French privacy watchdog: Nope, no Facebook messaging bug

Claims that older Facebook private messages were posted on users' walls are unfounded, according to the French data protection agency.

Zack Whittaker Writer-editor
Zack Whittaker is a former security editor for CNET's sister site ZDNet.
Zack Whittaker
2 min read

The French data protection authority, the Nationale de l'Informatique et des Libertes (CNIL), this week concluded there was no bug behind claims last week that Facebook was publicly displaying older private messages on users' Timelines.

A report published by the CNIL said the issue arose -- not for the first time -- after the new Timeline feature was globally rolled out.

In late September, French newspapers reported the alleged bug that showed private messages sent between two users as displaying in a "Friends" box on users' Timelines, which collated all the posts sent prior to 2009. Facebook quickly rebuffed the claims, stating the reports were "false." A source speaking to the BBC News said there was "no way" the two sets of data -- private messages and Wall posts -- could get mixed up.

The French government stepped in and the CNIL began investigating the claims, which quickly spread to international newspapers and online media outlets.

The CNIL concluded that there was no breach of user privacy.

Old Facebook posts haunt users
Watch this: Old Facebook posts haunt users

The government agency found that the "offending messages" were in fact from Wall-to-Wall contact, rather than through the private messaging feature on Facebook. The CNIL warned that users at the time may have thought they were using a private messaging-like system, without knowing the communications were in fact publicly available to their other Facebook friends.

"In other words, users felt they were sending [private] messages when using wall to wall," a translated CNIL report said.

The French agency noted that Facebook's operations today are not like those before 2010. "The ergonomics of the site was such that the visibility of messages 'Wall-to-Wall' was much smaller," and therefore perceived to be more private by users. Since then, Facebook expanded in features and more than doubled its then 400 million user base.

But the CNIL and the G29, a group of European data protection authorities, criticized Facebook when the social network changed privacy settings between 2009 and 2010 because it was thought the company had failed to make users fully aware of the changes.

"Indeed, by default, if users are not careful or if they followed the recommendations of Facebook content previously only available to private or friends were made accessible to everyone," the report said.

The CNIL recommended that Facebook should ensure greater transparency over users' privacy, and give users greater control over their data and the information they publish.