Facebook has landed itself in hot water once again. Users are complaining that the phone number which Facebook requires in order for them to secure their accounts with two-factor authentication is also connected to their profile thus allowing anyone to “look up” their profile.

To make matter worse for users and Facebook, the social media giant does not give users the option to opt-out from this feature. A feature no-one asked for or gave consent to.

Just last year, Facebook was backed into a corner and had to admit that after months of hassling users to switch to two-factor via a users phone number, that it was also using these phones numbers to target people with ads. Now, many users have discovered that Facebook’s default setting allows anyone, whether they have an account or not, to look up any user profile based off the same number they previously used with their account.

The recent backlash began after Jeremy Burge tweeted and criticised Facebook for their tactic in collecting and using of phone numbers which he compared to “a unique ID that is used to link your identity across every platform on the internet.”

Facebook’s Phone Number Collection Strategies:

Although users are able to hide their phone numbers on their profile, it is still possible to “look up” user profiles in different ways, such as “when someone uploads your contact info to Facebook from their mobile phone,” as per a Facebook help article.

Of course, this is a far more restricted way than that of allowing users to search for other users by use of a persons phone number, which Facebook actually restricted last year after admitting that many users had their information scraped.

Furthermore, Facebook also gives users the option to allow other users to “look up” their profile via their phone number to “everyone” by default and this can be changed to “friends of friends” or to just the user’s “friends”.

The problem is, currently there is no way to hide it completely.

Reported by Gizmodo last year, when a user provides Facebook with their number for two-factor authentication it “became targetable by an advertiser within a couple of weeks.”

However, should a user, not like this (as most of us would not) they are able to set up two-factor without the use of a phone number.

That being said, even if users have chosen not to set up two-factor, there have been several well-documented cases of users having their phone numbers collected by Facebook despite whether a user had provided consent or not.

It’s 2019 and quite alarming to hear about a company as huge as Facebook making these blatant privacy invasions. Let’s see how they handle this media backlash in the weeks to come.