facebook platform

Facebook sues analytics firm Rankwave over data misuse

Posted by | Apps, Cambridge Analytica, Facebook, facebook platform, Facebook Policy, lawsuit, Mobile, Policy, Social, TC | No Comments

Facebook might have another Cambridge Analytica on its hands. In a late Friday news dump, Facebook revealed that today it filed a lawsuit alleging South Korean analytics firm Rankwave abused its developer platform’s data, and has refused to cooperate with a mandatory compliance audit and request to delete the data.

Facebook’s lawsuit centers around Rankwave offering to help businesses build a Facebook authorization step into their apps so they can pass all the user data to Rankwave, which then analyzes biographic and behavioral traits to supply user contact info and ad targeting assistance to the business. Rankwave also apparently misused data sucked in by its own consumer app for checking your social media “influencer score”. That app could pull data about your Facebook activity such as location checkins, determine that you’ve checked into a baseball stadium, and then Rankwave could help its clients target you with ads for baseball tickets.

The use of a seemingly fun app to slurp up user data and repurpose it for other business goals is strikingly similar to how Cambridge Analytica’s personality quiz app tempted millions of users to provide data about themselves and their friends.

Rankwave touts its Facebook data usage in this 2014 pitch deck

TechCrunch has attained a copy of the lawsuit that alleges that Rankwave misused Facebook data outside of the apps where it was collected, purposefully delayed responding to a cease-and-desist order, claimed it didn’t violate Facebook policy, lied about not using its apps since 2018 when they were accessed in April 2019, and then refused to comply with a mandatory audit of its data practices. Facebook Platform data is not supposed to be repurposed for other business goals, only for the developer to improve their app’s user experience.

“By filing the lawsuit, we are sending a message to developers that Facebook is serious about enforcing our policies, including requiring developers to cooperate with us during an investigation” Facebook’s director of platform enforcement and litigation Jessica Romero wrote. Facebook tells TechCrunch that “To date Rankwave has not participated in our investigation and we are trying to get more info from them to determine if there was any misuse of Pages data.” We’ve reached out to Rankwave for its response.

Cambridge Analytic-ish

Facebook’s lawsuit details that “Rankwave used the Facebook data associated with Rankwave’s apps to create and sell advertising and marketing analytics and models — which violated Facebook’s policies and terms” and that it “failed to comply with Facebook’s requests for proof of Rankwave’s compliance with Facebook policies, including an audit.” Rankwave apparently accessed data from over thirty apps, including those created by its clients.

Specifically, Facebook cites that its “Platform Policies largely restrict Developers from using Facebook data outside of the environment of the app, for any purpose other than enhancing the app users’ experience on the app.” But Rankwave allegedly used Facebook data outside those apps.

Rankwave describes how it extracts contact info and ad targeting data from Facebook data

Facebook’s suit claims that “Rankwave’s B2B apps were installed and used by businesses to track and analyze activity on their Facebook Pages . . . Rankwave operated a consumer app called the ‘Rankwave App.’ This consumer app was designed to measure the app user’s popularity on Facebook by analyzing the level of interaction that other users had with the app user’s Facebook posts. On its website, Rankwave claimed that this app calculated a user’s ‘Social influence score’ by ‘evaluating your social activities’ and receiving ‘responses from your friends.’”

TechCrunch has found that Rankwave still offers an Android app that asks for you to login with Facebook so it can assess the popularity of your posts and give you a “Social Influencer Score”. Until 2015 when Facebook tightened its policies, this kind of app could ingest not only a user’s own data but that about their Facebook friends. As with Cambridge Analytica, this likely massively compounded Rankwave’s total data access.

Rankwave’s Android app asks for users’ Facebook data in exchange for providing them a Social Influencer Score

Facebook Delays Coming After Rankwave

Founded in 2012 by Sungwha Shim, Rankwave came into Facebook’s crosshairs in June 2018 after it was sold to a Korean entertainment company in May 2017. Facebook assesses that the value of its data at the time of the buyout was $9.8 million.

Worryingly, Facebook didn’t reach out to Rankwave until January 2019 for information proving it complied with the social network’s policies. After receiving no response, Facebook issued a cease-and-desist order in February, which Rankwave replied to seeking more time because it’s CTO had resigned, which Facebook calls “false representations”. Later that month, Rankwave denied violating Facebook’s policies but refused to provide proof. Facebook gave it more time to provide proof, but Rankwave didn’t respond. Facebook has now shut down Rankwave’s apps.

Rankwave claims to be able to extract a wide array of ad targeting data from Facebook data

Now Facebook is seeking money to cover the $9.8 million value of the data, additional monetary damages and legal fees, plus injunctive relief restraining Rankwave from accessing the Facebook Platform, requiring it to comply with Facebook’s audit, requiring that it delete all Facebook data.

The fact that Rankwave was openly promoting these services that blatantly violate Facebook’s policies casts further doubt on how the social network was policing its platform. And the six month delay between Facebook identifying a potential issue with Rankwave and it even reaching out for information, plus another several months before it blocked Rankwave’s app shows a failure to move swiftly to enforce its policies. These blunders might explain why Facebook buried the news by announcing it on a Friday afternoon when many reporters and readers have already signed off for the weekend.

