Multiple Facebookers and ex-Facebookers risked lawsuits by revealing the company's longstanding problem with employees who abuse their access to Facebook's databases to stalk Facebook users, and its longstanding practice of binding all concerned to nondisclosure, keeping it a secret from the people who were stalked by its employees.
This week, Facebook fired another employee for stalking -- reportedly a man serving on the company's security team who used his access to stalk women.
The sources who talked to Motherboard enumerated the weak access controls in place at Facebook; even contractors were able to access sensitive personal information on Facebook's users; they did say that some kinds of access were logged and that employees who were discovered to be exceeding their authorization faced consequences.
One former Facebook worker said when they joined the company multiple people had been terminated for abusing access to user data, including for stalking exes.
Another former Facebook employee said that they know of three cases where people were fired because they mishandled data, one of which included stalking. Typically, these incidents are not publicly reported.
As with many other businesses, data access is distributed depending on an employee’s role in a company. One source familiar with Facebook employees’ data access told Motherboard that different teams have varying levels of access, and that they can request additional access if required. The person added that the security team is more trusted than other departments, and abuse there is more difficult to detect. The employee Facebook recently fired for allegedly stalking women was a security engineer, according to Jackie Stokes, founder of Spyglass Security, who originally flagged the case earlier this week.
Sources: Facebook Has Fired Multiple Employees for Snooping on Users [Joseph Cox and Max Hoppenstedt/Motherboard]