Facebook’s receding growth rate is a matter of concern for the company, and it looks like there will be some desperate measures to gain its users back. Software engineer Gabriel Lewis recently discovered Facebook’s crooked behavior of spamming those users who had registered their mobile numbers for two-factor authentication.
So I signed up for 2 factor auth on Facebook and they used it as an opportunity to spam me notifications. Then they posted my replies on my wall. 🤦♂️ pic.twitter.com/Fy44b07wNg
— Gabriel Lewis 🦆 (@Gabriel__Lewis) February 12, 2018
Lewis noted that in spite of not giving any permission for text alerts, he was receiving notifications via SMS, with no apparent way to opt out of them. Now, with the enormous amount of interactions that we partake in, having your phone buzzed every now and then can be annoying – especially if you already have app notifications turned on.
But it doesn’t end there – when Lewis tried to shut off these messages by replying with standard keywords like “STOP”, they were instead posted on his timeline without any obvious alert. On top of that, Lewis continued to receive those messages. This, as The Verge confirms, happens every time you reply to any SMS from Facebook – which is not just weird but creepy too.
Abusing the authentication process is unconscionable. SMS shouldn’t be used for “engagement” anyway. Opens people up to phishing under the best of circumstances. https://t.co/0qQtnTUOSv
— zeynep tufekci (@zeynep) February 14, 2018
Users on Twitter were quick to bring down their wrath on Facebook and the fire caught more fuel when noted sociologist and technology commentator Zeynep Tufekci joined the chiding and alleged that Facebook is blindly chasing metrics, warning that this growth “mindset” is harmful for social media users and ultimately the network itself.
This incident might also have legal implications as it violates the Telephone Consumer Protection Act (TCPA) which prohibits companies from sending unsolicited spam SMSes without explicit permission. The company is already facing certain class-action suits over reminding users about birthdays or other spam texts, even when the users had not opted for such alerts.
A lot of people are suggesting the Facebook SMS spam is a bug. Bullshit. Someone at FB made a deliberate decision to “re-engage users” by spamming all those mobile phone numbers 2FA users had entered. No bug here at all.
— Matthew Green (@matthew_d_green) February 14, 2018
Facebook, which started the year with promises of giving its users complete control over their privacy already seems to be falling flat on its face. In response to The Verge, Facebook said that it is investigating the matter of uninvited notifications but did not speak about the auto-posting issue. The company urged that user can use a U2F key instead of their mobile numbers to register for the two-factor authentication. While it might seem like a bug at the first sight, many users have also alleged that Facebook is violating rules on purpose to fill up the gap created by young Americans moving away from the social network.