Facebook’s unauthorized collection of the email address books of more than 1.5 million users will be the focus of an investigation by the New York State attorney general’s office, The New York Times reports, citing two sources who were briefed on the matter.
“The inquiry concerns a practice unearthed in April in which Facebook harvested the email contact lists of a portion of new users who signed up for the network after 2016, according to the two people, who spoke on condition of anonymity because the inquiry had not been officially announced,” The Times reports. “Those lists were then used to improve Facebook’s ad-targeting algorithms and other friend connections across the network.”
The attorney general’s office confirmed the investigation today.
In a statement, Letitia James, the attorney general of New York, said: “Facebook has repeatedly demonstrated a lack of respect for consumers’ information while at the same time profiting from mining that data. It is time Facebook is held accountable for how it handles consumers’ personal information.”
The Times notes that the unauthorized Facebook practice was first reported by Business Insider earlier this month. Facebook called the practice “unintentional,” saying the mistake resulted from a method the social media giant previously used to verify the identity of new users, who were required to provide their email passwords to Facebook.
“Though that practice — which security experts said left users vulnerable to identity theft — ended in May 2016, Facebook continued to gain access to the email address books of at least 1.5 million new users,” The Times reports.