2024
3 hours -
Mozambique prison riot leaves 33 dead as civil unrest grips country
3 hours -
Mahama vows to champion prosperity for youth and vulnerable
3 hours -
Implement people-centred policies – Yagbonwura advises Mahama
3 hours -
My team was against conceding early in elections – Bawumia
3 hours