Your Facebook account including private data can be viewed by a Facebook employee
Your Facebook timeline and private information can be accessed by Facebook engineers anytime, any day without even having your password or notifiying you. Facebook says that this is being done for greater good, but is it really?
Paavo Siljamäki, director of record label, Anjunabeats, dropped in to the Facebook office for for enquiring about how to use Facebook optimally for his record label promotion. He however encountered a pretty bewildering scene when the person behind the desk at the Facebook office tapped into his Facebook account without even entering password, though he was politely asked for permission to access it.
Siljamäki thought this a bit odd and made a Facebook post about it, here is what he had to say,
The important thing about the Facebook employee accessing Siljamäki’s profile was that, the user did not get even a token email that his profile page was being accessed. Further the exact number of Facebook employees having such a ‘master key’ to all Facebook users pages was also not known.
Facebook issued a official statement about this fact :
“We have rigorous administrative, physical, and technical controls in place to restrict employee access to user data. Our controls have been evaluated by independent third parties and confirmed multiple times by the Irish Data Protection Commissioner’s Office as part of their audit of our practices.”
“Access is tiered and limited by job function, and designated employees may only access the amount of information that’s necessary to carry out their job responsibilities, such as responding to bug reports or account support inquiries. Two separate systems are in place to detect suspicious patterns of behavior, and these systems produce reports once per week which are reviewed by two independent security teams.”
“We have a zero tolerance approach to abuse, and improper behavior results in termination.”
In the statement, Facebook didnt explain as to how many ‘elite’ employees had such kind of access but made one thing clear that they had zero tolerance for abuse of such powers.
Facebook said that the customer service tool that can grant access to a any Facebook user account heavily monitored and controlled, requires consent from the user (in Siljamäki’s case verbal approval was taken) and can only be used in specific cases by a select group of employees.
Facebook statement says that abuse of such powers can result in firing of that particular employee but that will come at a later stage when the abuse has already happened.
What will happen to the Facebook users whose Facebook accounts are abused in any which way with a malafide intent by any employee or group of employees? This question will never be answered!