Shira Frenkel and Cecilia Kang wrote The Ugly Truth: Inside Facebook’s Battle of Dominance, which states that 16,000 Facebook employees had access to users’ personal data. 52 employees were fired for personal use of data, Insider quoted a preliminary version of the book.
Facebook CEO and co-founder Mark Zuckerberg first became aware of the problem of abuse of access to personal data in September 2015, when Alex Stamos, then the chief security officer of Facebook, raised the issue with him. In a presentation to Zuckerberg and senior management at the company, Stamos said engineers abused access “almost every month,” the book says. At that time, more than 16,000 employees had access to personal data of users. Stamos proposed limiting access to less than 5,000 employees, and also proposed requiring employees to submit formal requests for access to personal data, but was rejected by executives. Zuckerberg said that making changes to the matter was “a top priority” and tasked Stamos with finding a solution and providing updated information throughout the year, the book notes.
The publication cites several stories of social network employees who used personal data. For example, an unnamed engineer used access to find his companion while on holiday in Europe.
Another engineer used subordinate access to find a woman who stopped responding to messages after meeting him. He was able to read her messages in the messenger for several years, see deleted and hidden photos and records that she opened or commented on. And through the application that she installed on her smartphone, he could see her location.
The book says Facebook employees were given access to user data to “get rid of the red tape that was holding back engineers.”
“There was nothing other than the goodwill of the employees themselves that would prevent them from abusing their access to users’ personal information,” wrote Shira Frenkel and Cecilia Kang. They added that most of the employees who abused their privileges to access user data only viewed information, although some did not stop there.
A Facebook spokesperson told Insider that the company fired employees who, it turned out, accessed user data for personal purposes.
“We have always been intolerant of abuse and fired every employee ever caught in the wrong access to data,” said a company spokesman. “Since 2015, we have continued to improve our employee training, abuse detection and prevention protocols. We also continue to reduce the need for engineers to access certain types of data when they are working to build and maintain our services, ”they noted.