Wednesday, Facebook announced that it had “unintentionally” uploaded the email contact lists of over a million of its users.
For years, its users thought they could upload their email address books in order to find contacts more easily. They thought it was private. Instead, due to a “problem” starting in May 2016, their contacts lists were being uploaded to Facebook without the users’ knowledge or permission. Over 1.5 million accounts were affected.
“When we looked into the steps people were going through to verify their accounts,” a Facebook spokesperson said, “we found that in some cases people’s email contacts were also unintentionally uploaded to Facebook when they created their account.”
It took Facebook over three years to find the problem. When new users were asked to enter email passwords to verify their identities, it linked their email to the Facebook account, where they were notified it would “import” their email contact lists without asking permission.
“We’re fixing the underlying issue and are notifying people whose contacts were imported,” the spokesperson said. He added that none of the information was shared with anyone outside of Facebook and will be deleted.
Facebook is no stranger to issues damaging their reputation lately. Along with the data breach where over 87 million users’ information was shared with Cambridge Analytica, Facebook has come under fire for violation of the First Amendment by deleting accounts of conservative members and groups. Thursday, it permanently banned several far-right organizations and individuals under its “dangerous individuals and organizations” policy. They will no longer be able to post to Facebook or Instagram, which Facebook bought in April, 2012.