Just as we all thought the dust was settling on the whole Cambridge Analytica thing and the funny memes from Mark Zuckerberg's visit to Congress had run out of steam we find out that at least 200 more Facebook apps were collecting data and sharing it without our permission.
One of the apps, myPerosnality, has been around for over a decade and has scraped and shared data from about 300 million people's profiles. It was one of 200 apps Facebook dumped in their latest 'search and destroy' mission, targeting apps that don't follow their terms and conditions.
Noah Abelson-Gertler, the CEO of UGC legal rights management software firm ShareRoot said "In previous years consumers were not aware of these privacy violations, but because we are beginning to care more, the truth behind unfair and inequitable data practices are being uncovered and shared publicly- this pattern is not going to stop, we are just scratching the surface".
Although 200 apps sounds like a positive move, it really is just the start. It's tricky determining precisely how many apps are available on Facebook but 10 million would be a conservative estimate given there were about nine million five years ago. Given the rules Facebook set were only lightly enforced, based on current evidence, 200 apps (or 201 if you count Cambridge Analytica) it would be optimistic to think just 200 were dodgy.
Now that the initial outrage about Cambridge Analytica has died down, the danger is that people think the problem has been solved. Or, as more announcements are made about data leaks, they become desensitised to the issue, stop caring and resume their past behaviour and share data to apps without giving too much thought.
Michelle Gallaher, from social media and digital marketing agency The Social Science, said, "The inadvertent loss or deliberate theft of data is now firmly at the top of every company’s risk register. From small business to multinationals, few boards and management groups are adequately equipped to manage data risk in terms of skill and technology".
For businesses - the advice is simple. It's time to talk to the whole business about the risks that come from sharing social media data. I'm afraid to say that we have to take a low trust view of social media. Facebook is facing their "Code Red" moment just as Microsoft did in the early 2000s. Back then, Microsoft halted almost all new development in order to fix glaring problems with their software.
Whether Facebook is able to transform in a similar way remains to be seen.