Yes the OP is absolutely allowed to do this. Their are consequences of befriending people in real life and online. It's up to you to decide who you befriend.
Yes. By befriending someone on Facebook you gave them access to data you chose to share with your Facebook friends. You don't get to choose what they do with that data. It's just like if you tell someone something irl and they use that info in a way you don't like. Once you share info you can't put the genie back in the bottle.
Unfortunately, Facebook has a history of changing data permissions that have caused info to be shared in ways users didn't intend.
Not that I want to defend Facebook, but that person entered into an agreement laid out by Facebook's terms of service and privacy policy (lol), not the privacy policy set by this plugin.
You shared the information with your Facebook friends without any protections. Why shouldn't they be allowed to share it with other people? What legal obligation do they have to keep the information you shared private?
>Why shouldn't they be allowed to share it with other people?
>What legal obligation do they have to keep the information you shared private?
Those exact same questions can very well be asked of the whole Cambridge Analytica scandal, and yet some people will give different answers to those two scenarios.
Cambridge Analytica app was explicitly asking users for permission to access their data and data their friends publicly shared with those users. The first one is obviously ok, but the latter was what people had issues with, and I don't see how it is different here.
As for what legal obligations your friends have to keep your information private, I don't think they do. However, Facebook does have the obligation to not share info of users who didn't explicitly consent to it with third party apps, according to this order from FTC issued in 2019[0]. And third party apps that share not only your FB info, but that of your friends (who do not use those third-party apps), definitely fall under this.
> However, Facebook does have the obligation to not share info of users who didn't explicitly consent to it with third party apps
But Facebook is not sharing info of users' friends. Users are sharing information about their friends.
If a user should not be able to access particular information about their friends, then the onus is on Facebook to restrict that access. It was Facebook's fault for exposing excessive data to users' friends during the Cambridge Analytica scandal and it's their fault for doing the same thing now.
Facebook needs to clean up their own mess instead of suing research groups for taking advantage of it.
>It was Facebook's fault for exposing excessive data to users' friends during the Cambridge Analytica scandal
I don't follow this logic at all. The data shown to users' friends is the same data that is shown to them now. Which is usually all their public photos (nothing from private albums), the friend list (if they didn't make it private), etc., only the stuff that friends are expected to be able to access (and still can). And on the list of permissions on the permission request page, the app had a separate line for "friends' info" specifically (just like it has for every single permission requested), so there was nothing sneaky about it. The CA app asked users to provide them the same data about their friends that they can see in the browser by visiting their friend's page (and page only, nothing private or your messages with them; basically, only the info that everyone in the same security group that you are in sees). The exact same set of data that the browser extension this whole thread is about is accessing.
With that error corrected, it sounds like you are arguing for the case that FB was not at fault during the CA scandal because of all those logical reasons you brought up, and then conclude that FB was at fault and CA was in the clear.
I am reserving my own judgement on who was at fault, but I hope you can see why your reply left me (and likely some other people) confused.
As a cherry on top, CA didn't acquire the data directly from the app, as it wasn't their app. They got the data later on from a research team at Cambridge University's Psychometrics Center, which was the one originally collecting it. Sounds eerily similar to the scenario at hand.
Facebook created a platform which allows users to access information about others users who have agreed to be "friends". A third party then came along and asked users for the information which their friends gave them access to. The users gave the third party the data.
I'm not missing anything here, right?
If the third party should not have access to the data, then neither should the friends who gave it to them. Facebook is responsible for allowing the users access to the data.
If users should have access to the data, then it's the friends' fault for agreeing to be Facebook friends with those users in the first place. Alternatively, it's Facebooks fault for not making it clear what data is made available to friends.
Either way, I don't see how this is a problem with thr research group.
I guess you could argue that the data was still technically owned by the friends and therefore the users had no right to give it away. In which case the fault belongs to the users.
>Either way, I don't see how this is a problem with thr research group.
Which is a valid take, not trying to say that your logic doesn't make sense. It does. But it is literally no difference in terms of what happened during the CA scandal, so all the same rules apply here. If you are ok with this group of researches and think they did nothing wrong, and that FB should have let them have the data, then the CA situation was a perfect happy road scenario for you. Because in that case, CA just got that data, and FB didn't stop them. Win-win, right?
Also, regardless of how valid this take is, FB was ordered by FTC to prevent third party sharing of friend data like that from happening. So FB's hands are kinda tied on this one.
Exactly, the FTC order asks FB to prevent data about someone from leaving FB's servers and go into a third party's database unless that person explicitly allows it.
If you do not trust your friend, then unfriend them on facebook. Or sue them.
If said friend takes a pic of you and records everything you say in real life and gives that to researchers (or "pro Trump" people), you wouldn't go after your or their landlord claiming they "allowed this to happen", nor would you go after the city where it happened, would you? (your friend is voluntarily participating, knowing what they are doing)
Now if the researchers tricked your friend into giving them information about you somehow, then you'd go after your researchers. But do not expect your landlord to go after those researchers for you. (NYU researchers misinforming participants about the scope of their data collection)
Now if your friend abused a camera that was sneakily installed by your landlord to obtain that information, then you might go after that landlord (Cambridge Analytica on Facebook)
You trust NYU, OK fine. Can I give the same information about you to pro-Trump researchers?