By Ime Archibong, VP of Product Partnerships
In the past day, we’ve been accused of disclosing people’s private messages to partners without their knowledge. That’s not true – and we wanted to provide more facts about our messaging partnerships.
We worked closely with four partners to integrate messaging capabilities into their products so people could message their Facebook friends — but only if they chose to use Facebook Login. These experiences are common in our industry — think of being able to have Alexa read your email aloud or to read your email on Apple’s Mail app.
People could message their friends about what they were listening to on Spotify or watching on Netflix, share folders on Dropbox, or get receipts from money transfers through the Royal Bank of Canada app. These experiences were publicly discussed. And they were clear to users and only available when people logged into these services with Facebook. However, they were experimental and have now been shut down for nearly three years.
Why did the messaging partners have read/write/delete messaging access?
That was the point of this feature — for the messaging partners mentioned above, we worked with them to build messaging integrations into their apps so people could send messages to their Facebook friends.
Specifically, we made it possible for people to message their friends what music they were listening to in Spotify or watching on Netflix directly from the Spotify or Netflix apps (see screen shots below), to message links to Dropbox folders (like a collection of photographs) from the Dropbox app, and to message receipts from money transfers through the Royal Bank of Canada app.
In order for you to write a message to a Facebook friend from within Spotify, for instance, we needed to give Spotify “write access”. For you to be able to read messages back, we needed Spotify to have “read access.” “Delete access” meant that if you deleted a message from within Spotify, it would also delete from Facebook. No third party was reading your private messages, or writing messages to your friends without your permission. Many news stories imply we were shipping over private messages to partners, which is not correct.
These partnerships were agreed via extensive negotiations and documentation, detailing how the third party would use the API, and what data they could and couldn’t access.