For now there’s no evidence of wholesale transfer of Rankwave’s data to other parties or its misuse for especially nefarious purposes like influencing an election as with Cambridge Analytica. The lawsuit merely alleges data was wrongly harnessed to make money, which may not spur the same level of backlash. But the case further proves that Facebook was too busy growing itself thanks to the platform to properly safeguard it against abuse.

You can learn more about Rankwave’s analytics practices from this 2014 presentation.

Powered by WPeMatico

With trust destroyed, Facebook is haunted by old data deals

Posted by | Apps, BlackBerry, Facebook, facebook platform, Facebook Policy, facebook privacy, Mobile, Netflix, Social, Spotify, TC, Yahoo | No Comments

As Facebook colonized the rest of the web with its functionality in hopes of fueling user growth, it built aggressive integrations with partners that are coming under newfound scrutiny through a deeply reported New York Times investigationSome of what Facebook did was sloppy or unsettling, including forgetting to shut down APIs when it cancelled its Instant Personalization feature for other sites in 2014, and how it used contact syncing to power friend recommendations.

But other moves aren’t as bad as they sound. Facebook did provide Spotify and Netflix the ability to access users messages, but only so people could send friends songs or movies via Facebook messages without leaving those apps. And Facebook did let Yahoo and Blackberry access people’s News Feeds, but to let users browse those feeds within social hub features inside those apps. These partners could only access data when users logged in and connected their Facebook accounts, and were only approved to use this data to provide Facebook-related functionality. That means Spotify at least wasn’t supposed to be rifling through everyone’s messages to find out what bands they talk about so it could build better curation algorithms, and there’s no evidence yet that it did.

Thankfully Facebook has ditched most of these integrations, as the dominance of iOS and Android have allowed it to build fewer, more standardized, and better safeguarded access points to its data. And it’s battened down the hatches in some ways, forcing users to shortcut from Spotify into the real Facebook Messenger rather than giving third-parties any special access to offer Facebook Messaging themselves.

The most glaring allegation Facebook hasn’t adequately responded to yet is that it used data from Amazon, Yahoo, and Huawei to improve friend suggestions through People You May Know — perhaps its creepiest feature. The company needs to accept the loss of growth hacking trade secrets and become much more transparent about how it makes so uncannily accurate recommendations of who to friend request — as Gizmodo’s Kashmir Hill has documented.

In some cases, Facebook has admitted to missteps, with its Director of Developer Platforms and Programs Konstantinos Papamiltiadis writing “we shouldn’t have left the APIs in place after we shut down instant personalization.”

In others, we’ll have decide where to draw the line between what was actually dangerous and what gives us the chills at first glance. You don’t ask permission from friends to read an email from them on a certain browser or device, so should you worry if they saw your Facebook status update on a Blackberry social hub feature instead of the traditional Facebook app? Well that depends on how the access is monitored and meted out.

The underlying question is whether we trust that Facebook and these other big tech companies actually abided by rules to oversee and not to overuse data. Facebook has done plenty wrong, and after repeatedly failing to be transparent or live up to its apologies, it doesn’t deserve the benefit of the doubt. For that reason, I don’t want it giving any developer — even ones I normally trust like Spotify — access to sensitive data protected merely by their promise of good behavior despite financial incentives for misuse.

Facebook’s former chief security officer Alex Stamos tweeted that “allowing for 3rd party clients is the kind of pro-competition move we want to see from dominant platforms. For ex, making Gmail only accessible to Android and the Gmail app would be horrible. For the NY Times to try to scandalize this kind of integration is wrong.” But countered that by noting that “integrations that are sneaky or send secret data to servers controlled by others really is wrong.”

Even if Spotify and Netflix didn’t abuse the access Facebook provided, there’s always eventually a Cambridge Analytica. Tech companies have proven their word can’t necessarily be trusted. The best way to protect users is to properly lock down the platforms with ample vetting, limits, and oversight so there won’t be gray areas that require us to put our faith in the kindness of businesses.

Powered by WPeMatico

Facebook ends platform policy banning apps that copy its features

Posted by | Apps, Developer, Facebook, facebook platform, Facebook Policy, Mobile, Policy, Social, TC | No Comments

Facebook will now freely allow developers to build competitors to its features upon its own platform. Today Facebook announced it will drop Platform Policy section 4.1, which stipulates “Add something unique to the community. Don’t replicate core functionality that Facebook already provides.”

That policy felt pretty disingenuous given how aggressively Facebook has replicated everyone else’s core functionality, from Snapchat to Twitter and beyond. Facebook had previously enforced the policy selectively to hurt competitors that had used its Find Friends or viral distribution features. Apps like Vine, Voxer, MessageMe, Phhhoto and more had been cut off from Facebook’s platform for too closely replicating its video, messaging or GIF creation tools. Find Friends is a vital API that lets users find their Facebook friends within other apps.

