Forgot your password?
typodupeerror
Facebook Advertising Privacy Social Networks Software The Internet

Top Facebook Apps Violate Privacy Terms 95

Posted by CmdrTaco
from the dying-from-not-surprise dept.
cgriffin21 writes "No stranger to privacy concerns, Facebook is once again in the privacy spotlight, following a Wall Street Journal report that some popular Facebook applications leak personal information to advertisers. 'Many of the popular applications, or 'apps,' on the social-networking site Facebook Inc. have been transmitting identifying information — in effect, providing access to people's names and, in some cases, their friends' names — to dozens of advertising and Internet tracking companies,' according to The Wall Street Journal, which wrote about Facebook Sunday in the latest installment of its recent 'What They Know' series about advertising and the Internet."
This discussion has been archived. No new comments can be posted.

Top Facebook Apps Violate Privacy Terms

Comments Filter:
  • by digitaldc (879047) * on Monday October 18, 2010 @10:20AM (#33932478)
    ...and it is the end of privacy as we DON'T know it!
    Mark Zuckerberg sure has a predisposition to violating people's privacy and trust.
    I would quit facebook but then I would risk losing my 300+ distant, casual acquaintances :(
    • Yeap that's so true. Lucky I had never used facebook for privacy motives of my job. Now is like think twice if you want to use an app.
      • by HAKdragon (193605)
        One of the big problems with this is that apps can get at your information even if you don't use them - all it takes is for one of your friends to use one.
      • Now is like think twice if you want to use an app.

        It's quite obnoxious. I never hopped on the facebook apps wagon.... mostly because a superior form of every single fucking app was available on a better website or native Windows app. However, when I wanted to read the "results" of someone else's use of one of those apps, it takes me to this extremely presumptuous page with lovely items like:

        Hai guize! Your friend $RANDOM_LUSER has used $OUR_SHITTY_APP and you can too!

        (But of course I don't want to, nor do I give a shit)

        Facebook: To get started, this application needs access to the following information. Check or clear the [already checked] boxes to restrict this app's access to your information:

        • Your Name
        • Your email address
        • Your friends' names
        • Your firstborn child
        • Pictures of your genitals
        • Your phone number (will not be called except between the hours of 2 and 7 AM)
        • Your social security number (you will need to provide it after clicking "Run as Administrator")
        • Exclusive rights to anything you ever create for the rest of your life

        Deselecting any of the items on the list blocks access to the application. An application, which, I might add, doesn't need any of that info to operate correctly.

        I

        • by Dishevel (1105119)

          However, when I wanted to read the "results" of someone else's use of one of those apps,

          Why would you ever want to do that?

          • by RulerOf (975607)

            However, when I wanted to read the "results" of someone else's use of one of those apps,

            Why would you ever want to do that?

            Because she's hot?

        • Re: (Score:3, Insightful)

          by paeanblack (191171)

          Deselecting any of the items on the list blocks access to the application. An application, which, I might add, doesn't need any of that info to operate correctly.

          Given that the sole purpose of those apps is to collect such information, they actually do need that info to operate correctly.

          You didn't think they exist to entertain you, did you? Really?

    • by Culture20 (968837) on Monday October 18, 2010 @10:35AM (#33932718)
      It makes me wonder why Facebook had a privacy "policy" for app writers when they could have easily scrubbed data before letting Zinga et al get their grubby mitts on them. A "Do not walk on grass" sign carries less weight than a groundskeeper, security guard, or a fence.
      • Re: (Score:3, Insightful)

        by DJRumpy (1345787)

        Ah, my life for a Mod point. The point of security is to enforce the rules, not to ask for them to be enforced. I've been forced to turn off almost everything across the board on facebook. It's become a joke in it's 'safety' features and 'privacy' (or lack thereof).

        How long before we see the release of Diaspora?

      • by Anonymous Coward on Monday October 18, 2010 @11:19AM (#33933360)

        It makes me wonder why Facebook had a privacy "policy" for app writers when they could have easily scrubbed data before letting Zinga et al get their grubby mitts on them. A "Do not walk on grass" sign carries less weight than a groundskeeper, security guard, or a fence.

        Because that wouldn't have made Mark Zuckerberg stinking rich.

        • Re: (Score:3, Insightful)

          by TheRaven64 (641858)
          Yes it would. Facebook exists to sell your information to third parties. Restricting the information that third parties can get at without paying Facebook is directly in line with their goals. Of course, it also requires some moderate amount of competence, which is pretty unlikely for Facebook.
        • by nametaken (610866) *

          I don't think it's nearly that nefarious. At least not directly.

