Facebook Suspends Hundreds Of Apps

Did you just notice a Facebook  app you use  has disappeared?  After reviewing “thousands” of apps on its platform following a major data misuse scandal that blew up in March, Facebook has announced it has suspended around 200 apps, pending what it describes as a “thorough investigation” into whether or not their developers misused Facebook user data.

The action is part of a still ongoing audit of third party applications running on the platform announced by Facebook in the wake of the Cambridge Analytica data misuse scandal

Cambridge Analytica was a third party developer who used quiz apps to extract and pass Facebook user data to the consultancy for political ad targeting purposes.

CEO Mark Zuckerberg  announced the app audit on March 21, writing that the company would “investigate all apps that had access to large amounts of information before we changed our platform to dramatically reduce data access in 2014, and we will conduct a full audit of any app with suspicious activity”. Apps that would not agree to a “thorough audit” would also be banned, he said then.

Just under two months on and the tally is around 200 ‘suspicious’ app suspensions, though the review process is ongoing, and Facebook is not being more specific about the total number of apps it’s looked at so far (beyond saying “thousands”), so expect that figure to rise.

In the Cambridge Analytica  instance, Facebook admitted that personal information on as many as 87 million users may have been passed to the political consultancy, without most people’s knowledge or consent.

Giving an update on the app audit process in a blog post, Ime Archibong, Facebook’s VP of product partnerships, writes that the investigation is “in full swing”.

“We have large teams of internal and external experts working hard to investigate these apps as quickly as possible,” he says.

“To date thousands of apps have been investigated and around 200 have been suspended, pending a thorough investigation into whether they did in fact misuse any data... “Where we find evidence that these or other apps did misuse data, we will ban them and notify people via this website. It will show people if they or their friends installed an app that misused data before 2015, just as we did for Cambridge Analytica.”

Archibong does not confirm how much longer the audit will take, but does admit there’s a long way to go, writing that: “There is a lot more work to be done to find all the apps that may have misused people’s Facebook data – and it will take time.”

“We are investing heavily to make sure this investigation is as thorough and timely as possible,” he adds. 

Where Facebook does have concerns about an app, such as the 200 apps it has suspended pending a fuller probe, Archibong says it will conduct interviews; make requests for information (“which ask a series of detailed questions about the app and the data it has access to”); and perform audits “that may include on-site inspections”. So Facebook will not be doing on-site inspections in every suspicious app instance.

Given the likely scale of data misuse by developers on its platform there is an argument for Facebook to publish a public list of suspensions.

A Facebook spokeswoman has subsequenty been reported to say that the the company intends to provide more details about any apps it decides to ban after concluding each case-by-case investigation. Although she also said the company has not yet decided how it will share information about these apps. 

The spokeswoman declined to specify how many thousands of apps Facebook has reviewed at this stage; how long it believes the full investigation process will take; nor how large a quantity of user data it’s using as its benchmark to trigger individual app investigations. The process remains pretty shrouded and caveated, making its rigor and value hard to quantify.

Techcrunch

You Might Also Read: 

Facebook Collects Your Data Even If You Don’t Use Facebook:

Regulation Might Actually Protect Facebook:
 

 

« Turkey Using German Spy Software On Opposition Politicians & Activists
Barclays Bank Want To Stop Cybercrime »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CyberSecurityJobsite.com

CyberSecurityJobsite.com

CyberSecurityJobsite.com is a specialist job board designed to attract candidates working within Cyber Security, Information Security or Information Assurance.

IPVanish

IPVanish

IPVanish has its roots in over 15 years of network management, IP services, and content delivery services. Now we're bringing these finely honed skills to VPN.

CSL Group

CSL Group

CSL solutions provide complete end-to-end connectivity services for Security, Fire, Telecare and other mission critical M2M/IoT applications.

Wüpper Management Consulting (WMC)

Wüpper Management Consulting (WMC)

Specialized in compliance, risk management and holistic information security WMC GmbH has longtime implementation experience in global projects.

Innovasec

Innovasec

Innovasec provide information security consulting and training services.

CloudVector

CloudVector

CloudVector's API Detection & Response platform is the only API Threat Protection solution that goes beyond the gateway to provide Shadow API Prevention and Deep API Risk Monitoring and Remediation.

Griffiss Institute (GI)

Griffiss Institute (GI)

GI's primary role is to advocate and facilitate the co-operation of private industry, academia, and the Air Force Research Laboratory in developing solutions to critical cyber security problems.

DeFY Security

DeFY Security

DeFY Security is a Cyber Security solutions provider with more than 20 years of experience securing financial institutions, healthcare, manufacturing and retail.

Kape Technologies

Kape Technologies

Kape Technologies is a cybersecurity company focused on helping consumers around the world have a better digital experience with greater privacy and protection.

SignalFire

SignalFire

SignalFire invest across both enterprise and consumer sectors at the seed and early growth stages.

Aravo Solutions

Aravo Solutions

Your Extended Enterprise is full of hidden risks – Aravo makes them visible, measurable, and manageable.

Three Wire Systems

Three Wire Systems

Three Wire is a leader in innovative and efficient technology solutions for government agencies and large enterprise corporations.

Astute Technology Management

Astute Technology Management

Astute Technology Management helps businesses take control of their technology and work with greater confidence.

Sinergi Digital

Sinergi Digital

Sinergi Digital is a business unit of the Metrodata Group with a focus on providing ICT solution to help accelerating digital transformation.

Operational Systems (OpSys)

Operational Systems (OpSys)

OpSys is a leading Managed IT and Cyber Security provider protecting the critical elements of businesses across the globe.

Academia the Technology Group

Academia the Technology Group

Academia specialise in the supply of software, IT hardware, training and service solutions to the public sectors, business and pro media markets.