Damaging internal documents from Facebook continued to trickle into public this week after being obtained by British lawmakers, including a batch of emails detailing how the company struck deals with companies for access to users’ personal data.

Facebook has always strongly claimed that it does not sell user data, and nothing contained in the leaked documents proves that assertion wrong. However, what the documents do reveal is that Facebook is not above bargaining with companies to let them get a look at user info through a process called “whitelisting.”

“Facebook have clearly entered into whitelisting agreements with certain companies, which meant that after the platform changes in 2014/15 they maintained full access to friends’ data,” UK lawmaker Damian Collins wrote. “It is not clear that there was any user consent for this, nor how Facebook decided which companies should be whitelisted or not.”

According to Collins, the documents also show that Facebook was concerned with “mitigating bad PR” over its data and privacy policies.

None of this is particularly surprising if you’ve followed Facebook’s business practices at all over the past decade, but it’s still interesting to see it all spelled out so clearly — and by Facebook’s own leadership. The fact that the company is scrambling to prevent more of these documents from being released is just further proof that it knows how bad this looks.