          Parts of this functionality are useful (or nearly necessary) for making good games and such. It just turns out that, surprise of surprises, people are assholes. Unique identification and communication with friends through the platform is part of the appeal for the user. No, we don't expect those co's to turn around and sell that same info.

          Facebook, for their part, warns you very explicitly that any 3rd party you OK could rape the fuck out o

        • Ahhhh... bingo! You can see it now... "Now listen guys, remember our privacy policy", says the FB rep with a wink and elbow bump. The value of ad space increases dramatically with just a little bit of extra demographic details thrown in. But don't worry... they're on top of it... wink, wink. Don. http://www.viewcaster.net/ [viewcaster.net]
    • by Goffee71 (628501) on Monday October 18, 2010 @10:52AM (#33932990) Homepage
      Facebook isn't in the privacy business, its in the business business and until told to stop it, in court, via a socking great fine, it will carry on regardless.
      • by Ceseuron (944486)

        Facebook isn't in the privacy business, its in the business business and until told to stop it, in court, via a socking great fine, it will carry on regardless.

        While I concur with this statement, the downside is that businesses like Facebook will often weigh the risk of getting fined versus how much they'll make selling all that information to advertising vultures. If the face value of the fine is less than the total profits made from selling private information to the highest bidders and the profit margin is big enough, I think the obvious result occurs. Facebook sells the information, Mark Zuckerberg pockets even more money, and they pay off the fine with whatev

      • I think it's pretty clear that facebook has broken the law. It's not OK for businesses to keep breaking the law simply because the penalties are lower than the gain.

        If this doesn't stop, penalties will increase, and maybe one should go with tough criminal penalties after the owners and managers.

      • I noticed the Beetles reference. I've read (on the interwebz so don't quote me) that it's supposed to be a reference to the Christian parable of the Walrus and the Carpenter. John Lennon claims he got the two parties confused and meant to be the carpenter. You decide ;)

    • Facebook wouldn't be worth much if it was private. With all the Zuck stuff in the news lately, you would think people would know that. What do they think he sells?

  • I'm surprised (Score:5, Interesting)

    by IBBoard (1128019) on Monday October 18, 2010 @10:22AM (#33932520) Homepage

    Yes, I'm surprised. Not at the fact that "private" data (in this case a UID that identifies a user that can be used to get their profile page and anything that they haven't hidden) has been released. No, I'm surprised at the fact that they are reporting it as an "inadvertent" release from the games and that people are shocked.

    If Facebook let data slip to the games when they didn't mean to then that'd be news. The fact that games (which, lets face it, appear to rely on either a) horrible advertising or b) selling your details, because there's no other way they could make it so profitable) give out extra data to advertisers that Facebook policy says that they weren't meant to seems like just another day at the office for many of those time wasting game developers.

    • I've got nine hours to harvest my Peanut Butter & Jelly co-op in order to earn my Biplane, so I can easily fertilize my crops, pal! If fly-by spreading of sh|t far and wide over virtual crappy crops isn't more important than sending out resumés, than I'll be a Facebook CEO!
    • by Peeteriz (821290)

      FB games generally don't rely on advertising or selling your details to make a profit. It may be a nice icing on the cake to get a bonus for the VP of monetization, but the lion's share usually comes from direct user payments for various bonuses or pretty pixels. In a decent FB game at least some 1-2% of players become customers, and if you get multiple millions of active players (as many FB games do) then it easily adds up to very nice amounts.

      Zynga earns more than a million dollars per day. It doesn't com

    • by Lemming42 (931274)

      The fact that games (which, lets face it, appear to rely on either a) horrible advertising or b) selling your details, because there's no other way they could make it so profitable)

      Whoa, slow your roll there. I'm sure lots of apps make money on advertising, but it's unfair to say that their business model is based around violating user privacy.

      The biggest games (Zynga games, especially) have proven that people are absolutely willing to engage in microtransactions in exchange for speed-ups and convenience.

  • by sinclair44 (728189) on Monday October 18, 2010 @10:24AM (#33932530) Homepage

    From my interpretation of TFA, it just looks like some apps were accidentally passing a referrer containing the user's Facebook ID.

    "Recently, it has come to our attention that several applications built on Facebook Platform were passing the User ID (UID), an identifier that we use within our APIs, in a manner that violated this policy," Vernal wrote. "In most cases, developers did not intend to pass the information, but did so because of the technical details of how the browsers work."

