ITP Techblog

Brought to you by IT Professionals NZ
« Back to Security & Privacy

Social media in the spotlight for the wrong reasons

Paul Brislen, Editor. 17 December 2018, 7:59 am

Another day, another damning leak from the world's largest social media platform Facebook.

This time, the company has admitted that it exposed photos taken by nearly seven million users to third party apps that weren't supposed to have access to them. This includes photos that were uploaded but then never posted - a practice that Facebook has developed to ensure users can change their mind about changing their mind about posting to the site.

The company says the problem arose from an API programming error that allowed such access for 12 days from September 13 to September 25 this year. The company has since fixed the problem and apologised to users, saying it plans to deploy tools to allow developers to figure out which users might be affected by the leak.

This is a different security problem to the one announced earlier in the month that was initially thought to have allowed hackers to gain access to 50 million user accounts. Facebook now says that figure was "only" 30 million accounts, and it is working with the FBI to track down the hackers.

The latest security flaw isn't a result of hacking, but rather of a problem with Facebook's own API deployment. That, coupled with Facebook's own business model, is just the latest in a series of own goals scored by the social media giant. =

The company still has to explain itself to a number of parliamentary hearings around the world that are concerned about the level to which Facebook has enabled fake news and propagandists to influence elections in several countries.

Facebook isn't the only tech giant coming under pressure. Closer to home, Google managed to not be informed about New Zealand's name suppression regime and named the man accused of murdering British backpacker Grace Millane in an email reporting on search trends.

Google suggests it is the court's responsibility to tell it about the suppression order, and key executives are coming to New Zealand to explain their stance to Minister for Justice, Andrew Little.

While a number of commentators are unsure as to how Google is supposed to know about every court case in the world so as to avoid similar situations in the future (perhaps it could use a search engine to monitor such things), the issue brings into sharp relief the issues facing legislators around the world. How do individual countries retain control of their legal powers if extra-territorial operators like Google or Facebook can avoid responsibility when things go wrong on the basis that they're too big to notice.


You must be logged in in order to post comments. Log In

Web Development by The Logic Studio