Facebook employees can access your account, passwords not needed

Here's another reason for Facebook users to be very careful of the things they post online: Facebook employees can access Facebook accounts without need for passwords.

But Facebook explained this is part of a tiered and strictly managed customer support setup, with employees abusing this trust getting fired, VentureBeat reported.

"Access is tiered and limited by job function, and designated employees may only access the amount of information that’s necessary to carry out their job responsibilities, such as responding to bug reports or account support inquiries. Two separate systems are in place to detect suspicious patterns of behavior, and these systems produce reports once per week, which are reviewed by two independent security teams," VentureBeat quoted a Facebook spokesperson as saying. 

We have rigorous administrative, physical, and technical controls in place to restrict employee access to user data. Our controls have been evaluated by independent third parties and confirmed multiple times by the Irish Data Protection Commissioner’s Office as part of their audit of our practices.

"We have a zero tolerance approach to abuse, and improper behavior results in termination," the spokesperson added.

The VentureBeat report said Facebook's explanation stemmed from the experience of Paavo Siljamäki, director at the record label Anjunabeats.

Siljamäki narrated visiting Facebook offices in L.A., with nice people there were giving advice on how to use Facebook better.

He said he was asked if it was okay for them to look at his profile, and he agreed. He then said a Facebook engineer logged in directly without entering passwords.

"Just made me wonder how many of Facebook's staff have this kind of 'master' access to anyone's account? What are the rules on who and when they can access our private content and how would we know if someone did?" he said.

VentureBeat said Facebook appeared to have a customer service tool that allows access to a user’s account, but it is "heavily monitored and controlled, requires consent from the user, and can only be used in specific cases by a select group of employees."

In Siljamäki's case, the Facebook employee got permission to resolve the issue. — Joel Locsin/LBG, GMA News