Facebook said Friday that a software bug affecting nearly 7 million users may have exposed a broader set of photos to app developers than what those users intended.
Although this doesn’t mean the photos were actually seen by anyone, the revelation of the bug offers another reminder of just how much data Facebook has on its 2.27 billion users and how often these sorts of slipups happen.
In a blog post, the company said the bug affected 6.8 million people who granted permission for third-party apps to access the photos. Facebook said the users’ photos may have been exposed for 12 days in September and that the bug was fixed.
Generally when people give apps access to their photos, it means only photos posted on their Facebook page. Facebook says the bug potentially gave developers access to other photos, such as those shared on Marketplace or on Facebook Stories. The bug also affected photos that people uploaded to Facebook but chose not to post or could not post for technical reasons.
The problem comes in a year fraught with privacy scandals and other problems for the world’s biggest social network.
Revelations that the data-mining firm Cambridge Analytica improperly accessed data from as many as 87 million users led to congressional hearings and changes in what sorts of data Facebook lets outside developers access. In June, a bug affecting privacy settings led some users to post publicly by default regardless of their previous settings. This bug affected as many as 14 million users over several days in May.
On Thursday, to counter the bad rap it’s gotten around privacy as of late, Facebook hosted a one-day “pop-up” to talk to users about their settings and whatever else may be on their mind. Chief Privacy Officer Erin Egan was on hand to answer questions. Asked by a reporter what grade she’d give Facebook for its privacy work in the past year, she said “B.” By 2019, she said she hopes the improvements will result in an “A.”
Privacy experts might call it grade inflation. In any case, the company has its work cut out before it makes the top grade.
With two more weeks left of the year, it’s possible there’s still time for another privacy kerfuffle at Facebook. While the scandals don’t seem to have affected the company’s massive user base, growth has slowed. And the company has had to increase how much it spends on privacy and security, which put a dent in its bottom line and in August contributed to a stock price plunge .