Facebook says Portal was designed with privacy in mind — but that’s not necessarily so for the Facebook Messenger infrastructure it’s built on
Facebook emphasised the privacy features of its video-enabled smart speakers, the Portal and Portal+, at their launch last week, and said the devices wouldn’t initially display adverts, but the company has now indicated the data it collects from the devices may be used to target ads when users access Facebook elsewhere.
The clarification is significant because of Facebook’s long list of scandals involving personal data and privacy, including a record-breaking hack shortly before the Portal launch that exposed the data of some 30 million users.
At launch, Facebook said the Portal devices were designed with privacy in mind from the beginning, pointing features such as a plastic clip that slides over the camera and a physical off button.
They also use onboard AI to process audio and video, meaning that data doesn’t need to be sent to remote servers.
The company’s Portal team said at the time that it was technically possible for the devices to display advertising, but that there were no plans to do so at present.
But it now appears that while the devices might not display ads themselves, the data they collect may be used to target ads at users when they access Facebook services on other platforms.
Facebook said only that it “may” use the data in this way.
But it affirmed that the same kinds of data are collected from the Portal devices as from other Facebook services, tending to suggest that that data would be processed in the same way as other data sources for the targeting of adverts.
It indicated no plans to treat the Portal data differently from information collected elsewhere.
The Portal line is powered by Facebook Messenger, and Facebook said it would collect the same data from Portal as it does from other Messenger-powered services.
Other data, such as which Portal apps are used, may also be used to target ads, the company said.
“Portal voice calling is built on the Messenger infrastructure, so when you make a video call on Portal, we collect the same types of information (i.e. usage data such as length of calls, frequency of calls) that we collect on other Messenger-enabled devices,” Facebook said in a statement.
“We may use this information to inform the ads we show you across our platforms. Other general usage data, such as aggregate usage of apps, etc., may also feed into the information that we use to serve ads.”
The company said at the Portal launch that it will not “listen to, view, or keep the contents of your Portal video calls” and gives users the option of deleting their voice history at any time via Facebook’s Activity Log.
But its statement on ad targeting, which was earlier reported by Recode, tends to undermine the impression of privacy the company made an effort to create when it launched the devices.
The company’s internal investigators currently believe the most recent privacy breach, which was disclosed in late September, was the work of spammers, according to a report by the Wall Street Journal that cites unnamed sources.
The likely culprits are a group of Facebook and Instagram spammers who have previously been known to Facebook, the report said.
The hack, which began in mid-September, gave hackers access to millions of phone numbers and email addresses.