Facebook has already admitted to using phone numbers collected under the guise of two-factor authentication in order to target ads, and now it turns out you can't opt-out of the service once you're committed.
Two-factor authentication, or 2FA, is used to secure Facebook accounts by requiring a user to either answer a prompt on their phone or input a code texted to them when they log into the site from a new device or unrecognized browser. When Facebook originally rolled out 2FA, there was no indication that the phone numbers they were collecting would be used for advertising or tied to a user's profile.
As it turns out, Facebook's default setting allows anyone to look up your profile using your phone number, even if you only used it for 2FA and never actually added it to your profile.
Emoji historian (yes, that's his real occupation) Jeremy Burge sounded the alarm on Twitter after noticing that the setting to allow people to look up users via their phone number was set to "everyone" by default.
For years Facebook claimed the adding a phone number for 2FA was only for security. Now it can be searched and there's no way to disable that. pic.twitter.com/zpYhuwADMS— Jeremy Burge (@jeremyburge) March 1, 2019
To disable the phone number look-up feature, open the Facebook menu and select "settings." From there, click on the "privacy" tab and you'll find the setting in question under the "how people find and contact you" banner.
This is only one example of many when it comes to potentially nefarious uses of your data by Facebook. In addition to illegally collecting data from many popular Android apps, other sketchy behavior includes disabling logging out of Messenger, the merging of messaging platforms even across apps they don't own, and massive data leaks of sensitive user information.