A UK security researcher recently uncovered a big flaw in Facebook’s user protection that allowed him to find a user’s name, pictures locations and more simply by sending their cell phone number to Facebook’s API developer tool.
Facebook responded to the criticism this week saying that they have strong security measures in place to protect users from being taken advantage of by this program.
“The privacy of people who use Facebook is extremely important to us,” the site said in a statement. “We have industry-leading proprietary network monitoring tools constantly running in order to ensure data security and have strict rules that govern how developers are able to use our APIs to build their products.”
However, critics of the site aren’t satisfied with the explanation, and many believe that Facebook won’t change it because of its business model of collecting user data.
“The privacy risks of compiling massive publicly-accessible databases of personal information should be obvious to anyone who’s actually thought about privacy,” Cybercrime journalist and blogger Stilgherrian wrote. “This warning should be as obvious as saying ‘Hey guys, maybe stop piling up all those cans of gasoline next to the open fireplace?’ But no, we’ve built an entire industry on this risky practice.”
Even though Facebook says it can protect users from potential privacy violations resulting from this phone number look-up loophole, it’s troubling the site doesn’t seem to think it’s an issue at all.