The move will significantly reduce the risk of building on the Facebook platform. It could also cast it in a better light in the eyes of regulators. Anyone seeking ways Facebook abuses its dominance will lose a talking point. And by creating a more fair and open platform where developers can build without fear of straying too close to Facebook’s history or road map, it could reinvigorate its developer ecosystem.

A Facebook spokesperson provided this statement to TechCrunch:

We built our developer platform years ago to pave the way for innovation in social apps and services. At that time we made the decision to restrict apps built on top of our platform that replicated our core functionality. These kind of restrictions are common across the tech industry with different platforms having their own variant including YouTube, Twitter, Snap and Apple. We regularly review our policies to ensure they are both protecting people’s data and enabling useful services to be built on our platform for the benefit of the Facebook community. As part of our ongoing review we have decided that we will remove this out of date policy so that our platform remains as open as possible. We think this is the right thing to do as platforms and technology develop and grow.

The change comes after Facebook locked down parts of its platform in April for privacy and security reasons in the wake of the Cambridge Analytica scandal. Diplomatically, Facebook said it didn’t expect the change to impact its standing with regulators but it’s open to answering their questions.

Earlier in April, I wrote a report on how Facebook used Policy 4.1 to attack competitors it saw gaining traction. The article, “Facebook shouldn’t block you from finding friends on competitors,” advocated for Facebook to make its social graph more portable and interoperable so users could decamp to competitors if they felt they weren’t treated right in order to coerce Facebook to act better.

The policy change will apply retroactively. Old apps that lost Find Friends or other functionality will be able to submit their app for review and, once approved, will regain access.

Friend lists still can’t be exported in a truly interoperable way. But at least now Facebook has enacted the spirit of that call to action. Developers won’t be in danger of losing access to that Find Friends Facebook API for treading in its path.

Below is an excerpt from our previous reporting on how Facebook has previously enforced Platform Policy 4.1 that before today’s change was used to hamper competitors:

  • Voxer was one of the hottest messaging apps of 2012, climbing the charts and raising a $30 million round with its walkie-talkie-style functionality. In early January 2013, Facebook copied Voxer by adding voice messaging into Messenger. Two weeks later, Facebook cut off Voxer’s Find Friends access. Voxer CEO Tom Katis told me at the time that Facebook stated his app with tens of millions of users was a “competitive social network” and wasn’t sharing content back to Facebook. Katis told us he thought that was hypocritical. By June, Voxer had pivoted toward business communications, tumbling down the app charts and leaving Facebook Messenger to thrive.
  • MessageMe had a well-built chat app that was growing quickly after launching in 2013, posing a threat to Facebook Messenger. Shortly before reaching 1 million users, Facebook cut off MessageMe‘s Find Friends access. The app ended up selling for a paltry double-digit millions price tag to Yahoo before disintegrating.
  • Phhhoto and its fate show how Facebook’s data protectionism encompasses Instagram. Phhhoto’s app that let you shoot animated GIFs was growing popular. But soon after it hit 1 million users, it got cut off from Instagram’s social graph in April 2015. Six months later, Instagram launched Boomerang, a blatant clone of Phhhoto. Within two years, Phhhoto shut down its app, blaming Facebook and Instagram. “We watched [Instagram CEO Kevin] Systrom and his product team quietly using PHHHOTO almost a year before Boomerang was released. So it wasn’t a surprise at all . . . I’m not sure Instagram has a creative bone in their entire body.”
  • Vine had a real shot at being the future of short-form video. The day the Twitter-owned app launched, though, Facebook shut off Vine’s Find Friends access. Vine let you share back to Facebook, and its six-second loops you shot in the app were a far cry from Facebook’s heavyweight video file uploader. Still, Facebook cut it off, and by late 2016, Twitter announced it was shutting down Vine.

Powered by WPeMatico

Facebook quietly relaunches apps for Groups platform after lockdown

Posted by | Apps, Cambridge Analytica, facebook groups, facebook platform, Mobile, Policy, Social, TC | No Comments

Facebook is becoming a marketplace for enterprise apps that help Group admins manage their communities.

To protect itself and its users in the wake of the Cambridge Analytica scandal, Facebook locked down the Groups API for building apps for Groups. These apps had to go through a human-reviewed approval process, and lost access to Group member lists, plus the names and profile pics of people who posted. Now, approved Groups apps are reemerging on Facebook, accessible to admins through a new in-Facebook Groups apps browser that gives the platform control over discoverability.

Facebook confirmed the new Groups apps browser after our inquiry, telling TechCrunch, “What you’re seeing today is related to changes we announced in April that require developers to go through an updated app review process in order to use the Groups API. As part of this, some developers who have gone through the review process are now able to access the Groups API.”

Facebook wouldn’t comment further, but this Help Center article details how Groups can now add apps. Matt Navarra first spotted the new Groups apps option and tipped us off. Previously, admins would have to find Group management tools outside of Facebook and then use their logged-in Facebook account to give the app permissions to access their Group’s data.

