A New York Times story in December 2018 revealed that Facebook during 2010-2018, had granted more intrusive access to users personal data to some of the world's largest technology companies than it had disclosed. These special arrangements were detailed in the hundreds of internal documents of Facebook obtained by the New York Times. These documents underscored how personal data has become the most prized commodity of the digital age, traded on a vast scale by powerful companies.
- The Facebook internal documents show that the company allowed Microsoft's Bing search to see the names of Facebook friends without consent. Additionally, Netflix and Spotify were able to read Facebook users' private messages. It was also revealed that the social network allowed Amazon to obtain users' names and contact information through their friends, and allowed Yahoo view streams of friends' posts as recently as summer 2018. This was despite the social media giant's claim that it has stopped this type of sharing years earlier.
- The deals described in the documents showed that companies sought the data of hundreds of millions of people a month. The oldest of the deals dated back to 2010, and were still active in 2017 with some still being active in 2018. The contents of these documents also raise questions of whether Facebook violated its 2011 consent agreement with the Federal Trade Commission (FTC) which barred the social network from sharing user data without explicit permission.
- Data experts like Ashkan Soltani, a former chief technologist at the FTC expressed scepticism at Facebook's claims that there was no violation of the FTC agreement. Another expert, David Vladeck, who formerly ran the FTC's consumer protection bureau said, "This is just giving third parties permission to harvest data without you being informed of it or giving consent to it."
- A Facebook spokeswoman said the company has found no evidence of abuse by its partners. Some of the largest partners like Amazon, Microsoft and Yahoo, said they had sued the data appropriately, but declined to discuss further in detail.
- Facebook did admit to mismanagement by allowing some of its partnerships access to continue long after they had shut down the features that required the data.
- Steve Satterfield, Facebook's director of privacy and public policy, said none of the partnerships violated users' privacy or the FTC agreement. Contracts required the companies to abide by Facebook policies, he added. He further said, the FTC agreement did not require the users consent before sharing data as these partnerships were an extension of the social network itself.