- Bug lets Twitter save your DMs—even after you delete them Friday 7:21 PM
- Guy mansplains song to Japanese Breakfast, the female artist who wrote the song Friday 6:38 PM
- Ann Coulter’s Twitter bio links to a vulgar parody account Friday 5:22 PM
- Popular YouTube music channel gets income yanked for ‘repetitious’ content Friday 4:14 PM
- New website will endlessly generate fake faces thanks to AI Friday 3:41 PM
- Man fakes getting stood up at Outback Steakhouse Friday 3:03 PM
- FCC looks to tackle robocalls and spoofed texts Friday 2:57 PM
- How to protect yourself from the data breach that affected 744 million accounts Friday 12:56 PM
- How to stream Rob Brant vs. Khasan Baysangurov online for free Friday 12:21 PM
- No, Ocasio-Cortez doesn’t have her boyfriend on her payroll Friday 12:20 PM
- Writers want this book canceled for misgendering its protagonist Friday 12:15 PM
- Trump Jr’s meme about his dad’s border wall doesn’t get how Congress works Friday 11:44 AM
- FBI reportedly looking into Ryan Adams’ communications with underage girl Friday 11:25 AM
- Trump does Chinese accent, declares national emergency, bewilders the internet Friday 11:21 AM
- Chrissy Teigen throws shade at Logan Paul-Kaitlin Bennett pairing Friday 10:48 AM
Facebook closes loophole that released private group members’ info
Facebook recently closed a serious privacy loophole that gave marketers the ability to discover the members of private groups on the social network.
Andrea Downing, the moderator of a private Facebook group for women with the BRCA gene mutation (which is associated with a higher-risk breast cancer), discovered the existence of a Chrome extension called Grouply.io. This extension made it possible to download names, email addresses, employers, locations, and other details of the BRCA Sisterhood’s 9,000 private group members. Downing, and group members, were understandably rattled by the revelation—while the group wasn’t secret on Facebook (that is, it is searchable), many of its members did not want their identities publicly known.
Downing contacted a security issue to check if her concerns were valid, and he found that the extension did make it possible for third parties to discover the members of “closed” Facebook groups. This extension, in particular, was built to harvest that data for marketers, but the information could also be gleaned manually.
The researcher, Fred Trotter, reported his findings to Facebook May 29. On June 20, a Facebook spokesperson told them: “Our Groups team has been exploring potential changes related to group membership and privacy controls for groups, with the goal of understanding whether providing different options can better align the controls with the expectations of group administrators and members. That work is ongoing and may lead to changes that address some of your concerns going forward.”
Facebook completely shut down third parties’ ability to harvest closed group members’ details this way on June 29.
- Here’s who unfriended you on Facebook
- Can you really see who is looking at your Facebook page?
- What does a Facebook ‘poke’ really mean?
The situation highlights an interesting problem: While genetic information such as a BRCA test result is protected under the Health Insurance Portability and Accountability Act (HIPAA), information on social networks is not. If you choose to share private health information on a social network, that information is not legally regulated like it would if it were part of a medical health record.
Still, the members of the BRCA Sisterhood private group may have grounds for some sort of recourse, at least under GDPR law in the EU. The group members may have had a reasonable expectation of privacy from their closed group setting, which Facebook’s security loophole allowed apps like Grouply.io to exploit.
Christina Bonnington is a tech reporter who specializes in consumer gadgets, apps, and the trends shaping the technology industry. Her work has also appeared in Gizmodo, Wired, Refinery29, Slate, Bicycling, and Outside Magazine. She is based in the San Francisco Bay Area and has a background in electrical engineering.