Groups are often a labor of love for admins, but generate tons of engagement for the social network. That’s why the company recently began testing Facebook subscription Groups that allow admins to charge a monthly fee. With the right set of approved partners, the platform offers Group admins some of the capabilities usually reserved for big brands and businesses that pay for enterprise tools to manage their online presences.

Becoming a gateway to enterprise tool sets could make Facebook Groups more engaging, generating more time on site and ad views from users. This also positions Facebook as a natural home for ad campaigns promoting different enterprise tools. And one day, Facebook could potentially try to act more formally as a Groups App Store and try to take a cut of software-as-a-service subscription fees the tool makers charge.

Facebook can’t build every tool that admins might need, so in 2010 it launched the Groups API to enlist some outside help. Moderating comments, gathering analytics and posting pre-composed content were some of the popular capabilities of Facebook Groups apps. But in April, it halted use of the API, announcing that “there is information about people and conversations in groups that we want to make sure is better protected. Going forward, all third-party apps using the Groups API will need approval from Facebook and an admin to ensure they benefit the group.”

Now apps that have received the necessary approval are appearing in this Groups apps browser. It’s available to admins through their Group Settings page. The apps browser lets them pick from a selection of tools like Buffer and Sendible for scheduling posts to their Group, and others for handling commerce messages.

Facebook is still trying to bar the windows of its platform, ensuring there are no more easy ways to slurp up massive amounts of sensitive user data. Yesterday it shut down more APIs and standalone apps in what appears to be an attempt to streamline the platform so there are fewer points of risk and more staff to concentrate on safeguarding the most popular and powerful parts of its developer offering.

The Cambridge Analytica scandal has subsided to some degree, with Facebook’s share price recovering and user growth maintaining at standard levels. However, a new report from The Washington Post says the FBI, FTC and SEC will be investigating Facebook, Cambridge Analytica and the social network’s executives’ testimony to Congress. Facebook surely wants to get back to concentrating on product, not politics, but must take it slow and steady. There are too many eyes on it to move fast or break anything.

Powered by WPeMatico

Facebook mistakenly leaked developer analytics reports to testers

Posted by | Apps, Developer, Facebook, facebook platform, facebook privacy, Mobile, Social, TC | No Comments

Set the “days without a Facebook privacy problem” counter to zero. This week, an alarmed developer contacted TechCrunch, informing us that their Facebook App Analytics weekly summary email had been delivered to someone outside their company. It contains sensitive business information, including weekly average users, page views and new users.

Forty-three hours after we contacted Facebook about the issue, the social network now confirms to TechCrunch that 3 percent of apps using Facebook Analytics had their weekly summary reports sent to their app’s testers, instead of only the app’s developers, admins and analysts.

Testers are often people outside of a developer’s company. If the leaked info got to an app’s competitors, it could provide them an advantage. At least they weren’t allowed to click through to view more extensive historical analytics data on Facebook’s site.

Facebook tells us it has fixed the problem and no personally identifiable information or contact info was improperly disclosed. It plans to notify all impacted developers about the leak today and has already begun.

Update: 1pm Pacific: TechCrunch was provided with this statement from a Facebook spokesperson:

“Due to an error in our email delivery system, weekly business performance summaries we send to developers about their account were also sent to a small group of those developer’s app testers. No personal information about people on Facebook was shared. We’re sorry for the error and have updated our system to prevent it from happening again.”

Below you can find the email the company is sending:

Subject line: We recently resolved an error with your weekly summary email

We wanted to let you know about a recent error where a summary e-mail from Facebook Analytics about your app was sent to testers of your app ‘[APP NAME WILL BE DYNAMICALLY INSERTED HERE]’. As you know, we send weekly summary emails to keep you up to date with some of your top-level metrics — these emails go to people you’ve identified as Admins, Analysts and Developers. You can also add Testers to your account, people designated by you to help test your apps when they’re in development.

We mistakenly sent the last weekly email summary to your Testers, in addition to the usual group of Admins, Analysts and Developers who get updates. Testers were only able to see the high-level summary information in the email, and were not able to access any other account information; if they clicked “View Dashboard” they did not have access to any of your Facebook Analytics information.

We apologize for the error and have made updates to prevent this from happening again.

One affected developer told TechCrunch “Not sure why it would ever be appropriate to send business metrics to an app user. When I created my app (in beta) I added dozens of people as testers as it only meant they could login to the app…not access info!” They’re still waiting for the disclosure from Facebook.

Facebook wouldn’t disclose a ballpark number of apps impacted by the error. Last year it announced 1 million apps, sites and bots were on Facebook Analytics. However, this issue only affected apps, and only 3 percent of them.

The mistake comes just weeks after a bug caused 14 million users’ Facebook status update composers to change their default privacy setting to public. And Facebook has had problems with misdelivering business information before. In 2014, Facebook accidentally sent advertisers receipts for other business’ ad campaigns, causing significant confusion. The company has also misreported metrics about Page reach and more on several occasions. Though user data didn’t leak and today’s issue isn’t as severe as others Facebook has dealt with, developers still consider their business metrics to be private, making this a breach of that privacy.

