- ‘Fast and Furious’ + ‘American Ninja Warrior’ = Netflix’s ‘Hyperdrive’ 2 Weeks Ago
- Trump jokes drop in Dow is because Seth Moulton dropped out of 2020 race 2 Weeks Ago
- What we learned when we visited Mr. B, America’s chonkiest cat Today 1:46 PM
- Trump’s new plan to fight opioid overdose? This tweet Today 1:06 PM
- Fitness influencer shamed for ‘sharing numbers’ in weight loss posts Today 1:04 PM
- The VSCO Girl has always been here Today 1:01 PM
- Tomi Lahren’s new ‘Freedom’ clothing line is made for meme mockery Today 12:21 PM
- Taylor Swift’s ‘London Boy’ is a bop, but Brits don’t think her lyrics are accurate Today 12:02 PM
- Popeyes blasted for employee welfare amid chicken sandwich war Today 11:59 AM
- Cory Booker says nonbinary ‘niephew’ taught him about trans issues Today 11:53 AM
- Megachurch pushes conversion therapy on Instagram, Facebook with #OnceGay Today 11:11 AM
- Christian movie review site blasts Netflix’s ‘The Family’ Today 10:50 AM
- YouTube removes ‘coordinated’ channels spreading Hong Kong misinformation Today 8:58 AM
- Christina Hendricks reveals she was the hand model for ‘American Beauty’ Today 8:30 AM
- Why can’t independent feminist websites stay afloat? Today 8:17 AM
A San Francisco startup secretly collected millions of Instagram users’ stories and location data in violation of the platform’s rules, Business Insider reports.
Marketing firm Hyp3r, which was designated by Instagram as a preferred advertising partner, was able to create “detailed records” on users by scraping their bios, content from their stories, and their physical locations.
While it remains unclear just how many users were affected, Business Insider says former Hyp3r employees alleged that more than 1 million Instagram posts are collected by the company every month. Hyp3r has also publicly stated that it has “a unique dataset of hundreds of millions of the highest value consumers in the world.”
One of the former Hyp3r employees questioned Instagram’s security practices, arguing that the tech company could have easily protected users’ location data.
“For [Instagram] to leave these endpoints open and let people get to this in a backchannel sort of way, I thought was kind of hypocritical,” the former employee said.
Although Hyp3r only collected data from public accounts, Instagram sent the company on Wednesday a cease-and-desist letter after learning of the firm’s actions.
An Instagram spokesperson said in a statement that Hyp3r clearly violated the platform’s policies.
“HYP3R’s actions were not sanctioned and violate our policies. As a result, we’ve removed them from our platform,” the spokesperson said. “We’ve also made a product change that should help prevent other companies from scraping public location pages in this way.”
Hyp3r CEO Carlos Garcia argued in an emailed statement to Business Insider, however, that its actions were not in violation of Instagram’s rules.
“HYP3R is, and has always been, a company that enables authentic, delightful marketing that is compliant with consumer privacy regulations and social network Terms of Services,” Garcia wrote. “We do not view any content or information that cannot be accessed publicly by everyone online.”
Although Instagram previously allowed the sort of location data collection done by Hyp3r, the social media company’s policies changed following the Cambridge Analytica scandal.
Former Hyp3r employees say the firm found workarounds that allowed them to still collect location data even after Instagram’s policies were changed.
The story comes as Facebook, which owns Instagram, works to further integrate its family of apps into the main brand. Critics have argued that doing so will only tarnish the image of apps like Instagram which have been somewhat insulated from Facebook’s repeated privacy scandals.
- Instagram will rebuild its DM feature using Facebook Messenger tech
- ‘From Facebook’ will be added to Instagram and Whatsapp’s names
- Patent shows Facebook may insert ads into private Messenger conversations
H/T Business Insider
Mikael Thalen is a tech and security reporter based in Seattle, covering social media, data breaches, hackers, and more.