How Facebook Apps Leak User IDs

Facebook finds apps giving user ID data to advertisers

WASHINGTON, (AFP) - Facebook on Monday confirmed that some popular third-party applications are violating the social network's rules and transmitting identifying information about users to advertising and Internet tracking companies.
"In most cases, developers did not intend to pass this information, but did so because of the technical details of how browsers work," Facebook engineer Mike Vernal said in a blog post.
"We are talking with our key partners and the broader Web community about possible solutions."
Vernal argued that press reports had exaggerated the implications of the situation and that getting user identification (UID) information did not provide access to private data without express permission.
"Nevertheless, we are committed to ensuring that even the inadvertent passing of UIDs is prevented and all applications are in compliance with our policy," Vernal said.
"We take strong measures to enforce this policy, including suspending and disabling applications that violate it."
The blog post came amid a flood of news stories triggered by a Wall Street Journal report that its investigation had found that the issue affects tens of millions of Facebook application users, including people who set their profiles to be completely private.
The practice breaks Facebook's rules and renews questions about its ability to keep secure identifiable information about the activities of its members.
"Our policy is very clear about protecting user data, ensuring that no one can access private user information without explicit user consent," Vernal said.
"Further, developers cannot disclose user information to ad networks and data brokers."
The Journal said applications were providing access to Facebook members' names and, in some cases, their friends' names, to companies that build detailed databases on people in order to track them online.
All of the 10 most popular applications on Facebook were transmitting unique user ID numbers to outside companies, it said. They include Zynga's FarmVille, with 59 million users, Texas HoldEm Poker and FrontierVille.
The Journal said several applications became unavailable to Facebook users after the newspaper informed the Palo Alto, California-based social network that they were transmitting personal information.
"We have taken immediate action to disable all applications that violate our terms," a Facebook spokesman said.
Facebook told the Journal it is taking steps to "dramatically limit" the exposure of users' personal information.
"Our technical systems have always been complemented by strong policy enforcement, and we will continue to rely on both to keep people in control of their information," a Facebook official said.
The Journal said the applications it reviewed were sending Facebook ID numbers to at least 25 advertising and data firms, several of which build profiles of Internet users by tracking their online activities.
Facebook specifically prohibits applications makers from transferring data about users to outside advertising and data companies, even if a user agrees.
Facebook is the world's most popular social network with around 500 million users, but it has been dogged by complaints about privacy protection.
Randi Zuckerberg, the sister of co-founder Mark Zuckerberg, told reporters at a forum in Dubai on Sunday that privacy was the company's top concern and it would continue to give people more controls.

Apps Caught Leaking Facebook User Data to Third-Parties

FarmVille Controlling Your Privacy
A Wall Street Journal investigation recently revealed that some of the most popular apps on Facebook were handing over your data to third parties, including advertising networks and Internet tracking companies. Many apps, including the popular/obnoxious 'FarmVille,' have been sending not just your own unique Facebook ID to others (regardless of your privacy settings), but also handing over data about your friends. In fact, even if you don't use one of the guilty apps it's possible that your information has been leaked thanks to a friend's poor choice in apps. (Hello 'Quiz Creator'!) Once a company has your user ID, anything public on your page becomes instantly indexable and usable data for building a profile of your habits, tastes and the company you keep.

This breach of user privacy is obviously a cause for concern, but perhaps most importantly, it raises questions about Facebook's ability to police its own platform. This sharing of identifiable data is a blatant violation of the site's terms of service. That three of the ten most popular apps were also mining data about users' friends shows that even seemingly trustworthy apps do not take the rules regarding Facebook data seriously.

A spokesperson for Facebook told the Wall Street Journal that the social networking site would be implementing new technologies to safeguard user data, and suspended several apps found to be leaking user data. Some companies, including Rapleaf (one of the third parties receiving user data), claimed that they were not violating Facebook rules, and that Facebook ID numbers were included accidentally.

Mark Zuckerberg and crew appear to be taking this latest privacy debacle seriously enough, but the damage has already been done. With tens of millions of accounts compromised and dozens of third parties currently in possession of their Facebook account info it's time to reevaluate how private your data really is. We've shown you how to protect yourself from apps and your friends before, and Valleywag has a good guide for blocking applications, and thus third-parties, from accessing your data.

To keep your friends from inadvertently sharing your info, go to the "Applications, games and websites" section of your privacy settings. Click the "edit settings" button next to "info accessible through your friends." After the shock of seeing all those checked off boxes subsides, uncheck all of them. Even if you're not paranoid, we recommend doing this. You can't control what your careless friends install on their Facebook profiles, but you can limit your exposure to their poor judgment.

remove unwantedIf you want to turn off certain applications that were singled out, including 'FarmVille,' 'FrontierVille,' 'Texas HoldEm Poker,' 'Gift Creator,' 'Quiz Creator,' and 'Familybuilder's Family Tree,' you can click the icon next to "remove unwanted or spammy applications" (also on the "Applications, games and websites" settings page). You'll be presented with a list of your installed apps, and clicking the "x" next to them will ask you to confirm that you want to delete it. If you don't want to take any chances, click 'turn of all platform applications,' which you can find just underneath the "remove unwanted apps" entry. Clicking on that link will open a dialog window, where you'll need to click "select all" at the bottom then click "turn off platform." Though if you're going to turn off all apps, you might as well consider deleting your account entirely.

0 Responses to "How Facebook Apps Leak User IDs"

Post a Comment

Related Posts Plugin for WordPress, Blogger...

Blog List 1

Return to top of page Copyright © 2010 | Flash News Converted into Blogger Template by HackTutors