|
Thanks for the context, it's important. But from the link you posted: > In order for you to write a message to a Facebook friend from within Spotify, for instance, we needed to give Spotify “write access.” For you to be able to read messages back, we needed Spotify to have “read access.” “Delete access” meant that if you deleted a message from within Spotify, it would also delete from Facebook. No third party was reading your private messages, or writing messages to your friends without your permission.
So here Facebook acknowledges that an app that sends messages needs write permission, not read. I would assume that sending a recommendation is a write only thing, especially with something private as direct messages. And it is pretty well understand pattern. When you share something through iMessages, Signal or WhatsApp from the a different app, the app does not get an access to you chat history.The allegation that Arstechnica are pretty sever: > By 2013, Netflix had begun entering into a series of “Facebook Extended API” agreements, including a so-called “Inbox API” agreement that allowed Netflix programmatic access to Facebook’s users' private message inboxes
Strange naming "Inbox" for sharing API. > in exchange for which Netflix would “provide to FB a written report every two weeks that shows daily counts of recommendation sends and recipient clicks by interface, initiation surface, and/or implementation variant (e.g., Facebook vs. non-Facebook recommendation recipients).
This is something that Netflix could do even without special access to the messages, since links originate from them. But so could Facebook, since they see the traffic in messages and can identify referral links. Looks like Titan API, whatever it is, gave even more access?NYTimes article from 2018 [1] has more details, but it is still unclear if user consent was explicitly obtained for Netflix to read messages. But an interesting quote from Steve Satterfield, Facebook’s director of privacy and public policy: > With most of the partnerships, Mr. Satterfield said, the F.T.C. agreement did not require the social network to secure users’ consent before sharing data because Facebook considered the partners extensions of itself — service providers that allowed users to interact with their Facebook friends.
A rather conspicuous statement by someone who have properly collected consent from users.[1] https://archive.is/DH17k |
I guess the feature at issue here is that you could actually hold a conversation with a Facebook friend inside of Netflix or Spotify which does indeed necessitate the ability to read back messages from the other user.
Whether it was wise to allow that instead of the kind of sharing systems we use today in 2024 is another question.