The Washington PostDemocracy Dies in Darkness

Opinion The Facebook bikini dust-up isn’t a scandal. But we do need a law.

The Facebook log-in page.
The Facebook log-in page. (Mandel Ngan/AFP/Getty Images)
Placeholder while article actions load

THE STEADY drumbeat of negative news about Facebook makes it difficult to distinguish scandal from mere story. The latest to-do over the company’s data-sharing practices during its rise to dominance falls somewhere in between.

The documents that sparked this round of Facebook-bashing were released by Britain’s Parliament, but they come from a California court case. Ironically, the plaintiff’s grievance stems from a move Facebook made to protect user privacy: Developers who built on top of the platform used to be able to access the data of users’ friends, which this particular app took advantage of to identify swimsuit photos. Cambridge Analytica bought data acquired through this same ability.

In 2015, Facebook shut off third-party access to friends’ private information. That’s a good thing. The problem is, Facebook continued, for a variety of reasons, to allow some developers to see data that was closed to others. The bikini-picture purveyor alleges this was done to extract advertising revenue from those who wanted special privileges.

The toughest task in this case is separating what Facebook discussed doing from what it actually did. Mark Zuckerberg insists Facebook “never sold anyone’s data” — and there is no evidence that it did. Executives considered granting developers access to more user information if they paid up or purchased ads, but the company ultimately chose not to.

Still, Facebook fell short on its promises. Developers such as the plaintiff, many of whom did sell user data, had access to friends’ information even after Facebook signed a consent decree with the Federal Trade Commission in 2011 pledging to maintain a comprehensive privacy program to protect against unsavory actors. And for favored apps, some of that access continued even after Facebook told everyone it had altered its rules.

The latest documents also seem to show that Facebook cared less about user privacy than it did about its own growth. This is hardly surprising news about a company whose goal is to make money. But it does strengthen the case for a federal law that takes a hard line on firms’ ability to hand user information over to third parties.

The release may also increase interest in antitrust scrutiny of tech companies. Mr. Zuckerberg personally approved cutting off access to Facebook’s friend-finding service for Vine — which is owned by competitor Twitter — immediately upon its launch. This type of behavior may be permissible under the law. But it is a reminder that in the years to come, authorities should take notice of data management and monetization practices with anticompetitive potential. Horizontal mergers, like Facebook’s past acquisition of WhatsApp and Instagram, will call for attention.

Facebook’s fumbling response to this year’s onslaught has made it difficult for any layman to understand what the company really did — or did not do — wrong. The task for Congress and other regulators in the coming months will be to step back and separate stories from scandals, with an eye toward solutions.

Read more:

Helaine Olen: The moral and ethical rot at Mark Zuckerberg and Sheryl Sandberg’s Facebook

Alex Stamos: Yes, Facebook made mistakes in 2016. But we weren’t the only ones.

Mark Zuckerberg: Protecting democracy is an arms race. Here’s how Facebook can help.

Isaac Stone Fish: Mark Zuckerberg, give up on China before you embarrass yourself even more