Royal Bank of Canada is denying a report that it was able to read, write and delete users’ messages on the social networking website Facebook.
The New York Times has published a story claiming Facebook gave RBC, along with Spotify and Netflix, the ability to see private messages between its users.
The claims were based on hundreds of internal Facebook documents obtained by the newspaper, that have not been verified by The Canadian Press.
The Times story says more than 150 companies were given access to personal information from Facebook users, including entire friends’ lists and contact information without their permission or knowledge.
RBC says it was given permission to send messages to Facebook users from 2013 to 2015 when it offered a mobile app service that enabled customers to send money to their friends through the social network. It says it did not have the ability to see users’ messages.
The bank says it needed to be able to send the messages to confirm the identity of the Facebook user receiving the money and to send them a receipt of the transaction. The bank denied having access to private messages, or needing access to these messages.
The service, which used the bank’s mobile app, was decommissioned in 2015 due to low usage.
“RBC’s use of the Facebook platform was limited to the development of a service that enabled clients to facilitate payment transactions to their Facebook friends,” said RBC spokesman AJ Goodman in an email.
“As part of our security and fraud protocols, we needed to uniquely identify the recipient of funds and payments to securely process the transaction and deliver the notification. We did not have the ability to see users’ messages.”