Facebook to stop using 2FA phone numbers for friend suggestions
The change is being introduced in five countries this week
Facebook will no longer use phone numbers provided to it for two-factor authentication (2FA) security tool to its people-you-may-know feature.
The linking of the two was heavily criticised when it came to light. Separation of 2FA from the feature will be introduced in Cambodia, Pakistan, Libya, Ecuador, and Ethiopia this week and in rest of the world early next year.
According to Reuters, the company decided to stop the practice as part of the privacy overhaul instigaged following the $5 billion settlement reached with the Federal Trade Commission (FTC) in July. That had been levied over its lackadaisical privacy practices and flagrant breaches of an earlier settlement with the FTC over privacy-busting activities.
As part of the settlement, Facebook agreed to stop using users' phone numbers provided for 2FA security for advertising purposes.
Facebook currently faces intense scrutiny from regulatory agencies, as well as privacy advocates over many of its practices.
Last year, it was reported that the social media giant was using users' personal data obtained for 2FA for advertisement purpose. The revelation angered privacy advocates, who accused Facebook of deceiving users. They added that Facebook's practice had eroded trust in a crucial digital security tool.
Following the revelation, the FTC opened a probe into Facebook's practices. It accused Facebook of failing to disclose to users that the phone numbers provided for 2FA would also be used for advertising. To settle the probe, the company was asked to boost safeguards on user data.
Last week, security researcher Bob Diachenko discovered more than 267 million Facebook user IDs, names, and phone numbers lying exposed on internet. Diachenko found users' details in a database that was accessible to anyone with the right web address.
According to Reuters, Facebook recently conducted an internal review to ensure that the system updates supporting their privacy statements "were done correctly," and that their public statements match the company's operations
Michel Protti, chief privacy officer for product at Facebook, told Reuters that the company is currently reviewing its new products in order to minimise the amount of data it collects from users and to provide more transparency around how its products and services work.
Protti said that the company has identified several areas where it needs to make its policies clearer. There is also a need to invest in training as well as to institute "stronger technical controls over how the data flows through our pipes".