Facebook confirmed that it reuses phone numbers provided for two-factor authentication (2FA) for advertising purposes.
Following a Gizmodo report earlier this week, the social network confirmed to TechCrunch that it used 2FA phone numbers to target ads.
Gizmodo started things off by running a test. Senior reporter Kashmir Hill ran an ad on Facebook targetted at the landline phone number for computer science professor Alan Mislove. Mislove never shared his landline with the social network. Despite this, he received the ad within hours.
Hill says Facebook had previously told her that targetting an ad in that way wouldn’t work. Furthermore, Hill wrote that the test shows how the network gathers contact information on its users.
2FA is one way it collects data — by requisitioning information provided in good faith to the company for security purposes. However, it can also collect information about you from other users’ accounts. In the case of Mislove, Facebook could have gotten his landline from someone else who shared their contact book with the social network.
The repurposing by Facebook of phone numbers, provided by users for SMS 2FA, to better target for advertising is utterly disgusting. I’m not easily shocked, but this… https://t.co/qFNgqMDFL1
— Elizatech (@FitzTechLawIE) September 26, 2018
Several people have taken to social media to criticize Facebook’s practice.
However, Facebook emphasized in its statement that while it does use phone numbers, the company is clear about how it handles the information. Additionally, Facebook said that users could manage and delete contact information they’ve uploaded at any time.
While that may be the case for 2FA users, if Facebook collects data about you that you haven’t explicitly provided, there’s currently no way to find and remove that data.
Furthermore, Facebook forces users to choose between privacy and security. If you want to keep your account secure with 2FA, you open yourself to more invasive advertising. It’s a nasty tradeoff.
The social network maintains that it hasn’t required a phone number for 2FA for months. While it does allow users to secure accounts with third-party apps like Google Authenticator, it doesn’t leave many options for those who’d prefer to use a phone number.
Source: Gizmodo, TechCrunch Via: Engadget
MobileSyrup may earn a commission from purchases made via our links, which helps fund the journalism we provide free on our website. These links do not influence our editorial content. Support us here.