While Facebook has been working diligently to patch app platform privacy holes since the Cambridge Analytica scandal, removing access to many APIs and strengthening human reviews of apps, issues like today’s make it hard to believe Facebook has a proper handle on the data of its 2 billion users.

Powered by WPeMatico

Snapchat launches privacy-safe Snap Kit, the un-Facebook platform

Posted by | Apps, Developer, eventbrite, facebook platform, Mobile, Patreon, Poshmark, Postmates, Snapchat, Social, TC, Tinder | No Comments

Today Snapchat finally gets a true developer platform, confirming TechCrunch’s scoop from last month about Snap Kit. This set of APIs lets other apps piggyback on Snap’s login for sign up, build Bitmoji avatars into their keyboards, display public Our Stories and Snap Map content, and generate branded stickers with referral links users can share back inside Snapchat.

Snap Kit’s big selling point is privacy — a differentiator from Facebook. It doesn’t even let you share your social graph with apps to prevent a Cambridge Analytica-style scandal.

Launch partners include Tinder bringing Bitmojis to your chats with matches, Patreon letting fans watch creators’ Stories from within its app, and Postmates offering order ETA stickers you can share in Snapchat that open the restaurant’s page in the delivery app. Developers that want to join the platform can sign up here.

Snap Kit could help the stumbling public company colonize the mobile app ecosystem with its buttons and content, which might inspire Snapchat signups from new users and reengagement from old ones. “Growth is one of our three goals for 2018, so we absolutely hope it can contribute to that, and continue to strengthen engagement, which has always been a key metric for us” Snap’s VP of product Jacob Andreou tells me. That’s critical since Snapchat sunk to its lowest user growth rate ever last quarter under the weight of competition from Instagram and WhatsApp.

“There have been areas inside of our products where we’ve really set standards” Andreou explains. “Early, that was seen in examples like Stories, but today with things like how we treat user data, what we collect, what we share when people login and register for our service . . . Snap Kit is a set of developer tools that really allow people to take the best parts of our products and the standards that we’ve set in a few of these areas, and bring them into their apps.”

This focus on privacy manifests as a limit of 90 days of inactivity before your connection with an app is severed. And the login feature only requires you bring along your changeable Snapchat display name, and optionally, your Bitmoji. Snap Kit apps can’t even ask for your email, phone number, gender, age, location, who you follow, or who you’re friends with.

“It really became challenging for us to see our users then use other products throughout their day and have to lower their expectations. . . having to be okay with the fact that all of their information and data would be shared” Andreou gripes. This messaging is a stark turnaround from four years ago when it took 10 days for CEO Evan Spiegel to apologize for security laziness causing the leak of 4 million users’ phone numbers. But now with Facebook as everyone’s favorite privacy punching bag, Snapchat is seizing the PR opportunity.

“I think one of the parts that [Spiegel] was really excited about with this release is how much better our approach to our users in that way really is — without relying on things like policy or developer’s best intentions or them writing perfect bug free code, but instead by design, not even exposing these things to begin with.”

Yet judging by Facebook’s continued growth and recovered share price, privacy is too abstract of a concept for many people to grasp. Snap Kit will have to win on the merits of what it brings other apps, and the strength of its partnerships team. Done right, Snapchat could gain an army of allies to battle the blue menace.

Snapvengers Assemble

Snap’s desire to maintain an iron grip on its ‘cool’ brand has kept its work with developers minimal until now. Its first accidental brush with a developer platform was actually a massive security hazard.

Third-party apps promising a method to secretly screenshot messages asked users to login with their Snapchat usernames and passwords, then proceeded to get hacked, exposing some users’ risqué photos. Snap later cut off an innocent music video app called Mindie for finding a way to share to users’ Stories. Last year I wrote how A year ago I urged it to build a platform in my article “Snap’s anti-developer attitude is an augmented liability”, as it needs help to populate the physical world with AR.

2017 saw Snap cautiously extend the drawbridge, inviting in ads, analytics, and marketing developer partners to help brands be hip, and letting hacker/designers make their own AR lenses. But the real transition moment was when Spiegel said on the Q4 2017 earnings call that “We feel strongly that Snapchat should not be confined to our mobile application—the amazing Snaps created by our community deserve wider distribution so they can be enjoyed by everyone.”

At the time that meant Snaps on the web, embedded in news sites, and on Jumbotrons. Today it means in other apps. But Snap will avoid one of the key pitfalls of the Facebook platform: over-promising. Snap Deputy General Counsel for Privacy Katherine Tassi tells me “It was also very important to us that there wasn’t going to be the exchange of the friends graph as part of the value proposition to third party developers.”

How Snap Kit Works

Snap Kit breaks down to four core pieces of functionality that will appeal to different apps looking to simplify signup, make communication visual, host eye-catching content, or score referral traffic. Developers that want access to Snap Kit must pass a human review and approval process. Snap will review their functionality to ensure they’re not doing anything shady.

