The troubles for Facebook continued this week, with a trove of internal email message as part of an investigation in the U.K. Parliament revealing questionable data practices, including Facebook's Android app permissions being designed to gather data without users knowing.

Despite a U.S. federal judge ruling that the email messages should be sealed, Damian Collins, chairman of Parliament's Digital, Culture, Media and Sport Committee, ordered the collection of 200 pages of internal Facebook email messages be released. He said on Twitter that this was done because the committee didn't feel it "had straight answers from Facebook" on important issues.

I believe there is considerable public interest in releasing these documents. They raise important questions about how Facebook treats users data, their policies for working with app developers, and how they exercise their dominant position in the social media market. — Damian Collins (@DamianCollins) December 5, 2018

The email messages described various practices by Facebook, including entering whitelisting agreements to allow certain companies to continue to maintain "full access to friends data," linking access to friends data to the financial value of Facebook for developers and data reciprocity policies between Facebook and developers.

One of the more troubling revelations in the email messages regarded Facebook app permissions on Android. The email messages showed that, in November 2013, Facebook privacy and legal teams were working "to understand privacy risks associated with several Android permissions that will go out in the next release, including permissions associated with reading call logs and SMS."

Another email thread from February 2015 described a plan for the Facebook app permissions on Android to trigger a dialog and require users to accept call log uploads, but Facebook found a loophole that would allow the app to be updated "without subjecting them to an Android permissions dialog at all."

According to a summary of the email messages by Collins, "Facebook knew that the changes to its policies on the Android mobile phone system, which enabled the Facebook app to collect a record of calls and texts sent by the user, would be controversial. To mitigate any bad PR, Facebook planned to make it as hard [as] possible for users to know that this was one of the underlying features of the upgrade of their app."

Google did not respond to specific questions, but pointed out that runtime permissions -- allowing users to "see, grant and revoke permissions" before for apps at a granular level -- was introduced in Android 6.0 Marshmallow, which would have made Facebook app permissions more transparent. However, Android platform history showed that, despite Marshmallow being released in October 2015, Android 6.0 and higher wouldn't be installed on more than 50% of devices in the wild until mid-2017.

Additionally, in October 2018, Google locked down access to call logs and SMS data. The only apps that can access that data are the default Android phone and messaging apps.

In a blog post, Facebook responded by saying the documents were "cherrypicked," and the release "tells only one side of the story and omits important context." The blog post also gave a more specific explanation for the Facebook app permissions issue.

"The feature is opt in for users and we ask for people's permission before enabling. We always consider the best way to ask for a person's permission, whether that's through a permission dialog set by a mobile operating system like Android or iOS, or a permission we design in the Facebook app," Facebook wrote. "With this feature, we asked for permission inside the Facebook Messenger app, and this was a discussion about how our decision to launch this opt-in feature would interact with the Android operating system's own permission screens. This was not a discussion about avoiding asking people for permission."