Facebook's New App Authentication Rules are a Big Privacy Win

Nate Harris
May 6, 2019

It’s no secret that Facebook has been under fire for privacy infringements in the past. But behind-the-scenes, the social giant is making some big changes to protect consumer privacy.

One example was the shift toward limiting apps’ ability to access users’ data last year (which coincided with Zuckerberg’s testimony before Congress). These API updates were added to Facebook and Instagram’s developer documentation in January 2019, and have been turning on slowly since then.

Deep in the Docs: What Exactly Is New?

Facebook and Instagram will start expiring “linked account” authentication connections after 90 days of inactivity. This change is an attempt to solve for one of the company’s data misuse woes of the past: “viral media” companies would convince people to link their accounts for access to an inconsequential survey, newsfeed game, or a quiz (and would in turn gain access to non-expiring API “tokens” in perpetuity).

This unbridled access to data allowed savvy app developers, regardless of intent or background, to easy collect the personal data of hundreds of thousands of users.

Facebook’s changes directly address one of the main issues of data leakage that have historically landed them in hot water. Bravo!

How Do Facebook's Privacy Changes Affect Us?

Facebook understands that its platform has effectively altered how human relationships are maintained among its 1.5B global users. At 2019's F8, the new direction was crystal clear: Facebook is focusing on small, private, and encrypted groups.

Marketers first think of the advertiser impact when data is throttled on Facebook. When it comes to linked account changes (and their effect on Facebook's larger ad ecosystem), limiting third-party connectivity makes sure Facebook remains squarely in control of access to user data.

Many advertisers expect that Facebook's new encryption-first move toward privatizing user data will alienate SMM professionals and hurt Facebook's bottom line. In 2018, Facebook eliminated several "key" targeting categories -- like job seniority -- which frustrated media buyers.

While Ads Manager may become a little less lucrative, Facebook's "better than expected" hardware sales performance (Portal, Oculus, etc.) will continue to replace any advertising losses.

Also, if the efficacy of paid social targeting decreases, it will force businesses that rely on Facebook advertising to explore new marketing methods on the platform... say, for example, influencer marketing, which 89% of marketers feel delivers as good or better ROI than other marketing channels.

Moving Forward

In the grand scheme of things, one technical Facebook policy change can’t erase a decade plus of flimsy data access permissions. But we at CreatorIQ are optimistic that Facebook is changing for the better.