In 2018, Facebook announced to automatically expire an app's ability to receive any updates to users' information if their systems didn't recognise a person as having used the app within the last 90 days.
However, the company discovered that in some instances, apps continued to receive the data that people had previously authorised, even if it appeared they hadn't used the app in the last 90 days.
"For example, this could happen if someone used a fitness app to invite their friends from their hometown to a workout, but we didn't recognize that some of their friends had been inactive for many months," Facebook said in a statement late Wednesday.
"We haven't seen evidence that this issue resulted in sharing information that was inconsistent with the permissions people gave when they logged in using Facebook," said the company.
Facebook now requires developers to be accountable for the ways they use data and comply with it policies as part of a recent agreement with the FTC to whom it paid $5 billion as fine over users' privacy concerns.
As part of the settlement, Facebook has also introduced new Platform Terms and Developer Policies to ensure businesses and developers clearly understand their responsibility to safeguard data and respect people's privacy when using our platform.
These new terms limit the information developers can share with third parties without explicit consent from people.
"They also strengthen data security requirements and clarify when developers must delete data," said Facebook.