> As far as the Cambridge story - this is also misleading because the API's that were used there were available to the entire world and everyone knew exactly what they were
That was actually the entire point. That Facebook had these overly... generous APIs for anyone to use. That's not a good thing.
APIs used by apps that required explicit opt in and permission granting by the end user.
Calling them “overly generous” is such a disingenuous statement because it connotes such a clearly wrong historical perspective that the whole statement is a falsehood.
Facebook’s APIs at the time were considered too stingy at the time! So much so it was constantly fending off accusations of being a walled garden taking advantage of an open web. The less than adequate APIs were their attempts at fending off that narrative.
There's a lot of truth to this statement. The web started out a lot more open. Email addressss were generally public, commands like finger existed, etc etc etc
It's worth noting that the context around privacy of generic life information of the kind you post on social media has radically changed in the last 10-20 years.
Back then, the Facebook API gave out personal details of not use the end user, but all the end user's 'friends'. I never gave the explicit opt in for that.
You chose to be friends with someone on Facebook which means you very explicitly chose to share your personal details with that person for them to consume or view it in whatever way they saw fit. It was very much clear from context at the time that they would consume it from multiple different sources: the website, phone-specific apps, shared games, etc.
Once someone knows something about you, it's no longer yours; it's that person's to do with as they please.
That was actually the entire point. That Facebook had these overly... generous APIs for anyone to use. That's not a good thing.