In the wake of a New York Times report saying Facebook gave numerous companies shocking access to users' data — even giving Spotify, Netflix, and the Royal Bank of Canada the ability "to read, write and delete users' private messages" — Facebook has acknowledged the truth of the report.
The social media giant asked rhetorically in a Tuesday blog post, "Did partners get access to messages?"
Facebook's answer? "Yes," noted Konstantinos Papamiltiadis, director of developer platforms and programs. "But people had to explicitly sign in to Facebook first to use a partner's messaging feature. Take Spotify for example. After signing in to your Facebook account in Spotify's desktop app, you could then send and receive messages without ever leaving the app. Our API provided partners with access to the person's messages in order to power this type of feature."
In regard to the Times' report that Spotify, Netflix, and the Royal Bank of Canada could "read, write and delete users' private messages," Spotify and Netflix spokespeople told the paper their companies "were unaware of the broad powers Facebook had granted them. A Royal Bank of Canada spokesman disputed that the bank had any such access."
The paper added that Spotify could view messages of more than 70 million users a month and "still offers the option to share music through Facebook Messenger. But Netflix and the Canadian bank no longer needed access to messages because they had deactivated features that incorporated it."
A Netflix spokeswoman told Business Insider the company didn't access anyone's private messages.
The spokeswoman said, "Over the years we have tried various ways to make Netflix more social. One example of this was a feature we launched in 2014 that enabled members to recommend TV shows and movies to their Facebook friends via Messenger or Netflix. It was never that popular so we shut the feature down in 2015. At no time did we access people's private messages on Facebook or ask for the ability to do so."
Facebook found no evidence of abuse by its partners, a spokeswoman told the Times.
More from Business Insider:
More troubling to observers, however, was any sense that Facebook gave third parties deep access to user data without properly informing users and gaining permission. Many people tend to assume their private messages on social media will stay private.
Former Federal Trade Commission officials told The Times that Facebook's newly revealed data-sharing agreements probably violated regulatory requirements.
For Facebook, this is the latest in a steady drip of privacy scandals. It is still struggling with the fallout from the Cambridge Analytica scandal in March and fighting regulatory fines. It has disclosed multiple breaches over the past few months, including a significant hack affecting up to 50 million users disclosed in September.