Facebook has been accused of abusing a security feature in order to weaken user privacy, after the social network was found using phone numbers initially handed over for account safety for other purposes. The company now faces criticism that it will be harder to convince users to take other necessary security measures if users view this as an abuse of trust.

Since 2011, Facebook has asked users for their phone numbers in order to enable “two-factor authentication”, a common account security feature that sends a text message whenever a login is attempted. The social network even required the feature to be used by the moderators of large Facebook pages, telling them they had to hand over a phone number in order to prevent the page from being easily stolen by a canny hacker.

But in the years after the social network first enabled two-factor authentication, Facebook began to use the phone numbers users had provided for other purposes – eventually, by September 2018, going so far as to update the language used in the prompt, adding the words “and more” to the end of a statement that had previously read, simply: “Add your phone number to help secure your account.” Now, users who once added their phone number for security are faced with a privacy setting that asks them who can look them up using that number. The options are “everyone”, “friends of friends”, or “friends”. There is no choice to ban that use.(theguardian)…[+]