hen the New York Times reported in December that three major corporations had obtained the ability to read all private messages of any Facebook users that connected to their accounts, Netflix and Spotify admitted they were granted that power by Facebook, but claimed they didn’t use it.
The other company, Royal Bank of Canada, was alone in denying that it ever had any such access. It would repeat its denial in coverage of the report by the Globe and Mail and CBC.
It is now admitted by a Facebook spokesperson that RBC did in fact have the power to read, write and delete private messages by Facebook members using RBC’s banking app, as the New York Times reported.
If Facebook is correct it raises serious questions, says Charlie Angus, an MP and member of the Parliament’s Standing Committee on Access to Information, Privacy and Ethics that questioned Facebook in April 2018, after revelations of Facebook’s data sharing practices.
“My question is why did RBC want to have this capacity? And if they did obtain private messages, that would be very, very serious. They’ve said they haven’t so I have to take them at their word. But I would like clarification on why they would have wanted access,” Angus told The Tyee.
RBC began allowing customers to connect to Facebook in 2013 in order to send money transfers over the social media network, and shut down the service quietly in 2015.
If RBC had the abilities Facebook says it was granted, the bank could read every message its customers ever sent or received via Facebook, not just send or receive e-transfer notifications as RBC claims.
Though RBC customers had to approve Facebook’s connection, access to messages on Facebook’s platform typically included those the customer sent and received from other Facebook users who did not use RBC or consent.