Facebook has scratched email contacts from 1.5 million users

The social network has admitted that Facebook "unintentionally" has downloaded the email contacts of more than 1.5 million users without asking permission to do so.

Data collection was done via a system to verify the identity of new members,

Facebook asked new users to provide the password for their email account and took a copy of their contacts.

Facebook said that he had changed his way of handling new users to prevent contacts from being uploaded.

Loss of data

All users whose contacts have been made will be notified and any contacts entered without consent will be removed, he added.

The information entered would have been used by Facebook to help map social and personal connections between users.

Analysis: Rory Cellan-Jones, Technology Correspondent

Anyone who, like me, joined Facebook a decade or more ago probably clicked "yes" when she was asked to download all her contacts.

This seemed like a good way to make the network more useful and, after all, what could be the problem? But after the various data scandals broke Facebook's trust, we became much more cautious.

We realized the damage that could be done by communicating this valuable information about our social relations – for journalists it could mean revealing their contacts, for whistleblowers, their relationships with regulators, for almost all their contacts with people that they might not want their partners to know.

We now know that Facebook has somehow scratched the electronic contacts of 1.5 million people over a period of three years without their agreement. Now, whenever the social network suggests "people you may know," we'll ask, "How do you know I can know them?"

For many, the idea that they should trust Facebook with their data seems more outmoded day by day.

Contacts began to be taken without consent in May 2016, the company told Business Insider, which revealed the story.

Prior to this date, new users were asked if they wanted to verify their identity via their email account. They were also asked if they wanted to download their address book voluntarily.

This option and the text specifying that contacts were entered were changed in May 2016, but the underlying code that scratched the contacts remained intact, said Facebook.

The Irish Data Protection Commissioner, who oversees Facebook in Europe, is engaged with the company to understand what has happened and its consequences.

The case of email contacts is the latest in a long series in which Facebook has mismanaged the data of some of its billions of users.

By the end of March, Facebook discovered that passwords of about 600 million users were stored in clear internal text for months.

Ongoing violations and other Facebook criticism also prompt some well-known users to opt out. The latest is the Democratic representative Alexandria Ocasio-Cortez, who said she "left" the social network.

In an interview with a Yahoo News podcast, she said: "I've personally dropped Facebook, which was pretty serious because I started my Facebook campaign."

She added that social media presented a "risk to public health".