Internal email reveals Facebook's plan to 'normalise' data scraping
The company intends to deflect criticism by framing scraping as a broader industry issue
An internal email sent accidentally to a journalist by Facebook has revealed the social media network ' s intent to label data scraping incidents as a ' normalised, broad industry issue '.
In the email sent to Pieterjan Van Leemputten, a journalist for Belgian news outlet Data News, a Facebook representative gave details of the firm ' s long-term strategy for dealing with the data scraping issue.
Earlier this month, it was reported that personal details of about 533 million Facebook users had been scraped and posted on a hacking forum.
Scraping is a technique that enables someone to retrieve information from profiles or websites.
The leak exposed reams of personal information on users from more than 100 countries. That information included full names, phone numbers, gender, date of birth, location, relationship status and email addresses.
Facebook claimed the leak was related to an 'old' bug that was fixed by 2019 and that the data was scraped using Facebook's contact importer tool before September 2019.
Last week, Ireland's DPC said that it had opened an inquiry into the leak, which might have breached 'one or more provisions of the EU's General Data Protection Regulation (GDPR) and/or the Data Protection Act 2018'.
Facebook now wants to ' normalise ' the idea that scraping of users ' details from social media networks is a broad industry issue and that such activities tend to happen regularly.
"Publications have offered more critical takes of Facebook's response framing it as evasive, a deflection of blame and absent of an apology for the users impacted," reads the internal Facebook email that dates from 8 April and was addressed to the company ' s PR staff in EMEA (Europe, Middle East and Africa).
The email suggests that the firm will not make additional statements on the data scraping incident, because it expects press attention to disappear soon.
The company outlines its long-term strategy for dealing with the scraping issue.
"Longer term, though, we expect more scraping incidents and that it's important to both frame this as a broad industry issue and normalise the fact that this activity happens regularly."
To do this, the team is planning to publish a blog post in coming days to talk in detail about Facebook ' s anti-scraping work and to provide more transparency around the work being done.
"We hope that this will normalise the fact that this activity is ongoing and avoid criticism that we aren't being transparent about particular incidents," the email says.
Facebook currently faces a mass action lawsuit in Europe over the data leak.
Irish civil rights group Digital Rights Ireland (DRI) said earlier this week that it planned to sue the tech giant in Irish courts on behalf of the thousands of Facebook users whose data was exposed.
The group has already made a formal complaint to the Irish Data Protection Commission (DPC), and is preparing to take the case to court.
Antoin O Lachtnain, director of DRI, called the scale of the breach "gobsmacking," adding that " Facebook's handling of this breach has been entirely inadequate ".
"This will be the first mass action of its kind but we're sure it won't be the last," O Lachtnain said.
Ireland DPC said it was in contact with Facebook Ireland and had raised queries in relation to GDPR compliance.
If it finds Facebook guilty, the company could face a financial penalty of up to 4 per cent of its $86 billion (£62 billion) global revenue.