Facebook has suspended 200 apps while it probes whether they misused people's information as part of its investigation into dodgy data dealings.
The Social Network launched the probe after revelations about political analytics firm Cambridge Analytica hit the headlines back in March.
They centre around apps that accessed user data before the firm announced changes to its Graph API use policies in 2014. Prior to that, apps could ask for permission to slurp up info on not just a user, but also all of their friends.
This is what GSR, the company founded by Cambridge academic Aleksandr Kogan, used to gain data from about 87 million people – which it is alleged to have passed on to Cambridge Analytica.
Kogan argued the developer policies were so incoherent they were effectively useless, but Facebook maintains that the reselling of information goes against its terms and conditions.
The probe, launched on 21 March as part of Facebook's efforts to look like it's taking action (though the horse bolted long ago), aims to find out if any other app developers have "misused" data.
The update, issued today by Ime Archibong, veep of product partnerships, said that thousands of apps had been investigated so far, in a two-phase process.
The first was to identify all apps that had access to the large amount of data they were allowed under the pre-2014 terms, followed by a second phase in which Facebook makes requests for information, conducts interviews and possibly perform audits or on-site inspections.
As part of this, it has suspended 200 apps "pending a thorough investigation into whether they did in fact misuse any data", Archibong said.
Facebook had previously announced the suspension of data analytics biz CubeYou, over quizzes that claimed data was for academic purposes but which may have been used to help marketers.
If there is evidence of any apps misusing data, Facebook has said it will ban them and notify people in a similar way to the process it used to let users know if they had used GSR's app.
However, that notification process appeared only to work for people who were current Facebook users as the page required people to log in – presumably excluding those who had since deleted or deactivated their accounts.
Facebook failed to respond to The Register's repeated requests for clarification on how former users would be alerted to the potential misuse of data. ®