Facebook has once again provoked a backlash from its users for potentially misusing user data, this time related to the phone numbers. Facebook is not allowing users to opt out of a feature that allows people to look you up using the phone number or email address you have provided.
As you know, for availing the app’s Security feature, you have provided Facebook your phone number as a way of adding a two-factor authentication (2FA) layer to our profiles. However, you might not have noticed that in Facebook’s Privacy settings, where you are asked “Who can look you up using the phone number/ email address you provided?”, you are provided with the options of “everyone,” “friends of friends,” and “friends”. This means that there is no way to opt out completely.
Since Facebook has made it compulsory for page administrators to enable 2FA last year, we can presume that more users have started using this security feature and noticed how Facebook misdirects it. Facebook while giving a response to TechCrunch, elaborated that it stopped requiring phone numbers for 2FA enrollment last May, however, phone number-based 2FA can still be the most usable option for many people.
Moreover, Facebook also confirmed to the TechCrunch that it does use phone numbers provided for two-factor authentication to improve its user ad targeting. Facebook is leaving no stone unturned to monetize its users, it even misused numbers of its users shared for security.
Facebook’s recent move of not allowing users to handle the privacy settings of their phone number unconditionally is strongly criticized by security experts. Marty Puranik, cybersecurity expert and CEO of Atlantic said;
“It’s obvious that if you are providing a number for 2FA (which is a standard practice) that the number wouldn’t be used for other purposes without consent. No other entity does this, it’s not industry standard, and of course, is yet another way Facebook compromises user information.”
Facebook’s phone number problem seems to be even more outspread as it is exposing users’ 2FA phone numbers not only to advertisers but also to, well, anyone.