Once authorized, they’ll have access to these APIs:

  • Login Kit is the foundation of Snap Kit. It’s an OAuth-style alternative to Facebook Login that lets users skip creating a proprietary username and password by instead using their Snapchat credentials. But all the app gets is their changeable, pseudonym-allowed Snapchat display name, and optionally, their Bitmoji avatar to use as a profile pic if the user approves. Getting that login button in lots of apps could remind people Snapchat exists, and turn it into a fundamental identity utility people will be loath to abandon.
  • Creative Kit is how apps will get a chance to create stickers and filters for use back in the Snapchat camera. Similar to April’s F8 launch of the ability to share from other apps to Instagram and Facebook Stories, developers can turn content like high scores, workout stats and more into stickers that users can overlay on their Snaps to drive awareness of the source app. Developers can also set a deep link where those stickers send people to generate referral traffic, which could be appealing to those looking to tap Snap’s 191 million teens.

  • Bitmoji Kit lets developers integrate Snapchat’s personalized avatars directly into their app’s keyboard. It’s an easy path to making chat more visually expressive without having to reinvent the wheel. This follows the expansion of Friendmoji that illustrate you and a pal rolling out to the iOS keyboard. But Bitmoji Kit means developers do the integration work instead of having to depend on users installing anything extra.
  • Story Kit allows developers to embed Snapchat Stories into their apps and websites. Beyond specific Stories, apps can also search through public Stories submitted to Our Story or Snap Map by location, time, or captions. A journalism app could surface first-hand reports from the scene of breaking news or a meme app could pull in puppy Snaps. The company will add extra reminders to the Our Story submission process to ensure users know their Stories could appear outside of Snapchat’s own app.

One thing that’s not in Snap Kit, at least yet, is the ability to embed Snapchat’s whole software camera into other apps which TechCrunch erroneously reported. Our sources mistakenly confused Creative Kit’s ability to generate stickers as opposed to sharing whole stories, which Andreou called “an interesting first step” for making Snapchat the broadcast channel for other apps.

Additional launch partners include bringing Bitmoji to Quip’s word processor, RSVP stickers from Eventbrite, GIF-enhanced Stories search in Giphy, Stories from touring musicians in Bands In Town, storytelling about your dinner reservation on Quandoo, music discovery sharing from SoundHound, and real-time sports score sharing from ScoreStream.

While other platforms have escaped their host’s control, like Facebook’s viral game spam outbreak in 2009 or Twitter having to shut down errant clients, Snapchat’s approval process will let it direct the destiny of its integrations.

Bitmoji Kit in Tinder

When asked why Snapchat was building Snap Kit, Andreou explained that “We think that giving people more tools to be able to express themselves freely, have fun and be creative, both on Snapchat and other apps is a good thing. We also think that helping more people outside of Snapchat learn about our platform and our features is a good thing. And most importantly, being able to do this in a way that doesn’t compromise our users’ privacy is very good thing.”

Without much data sharing, there’s a lot less risk here for Snapchat. But the platform won’t have the same draw that Facebook can dangle with its massive user base and extensive personal info access. Instead, Snapchat will have to leverage the fear of being left out of the visual communication era and tout itself as the catalyst for apps to evolve. The biggest driver of the platform might be youngins demanding their Bitmoji everywhere.

Snap needs all the help it can get right now. If other apps are willing to be a billboard for it in exchange for some of its teen-approved functionality, Snapchat could find new growth channels amidst stiff competition. Platforms can entrench apps. And after its user count shrunk in March, Snap has to find a way to keep from disappearing

Powered by WPeMatico

Facebook and Instagram Stories open to sharing from other apps

Posted by | Apps, F8 2018, Facebook, facebook platform, Facebook Stories, instagram, Instagram Stories, Mobile, Snapchat Clone, Social, TC | No Comments

Facebook is recruiting help to make its Stories more interesting than Snapchat’s. Starting with Spotify, SoundCloud and GoPro, third-party apps can now let their users share to Facebook Stories and Instagram Stories. Rather than screenshotting, users will be able to hit a button to share a photo or video of a playlist, song or mini-movie from another app into Facebook or Instagram’s Stories camera, where they can embellish it with effects and post it to their friends. GoPro’s integration actually lets you edit your movies inside Facebook’s apps, while you can immediately start listening to songs shared from Spotify and SoundCloud.

Facebook’s CPO Chris Cox announced the feature at Facebook’s F8 conference, saying that he’s excited to see what developers build. Other launch partners include selfie editor Meitu, lipsyncing app Musically, Indian streaming music service Saavn and more.

While this new wing of the Facebook platform is opening to all developers, only approved partners that go through a review process like the three mentioned will have attribution watermarks added to the shares.

This platform move mirrors what Facebook did with its Open Graph launch 7 years ago at F8 2011. That let developers push stories about in-app activity to Facebook’s Ticker and News Feed. Eventually Facebook dropped the Ticker and phased out these Open Graph auto-shares in favor of explicit sharing, where the user is in full control. Facebook is taking this more cautious approach with Stories too, rather than make users worry their guilty pleasure listening or private imagery could be unknowingly shared to their Story.

