What you need to know
- Facebook will no longer use the phone number you provided for 2FA to recommend new friends.
- The change comes as part of the FTC settlement which fined the company $5 billion and required it to create policies to increase the privacy of its users.
- It will first go into effect in Ecuador, Ethiopia, Pakistan, Libya, and Cambodia this week, then begin rolling out globally early next year.
Have you ever seen a friend recommendation on Facebook and wondered, "how in the world did Facebook figure out I know that person?" It turns out, one of those ways could have been by using the phone number you registered for two-factor authentication. However, Facebook has now announced it will stop using numbers provided for 2FA for its "people you may know feature."
The change comes after the FTC fined the social media company a record-setting $5 billion dollars over privacy violations earlier this year. As part of the settlement, it also required Facebook to increase the privacy protections of its users (hence Facebook's recent change of heart about using your security information to recommend friends).
The new policy will go into effect first in Ecuador, Ethiopia, Pakistan, Libya, and Cambodia this week, with it rolling out globally early next year. Unfortunately, the policy will only go into effect for new users who enable two-factor authentication. Existing users will be required to delete their number and add it again.
Two-factor authentication, or 2FA, is one of the best methods to secure your online accounts. As time goes on, we are reminded again and again why you should be using this on every service that supports it. For example, take the recent spat of Ring camera hacks. Had users enabled 2FA, they could have very likely avoided being spied on in their own homes.
It is unfortunate that even though two-factor authentication is meant to secure our accounts and protect our privacy, the information we provide can also be abused by the companies we provide it to. Such was the case earlier this year when Twitter was found to be inadvertently using phone numbers and email addresses used for security purposes to serve up targeted ads.
At least Twitter was only "inadvertently" using the information. Unlike Facebook, which was purposely using the information to serve you ads until it was discovered last year and it put a stop to it in June.