How does Facebook handle Privacy settings in database side?

What are the design patterns to design privacy system like facebook's.

User decides which information to share based his friend groups. All user information (email, phone) is stored in the data table which just key = value table.

Current Tables:

• User - (id)
• UserData - (id, user_id, datatype, value)
• Friendship - (user_id, friend_id, friendgroup_id)
• FriendGroup - (user_id, name)

Example:

• X group can see phone_1
• Y group can see phone_2
• All groups can see phone_3

This schema can be changed.