The plan deviates significantly from Snapchat’s strategy, which has shunned third-party developers like music video-maker Mindie in the past. Now Snapchat lets developers create augmented reality lenses and geofilters that users can unlock, but the content creation happens in Snapchat’s app. Facebook hopes that by recruiting developers and getting them to build special content users can share to their Stories, it will avoid the feature growing stale from the same old selfies and sunsets.

Powered by WPeMatico

Facebook shuts down custom feed-sharing prompts and 12 other APIs

Posted by | Apps, Facebook, Facebook Data privacy, facebook platform, Mobile, Policy, privacy, Social, TC | No Comments

Facebook is making good on Mark Zuckerberg’s promise to prioritize user safety and data privacy over its developer platform. Today Facebook and Instagram announced a slew of API shutdowns and changes designed to stop developers from being able to pull your data or your friends’ data without express permission, drag in public content or trick you into sharing. Some changes go into effect today, and others roll out on August 1 so developers have more than 90 days to fix their apps. They follow the big changes announced two weeks ago.

Most notably, app developers will have to start using the standardized Facebook sharing dialog to request the ability to publish to the News Feed on a user’s behalf. They’ll no longer be able to use the publish_actions API that let them design a custom sharing prompt. A Facebook spokesperson says this change was planned for the future because the consistency helps users feel in control, but the company moved the deadline up to August 1 as part of today’s updates because it didn’t want to have to make multiple separate announcements of app-breaking changes.

Facebook app developers will now have to use this standard Facebook sharing prompt since the publish_action API for creating custom prompts is shutting down

One significant Instagram Graph API change is going into effect today, which removes the ability to pull the name and bio of users who leave comments on your content, though commenters’ usernames and comment text is still available.

Facebook’s willingness to put user safety over platform utility indicates a maturation of the company’s “Hacker Way” that played fast-and-loose with people’s data in order to attract developers to its platform who would in turn create functionality that soaked up more attention.

For more on Facebook’s API changes, check out our breakdown of the major updates:

Powered by WPeMatico

Cambridge Analytica denies accessing data on 87M Facebook users…claims 30M

Posted by | Apps, Cambridge Analytica, Developer, Facebook, Facebook Data privacy, facebook platform, Mark Zuckerberg, Mobile, Policy, Social, TC | No Comments

Cambridge Analytica is refuting a report by Facebook today that said Cambridge Analytica improperly attained data on up to 87 million users. Instead, it claims it only “licensed data for no more than 30 million people” from Dr. Aleksandr Kogan’s research company Global Science Research. It also claims none of this data was used in work on the 2016 U.S. presidential election when it was hired by the Trump campaign, and that upon notice from Facebook immediately deleted all raw data and began removing derivative data.

The whole statement from Cambridge Analytica can be found below. We requested a comment from Facebook about the incongruencies in the two companies’ positions, but the social network declined to comment.

The he-said-she-said of the scandal seems to be amplifying as Facebook continues to endure criticism about weak data privacy policies and enforcement that led to the Cambridge Analytica fiasco that’s seen Facebook’s market cap drop nearly $100 billion.

NEW DELHI, INDIA – OCTOBER 9: Co-founder and chief executive of Facebook Mark Zuckerberg gestures as he announces the Internet.org Innovation Challenge in India on October 9, 2014 in New Delhi, India. Zuckerberg is on a two-day visit to India aimed at promoting the internet.org app, which allows people in underdeveloped areas to access basic online services. (Photo by Arun Sharma/Hindustan Times via Getty Images)

Today Facebook announced the 87 million figure as a maximum number of people potentially impacted and said it would notify those users with an alert atop the News Feed. It also rewrote its Terms of Service today to clarify how it collects and works with outside developers, and announced sweeping platform API restrictions that will break many apps built on Facebook but prevent privacy abuses. Zuckerberg then held a conference call with reporters to give insight on all the news.

Cambridge Analytica has repeatedly denied assertions about interactions with Facebook data, but Facebook hasn’t backed down. Instead, Facebook has used Cambridge Analytica as an example of abuse it’s trying to combat, and as a justification for cracking down on developers both malicious and benign around the world.

Cambridge Analytica responds to announcement that GSR dataset potentially contained 87 million records
Today Facebook reported that information for up to 87 million people may have been improperly obtained by research company GSR. Cambridge Analytica licensed data for  from GSR, as is clearly stated in our contract with the research company. We did not receive more data than this.

We did not use any GSR data in the work we did in the 2016 US presidential election.

Our contract with GSR stated that all data must be obtained legally, and this contract is now a matter of public record. We took legal action against GSR when we found out they had breached this contract.When Facebook contacted us to let us know the data had been improperly obtained, we immediately deleted the raw data from our file server, and began the process of searching for and removing any of its derivatives in our system.

When Facebook sought further assurances a year ago, we carried out an internal audit to make sure that all the data, all derivatives, and all backups had been deleted, and gave Facebook a certificate to this effect.

We are now undertaking an independent third-party audit to demonstrate that no GSR data remains in our systems.

