A complaint filed with the Federal Trade Commission is blaming Facebook of failing to protect sensitive health data in its groups.
The complaint, filed with the agency a month ago and discharged openly today, contends that the company inappropriately disclosed information on individuals of closed groups. The issue previously came into the public eye in July, when individuals from a group for women with a gene mutation called BRCA discovered sensitive information, similar to names and email addresses of individuals, could be downloaded in bulk, either manually or through a Chrome extension.
Around that time, Facebook made changes to Groups that ended the practice, yet said the decision was not identified with the BRCA group’s concerns. The organization likewise said at the time that the ability to view the information was not a privacy flaw, and noted that there was additionally a possibility for “secret” groups, which are more difficult to join yet additionally have more limited discoverability.
The complaint, which was filed by a security researcher and BRCA advocates, among others, contends that Facebook has failed to clarify what personal information users might be giving up when they join a group. While the organization may have likewise made changes to the ability to view personal information, the company argues that it is still too easy for a member to reap data on others in a group.
Facebook did not promptly respond to a request for input. The organization is already purportedly negotiating a multibillion-dollar fine with the FTC over privacy lapses.