Facebook has once again been dragged into the firing line – but this time it isn’t the dreaded News Feed at fault, but rather the platform’s two-factor authentication (2FA) system.
Facebook user Gabriel Lewis took to Twitter earlier this week to vent his frustration that the network was using the mobile number he provided for two-factor authentication to serve tailored SMS notifications without his consent.
So I signed up for 2 factor auth on Facebook and they used it as an opportunity to spam me notifications. Then they posted my replies on my wall. 🤦♂️ pic.twitter.com/Fy44b07wNg
— Gabriel Lewis 🦆 (@Gabriel__Lewis) February 12, 2018
There doesn’t appear to be a way to opt out of the notifications, either. Lewis never registered to receive them in the first place, so flicking the toggle didn’t work, and replying to the message automatically posted the response to his profile.
Related: How to delete your Facebook account
Facebook is embroiled in a number of class-action lawsuits over violations of the Telephone Consumer Protection Act, which – as noted by The Verge – states that a company is prohibited from contacting you without first being granted permission.
If the firm is found to have developed the SMS feature as a way to drive engagement, it could be on the receiving end of a slew of additional lawsuits. As it stands, however, Big F is playing the hoo-ha off as a bug that it’s looking into.
“I am sorry for any inconvenience these messages might have caused,” wrote Facebook’s Chief Security Officer – and former Chief Information Security Officer at Yahoo! – Alex Stamos in a blog post published on Saturday, February 17.
“We are working to ensure that people who sign up for two-factor authentication won’t receive non-security-related notifications from us unless they choose to receive them, and the same will be true for those who signed up in the past.”
“We expect to have the fixes in place in the coming days. To reiterate, this was not an intentional decision; this was a bug.”
Have you noticed a similar issue? Let us know over on Facebook or Twitter @TrustedReviews.
Editorial independence
Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.
Professional conduct
We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.
Editorial independence
Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.
Professional conduct
We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.
