A Harvard University student has confirmed he lost his internship at Facebook after launching an app that exploited privacy flaws on its message platform. Aran Khanna's mapping tool showed Facebook Messenger users how to pinpoint the exact locations of anyone in their conversation thread, even those they were not friends with.The computer science and mathematics student posted the plugin, Marauder's Map, from his Harvard dormitory room in May. The Google Chrome extension, which made use of Facebook Messenger's default geolocation sharing, was downloaded 85,000 times.
Mr Khanna said he posted a blog about the app on Reddit and Medium on 26 May. He said Facebook called him in the following days asking him not to speak to the press and to delete the extension. Mr Khanna said he duly complied with both requests.
Three days after posting the app, Mr Khanna says Facebook told him they were withdrawing his internship offer. He said he received an email saying "my blog post did not reflect the 'high ethical standards' around user privacy expected of interns".
Facebook released a Messenger app update a week later that it said addressed the privacy flaw.
Company spokesman Matt Steinfeld told Sky News the update had been in development for months.He said Mr Khanna had scraped data from Facebook in a way that violated its user agreement terms.
Mr Steinfeld added: "We don't dismiss employees for exposing privacy flaws, but we do take it seriously when someone misuses user data and puts people at risk."
Mr Khanna wrote a case study this week for a Harvard publication about his experience.
He concluded: "What does this say about privacy protection?
"Can we reasonably expect Facebook or others with an interest in collecting and sharing personal data to be responsible guardians of privacy?"
Facebook itself was launched from a Harvard dorm room in 2004.