- A leaked Facebook PR team memo shows how the company plans to deal with future leaks of user data.
- The memo said Facebook expected more “scraping” leaks and wants to “normalize the fact that this activity happens regularly.”
- The memo followed an Insider report that 533 million Facebook users had their personal data posted on a hacker forum.
- See more stories on Insider’s business page.
An internal Facebook memo shows how its PR team plans to take the heat off the company during mass leaks of user data.
Belgian tech news site Datanews reported Tuesday that an internal memo intended for Facebook’s European, Middle East, and Africa (EMEA) PR team wound up in its inbox. The memo was about the PR team’s response to Insider’s April 3 report that the personal data of 533 million Facebook users, including their names and phone numbers, had been posted on a hacker forum.
One paragraph from the memo, as screenshotted by Datanews, and quoted below, outlined Facebook’s long-term PR strategy for dealing with user data being scraped and exposed online. It said the company should “normalize the fact this activity happens regularly.”
“LONG-TERM STRATEGY: Assuming press volume continues to decline, we’re not planning additional statements on this issue. Longer term, though, we expect more scraping incidents and think it’s important to both frame this as a broad industry issue and normalize the fact that this activity happens regularly. To do this, the team is proposing a follow-up post in the next several weeks that talks more broadly about our anti-scraping work and provides more transparency around the work we’re doing in this area. While this may reflect a significant volume of scraping activity, we hope this will help to normalize the fact that this activity is ongoing and avoid criticism that we aren’t being transparent about particular incidents.”
A Facebook spokesperson confirmed to Insider that the memo was authentic.
“We are committed to continuing to educate users about data scraping,” the spokesperson said.
“We understand people’s concerns, which is why we continue to strengthen our systems to make scraping from Facebook without our permission more difficult and go after the people behind it. That’s why we devote substantial resources to combat it and will continue to build out our capabilities to help stay ahead of this challenge.”
According to Datanews, the memo was dated April 8 – five days after Insider published its report.
Facebook initially downplayed the leak, saying it had been previously reported, and emphasizing that it was the result of data scraping rather than a hack.
“Scraping is a common tactic that often relies on automated software to lift public information from the internet that can end up being distributed in online forums,” Facebook product-management director Mike Clark wrote in a blog post.
Facebook also said it would not notify users whose details had been exposed.
Facebook’s response to the leak drew criticism from security experts, and Ireland’s Data Protection Commission announced on April 14 it had launched an investigation to see whether Facebook broke EU privacy laws.
The memo seen by Datanews said that the Facebook communications team had received a “great number of regulatory enquiries … from around the world.”