Facebook just got hit with two privacy scandals in the last two weeks.

First, a trusted partner was caught harvesting the data of millions of Instagram users.

Then, the company acknowledged that it was sending audio from users' Messenger chats to human transcribers.

The double whammy shows Facebook still has a massive blind spot on privacy, even after two years of crises.

Facebook's privacy woes aren't over yet.

In July, the beleaguered California tech giant reached a $5 billion settlement with the Federal Trade Commission over alleged privacy violations. While critics groused that the penalty didn't do enough to change Facebook's fundamental business model, the company and the FTC touted the record-breaking fine and the mandated structural reforms that went with it as a major milestone — a chance for the company to turn over a new leaf.

But barely a month later, it's clear that Facebook's self-proclaimed "pivot to privacy" is not going to be a smooth transition. In just the last two weeks, the $524 billion company has become mired in two new privacy crises.

First, Business Insider discovered that Hyp3r, a buzzy marketing startup, had taken advantage of Facebook's lax oversight and a security issue in Instagram to harvest the personal data of millions of Instagram users. Hyp3r was able to track their locations and save their Stories. Facebook not only failed to notice the illicit behavior, it named the startup one of its official marketing partners — an exclusive category that's supposed to be reserved to marketing and advertising firms that it's vetted.

Read this: Your Instagram Stories may not actually be disappearing after 24 hours — at least one company has been quietly saving them

On the heels of that scandal, Bloomberg revealed that Facebook was paying contractors to transcribe audio clips from users' messages. Facebook did so without explicitly asking for users' consent or informing them that it would be using humans to listen to and transcribe their conversations.

The latest privacy problems have a common theme

The two issues are distinct and affect different parts of the company. One involves data security and oversight of partners by Instagram, while the other has to do with failures in implementing and explaining consumer-facing products at Messenger.

But there's a theme running through them: They illustrate how despite everything — two years of scandals, the Cambridge Analytica fiasco, the $5 billion fine — Facebook still has an extraordinary blind-spot when it comes to issues involving privacy and the safeguarding of user data.

Time and time again, the company builds products and systems that give short shrift to security and privacy. Inevitably, this myopia comes to light and blows up in Facebook's face. And just as inevitably, the result is user outrage at discovering how the company was handling their data.

Until Facebook addresses this blind spot, you shouldn't expect its privacy problems to go away.

Do you work at Facebook? Got a tip? Contact this reporter via encrypted messaging app Signal at +1 (650) 636-6268 using a non-work phone, email at rprice@businessinsider.com, Telegram or WeChat at robaeprice, or Twitter DM at @robaeprice. (PR pitches by email only, please.) You can also contact Business Insider securely via SecureDrop.