Facebook explains how it blocks ‘billions’ of attempts to scrape user data daily

    Data scraping of user information has been going on for years on Facebook. The company is now explaining how it fights unauthorised scrapers from gleaning data from its service. 
    By HT TECH
    | Updated on May 20 2021, 01:01 PM IST
    The fight against illegal data scraping is like a cat-and-mouse game. 
    The fight against illegal data scraping is like a cat-and-mouse game.  (Unsplash)
    The fight against illegal data scraping is like a cat-and-mouse game. 
    The fight against illegal data scraping is like a cat-and-mouse game.  (Unsplash)

    Facebook might be the world’s most popular and commercially successful social networking service, but the platform is no stranger to reports of user data leaks, breaches and privacy violations. Last month, we learnt that the data of over 530 million users had been previously scraped from the site, then posted online. Facebook decided it would not inform any of its users about the breach, a move that attracted widespread criticism.

    The social networking platform on Wednesday explained on its blog how it is going about trying to block scraping of data on its site. The company starts off by drawing a distinction between authorised scraping, like the ones used by search engines like Google, and unauthorised scraping that uses automation to collect data – the latter violates the company’s terms of service, it says.

    Also read: Looking for a smartphone? To check mobile finder click here.

    Also read: Government directs WhatsApp to withdraw new privacy policy, demands response in 7 days

    In order to combat ‘scraping’ of data from the service, Facebook has a 100-member External Data Misuse team hired to “detect, investigate and block” billions of suspicious actions every day on both Facebook and Instagram, the company claims, adding that there are blocks on how much data one account can gain from a feature.

    Attempting to explain how it tries to secure public datasets, Facebook says that it works with researchers to identify if any Facebook user information is publicly available in datasets across a wide range of hosting providers. It says that there are no “surefire options” for bringing those datasets offline or bringing offenders to book, but it has taken “over 300 enforcement actions” including sending cease and desist letters, disabling accounts, filing lawsuits or requesting assistance from hosting providers to get them taken down.

    One of the company’s biggest scraping headaches seems to be a technique called ‘phone number enumeration’ which is used by scrapers to quickly gain information about users via their phone numbers added to their Facebook accounts. The company says it believes scrapers used its contact importer feature to gain information about users from a particular region, so their data could be added to external databases – before the loophole was blocked by the company in 2019.

    Read more: Apple’s software chief faults Mac security to keep grip on iPhone App Store

    While the company essentially called the fight with scrapes a cat-and-mouse game, it says it is working to prevent unauthorised scraping while allowing people to use its features to connect with other users. “Because scrapers are always changing their methods, we regularly review and update our defences to try to stay ahead of them,” the company stated.

    Follow HT Tech for the latest tech news and reviews , also keep up with us on Twitter, Facebook, and Instagram. For our latest videos, subscribe to our YouTube channel.

    First Published Date: 20 May, 12:57 PM IST
    keep up with tech