Powered by WPeMatico

Facebook restricts APIs, axes old Instagram platform amidst scandals

Posted by | Apps, Cambridge Analytica, Developer, Facebook, Facebook Data privacy, facebook platform, Facebook Platform Policy, Government, instagram, Mike Schroepfer, Mobile, Policy, privacy, Social, TC | No Comments

Facebook is entering a tough transition period where it won’t take chances around data privacy in the wake of the Cambridge Analytica fiasco, CTO Mike Schroepfer tells TechCrunch. That’s why it’s moving up the shut down of part of the Instagram API. It’s significantly limiting data available from or requiring approval for access to Facebook’s Events, Groups, and Pages APIs plus Facebook Login. Facebook is also shutting down search by email or user name and changing its account recovery system after discovering malicious actors were using these to scrape people’s data. “Given the scale and sophistication of the activity we’ve seen, we believe most people on Facebook could have had their public profile scraped in this way” Schroepfer writes.

Instagram will immediately shut down part of its old platform API that was scheduled for deprecation on July 31st. TechCrunch first reported that developers’ Instagram apps were breaking over the weekend due to a sudden reduction in the API call limit. Instagram refused to comment, leading to developer frustration as their apps that analyze people’s followers and help them grow their audiences stopped working.

Now an Instagram spokesperson tells TechCrunch that “Effective today, Instagram is speeding up the previously announced deprecation of the Instagram API Platform” as part of Facebook’s work to protect people’s data. The APIs for follower lists, relationships, and commenting on public content will cease to function immediately. The December 11th, 2018 deprecation of public content reading APIs and the 2020 deprecation of basic profile info APIs will happen as scheduled, but it’s implemented rate limit reductions on them now.

The announcements come alongside Facebook’s admission that up to 87 million users had their data improperly attained by Cambridge Analytica, up from early estimates of 50 million. These users will see a warning atop their News Feed about what happened, what they should do, and see surfaced options for removing other apps they gave permissions to. Facebook CEO Mark Zuckerberg plans to take questions about today’s announcements during at 1:00pm Pacific conference call.

Regarding the Facebook APIs, here’s the abbreviated version of the changes and what they mean:

  • Events API will require approval for use in the future, and developers will no long be able to pull guest lists or post sto the event wall. This could break some event discovery and ticketing apps.
  • Groups API will require approval from Facebook and a Group admin, and developers won’t be able to pull member lists or the names and photos associated with posts. This will limit Group management apps to reputable developers only, and keep a single non-admin member of a closed Group from giving developers access.
  • Pages API will only be available to developers providing “useful services”, and all future access will require Facebook approval. This could heavily restrict Page management apps for scheduling posts or moderating comments.
  • Facebook Login use will require a stricter review process and apps won’t be able to pull users personal information or activity, plus they’ll lose access if after 3 months of non-use. Most login apps should still work, though, as few actually needed your religious affiliation or video watching activity, though some professional apps might not function without your work history
  • Search by phone number or email will no longer work, as Facebook says it discovered malicious actors were using them to pair one piece of information with someone’s identity, and cycling through IP addresses to avoid being blocked by Facebook. This could make it tougher for people in countries where people have similar names find each other. Of all the changes, this may be the most damaging to the user experience.
  • Account Recovery will no longer immediately show the identity of a user when someone submits their email or phone number to similarly prevent scraping. The feature will still work, but may be more confusing. Facebook believes all its users’ could have had their data scraped using the search and account recovery tricks.

Schroepfer says that Facebook’s goal is to lock things down, review everything, and then figure out which developers deserve access and whether any of the functionality should be restored. The announcements raise questions about why it took the Cambridge Analytica scandal for Facebook to take data privacy seriously. You can expect the House Energy and Commerce Committee may ask Mark Zuckerberg that when he comes to testify on April 10th.

Facebook CTO Mike Schroepfer

Facebook’s bold action to reform its APIs shows it’s willing to prioritize users above developers — at least once pushed by public backlash and internal strife. The platform whiplash could make developers apprehensive to build on Facebook in the future. But if Facebook didn’t shore up data privacy, it’d have no defense if future privacy abuses by outside developers came to light.

Schroepfer tells me Facebook is taking its responsibility super seriously and that company is upset that it allowed this situation to happen. At least he seems earnest. Last week I wrote that Facebook needd to make a significant act of contrition and humility if it wanted stabilize the sinking morale of its employees. These sweeping changes qualify, and could serve as a rallying call for Facebook’s team. Rather than sit with their heads in their hands, they have a roadmap of things to fix.

Still, given the public’s lack of understanding of APIs and platforms, it may be tough for Facebook to ever regain the trust broken by a month of savage headlines about the social network’s privacy negligence. Long-term, this souring of opinion could make users hesitant to share as much on Facebook. But given its role as a ubiquitous utility for login with your identity across the web, our compulsive desire to scroll its feed and check its notifications, and the lack of viable social networking alternatives, Facebook might see the backlash blow over eventually. Hopefully that won’t lead back to business as usual.

For more on the recent Facebook platform changes, read our other stories:

Powered by WPeMatico