What I don't understand is, why would they turn a blind eye to abuse of their developer API if they offer their API for free and they sell user data -- which I assume is anonymized? -- to advertisers? Wouldn't that diminish revenue if advertisers could have just used the API to get around this?
Please correct any mistaken assumptions I might have about their business model.
1. While the data is valuable, you still need a medium for your ads. One without the other is way less valuable. If you had user data for 50M users, today, how would you monetize it? Facebook had the News Feed and Instagram giving you a stage to operate on that data.
2. Following 1.), a lot of that "stolen" data was used to buy more effective FB Ads. Cambridge Analytica didn't "steal" the user data to sell to blackhats. They used it to craft messaging on Facebook.
All in all, user data is relatively worthless to most advertisers unless its actionable. Even if facebook gave you the data, the fastest way of monetizing it was to buy more facebook ads. It's relatively more difficult to extract user data from FB and then use that data to buy Twitter ads.
That's a really good point with respect to advertisers. Even on the competitor level, I'm not sure how they would use that data.
So worst case scenario is a conflict of interests between user privacy and business revenue. I think if Facebook wants to take effective action to correct this, they'll go beyond simply restricting the API, and give users options to limit which data of theirs they want to let their friends expose to third parties, because even when the API is shut down, someone willing to violate the terms of service can do quite a bit of data harvesting using fake profiles and social engineering to get people to add those profiles if some of the data seems plausible.
Granted, this method is slower, but still possible, and I think currently being exploited based on friend requests I've received through friends. I've asked friends if they knew the person, and they said they weren't sure, but they might because the information seemed similar; this is the same concept as a phone call spam technique known as "Neighbor Spoofing".
> Please correct any mistaken assumptions I might have about their business model.
Facebook's business model is curious. They took $200 million in Russian money (Yuri Milner) and that came with an enthralled messaging from Zuckerberg, about how they (the Russian investors) had a "unique perspective" on monetizing social networks.
I'm not sure anyone outside of those circles knows what Facebook's actual business model really is.
FB's 'business model' is of primarily of journalistic, academic and legal interest. It's an anti-democratic corporate surveillance outfit. How it makes its money will be of interest to regulators and prosecutors, but is of marginal concern elsewhere.
The important questions are more like: (for personal safety) how to reduce contact with FB collaborators, and (for society's safety) how to put the organisation itself out of business.
The data is not anonymized. If you install an app that requests access to your data and the data of your friends, then it's not anonymized. How could it be? That company would have the exact links between you, under your real name, and all of the friends linked to you, under their real names.
Oh yeah, I know the data gathered through the API isn't anonymized, but I was referring to what they sell to advertisers who don't use the API and just do business directly with Facebook, unless they don't sell any data directly to advertisers and advertisers just have to put in place certain metrics for whom they would like to target.
Please correct any mistaken assumptions I might have about their business model.