Facebook Glitch Exposes Private Photos

Facebook on Tuesday said it fixed a bug that allowed users to view private photos when reporting other snapshots to the social network.

Facebook allows its users to report photos that might violate the site's terms of service, but a feature that lets people tag multiple inappropriate photos at one time accidentally exposed other photos regardless of their privacy settings.

"The bug allowed anyone to view a limited number of another user's most recently uploaded photos irrespective of the privacy settings for these photos," Facebook said in a statement. "This was the result of one of our recent code pushes and was live for a limited period of time. Upon discovering the bug, we immediately disabled the system, and will only return functionality once we can confirm the bug has been fixed."

The glitch comes one week after the Federal Trade Commission announced a settlement with Facebook that required the social network to be more transparent about its privacy policies.

According to the FTC, Facebook "deceived customers by telling them they could keep their information on Facebook private, and then repeatedly allowing it to be shared and made public."

The issue dates back to 2009 when Facebook rolled out changes intended to provide users with more control over access to profile content. But that came as Facebook moved towards a more open format, expanding beyond the confines of Facebook.com. As a result, users were confused as to what information on their profiles was public and private.

The FTC deal says that Facebook made certain information, like Friends Lists and some photos, public without consent. "They didn't warn users that this change was coming, or get their approval in advance," the FTC said.

Facebook CEO Mark Zuckerberg addressed the settlement in a blog post, in which he acknowledged that Facebook has "made a bunch of mistakes" since its inception. He pointed to the company's Beacon program, as well as the "poor execution" surrounding the 2009 privacy changes.

In today's statement, Facebook said "the privacy of our user's data is a top priority for us, and we invest significant resources in protecting our site and the people who use it," pointing to its recent bug bounty program.

About Our Expert

Chloe Albanesius

Executive Editor, News

My Experience

I started out covering tech policy in DC for The National Journal, where my beat included state-level tech news and all the congressional hearings and FCC meetings I could handle. I later covered Wall Street trading tech before switching gears to consumer tech. I now lead PCMag's news coverage.

My Areas of Expertise

Getting my start in DC means I still have a soft spot for tech policy; Congressional hearings can sometimes be as entertaining as a Bravo reality show, for better or worse. But PCMag is all about the technology we use every day, as well as keeping an eye out for the trends that will shape the industry in the years ahead (or flop on arrival). I've covered the rise of social media, the iOS vs. Android wars, the cord-cutting revolution that's now left us with hefty streaming bills, and the effort to stuff artificial intelligence into every product you could imagine. This job has taken me to CES in Vegas (one too many times), IFA in Berlin, and MWC in Barcelona. I also drove a Tesla 1,000 miles out west as part of our Best Mobile Networks project. Of late, my focus is on our hard-working team of reporters at PCMag, guiding and editing their robust coverage.

Read the latest from Chloe Albanesius

Read full bio