    "Press reports have exaggerated the implication of sharing at UID [user ID]. Knowledge of a UID does not enable anyone to access private user information without explicit user consent. Nevertheless, we are committed to ensuring that even the inadvertent passing of UIDs is prevented and all applications are in compliance with our policy."

    • by Abcd1234 (188840)

      Yeah, the UID's primary use is in linking back user activities directly to a particular FB account. So while this doesn't expose private information in the FB account itself, it does make it trivial to correlate activities from various apps in order to build a more detailed profile of a given FB user.

    • by bouldin (828821)

      Agreed.

      And although I really am determined to hate Facebook, someone should also point out that News Corp, who owns WSJ, also owns MySpace.

  • by obyom (999186) on Monday October 18, 2010 @10:30AM (#33932650)

    No stranger to privacy concerns, Facebook is one again in in the privacy spotlight...

    Isn't "privacy spotlight" an oxymoron?

  • by Anonymous Coward

    It's good to understand the power structure and who is reporting on who.

  • by grub (11606) <slashdot@grub.net> on Monday October 18, 2010 @10:56AM (#33933050) Homepage Journal

    One thing that pisses me off are the endless "Joe Blow has scored 100283 points on Fist the Goatse Guy"-type messages. You have to block that type of shit manually. They should have a default deny for that garbage.

    End of Rant.
    • Re: (Score:3, Informative)

      by darkstar949 (697933)
      You need to do this for each app that spams the wall, but when you put your mouse over the message an X will appear. Clicking will give you a couple options like "Hide [User]", "Mark as Spam", and "Hide Messages from [App]." When you hide the messages from the app, you will hide all messages across everyone on your friend list. Given that certain apps tend to be the most popular and played by more than one person, it shouldn't be too hard to hide the majority of the messages.
      • Re: (Score:3, Insightful)

        by grub (11606)
        That's what I do but I need to be on a computer to do it. The Facebook app doesn't seem to have that feature. It's a royal PITA.
    • FBPurity (Score:5, Insightful)

      by scrib (1277042) on Monday October 18, 2010 @11:29AM (#33933490)

      Firefox, greasemonkey add-on, and FBPurity. The "FB" stands for "Fluff Busting" not "facebook" for legal reasons...

      It blocks app messages, groups joined, events attended, everything. You can whitelist some things that you might want to see and create your own list of blocked words if you want. It's the only thing that makes facebook vaguely usable in my book...

      http://www.fbpurity.com/ [fbpurity.com]

      • Re: (Score:3, Insightful)

        by grub (11606)
        They don't work on the mobile app as they just hide, not block, the crap. As far as Facebook is concerned you're still a member of the group/whatever.
  • Over the past few years, modern Linux distributions such as Ubuntu have utterly transformed the open-source desktop user experience into something sleek and simple, while arguably surpassing Windows and Mac OS in both security and stability.

    ...and usability. I installed and played a new A list title on Windows last week and every minute of the experience made me want to scream. From the surprise reboot due to virus patches to the 25 digit "authorization" code that has to be entered manually, to the many step, go back to the beginning and try to figure it out again installation process, to the jerky video, to the clumsy user interface, it all trails the modern Linux desktop experience by a wide country mile. I swear, this is the last time I

  • Really? (sarcasm) (Score:4, Informative)

    by smbarbour (893880) on Monday October 18, 2010 @11:22AM (#33933396)

    You mean Zynga actually is the money hungry whore everyone thought it was?

  • by TheABomb (180342) on Monday October 18, 2010 @11:40AM (#33933664)

    It's not a "privacy leak" if you type the $#!% in yourself!

    • by decipher_saint (72686) on Monday October 18, 2010 @12:02PM (#33934036) Homepage

      What about when acquaintances release personal information about you on Facebook?

      That's the real problem with these apps that violate privacy, if it violates an individuals privacy it violates everyones (to some degree).

      Like it or not there is shared information that defines you, with our without your input.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      You're wrong.

      I type my credit card in when I buy stuff online. I expect that only the appropriate employees at the cc processor have access to that information.

      I type my telephone number in on facebook. I expect that only people on my friends' list can see my phone number, but sure enough, it's accessible by Zynga et. al. because one (or several) of my friends played farmville or whatever during the day or so after facebook auto-reset everyone's privacy settings.

      You may be right that the term 'privacy leak'

  • Overhyped BS (Score:3, Informative)

    by Is0m0rph (819726) on Monday October 18, 2010 @11:49AM (#33933820)
    This a passing of a user ID only. If that user has setup their profile correctly nothing can be gained from that user ID. It's no different than typing a random name in the search and going to the returned user's pages.
    • Re: (Score:2, Insightful)

      by mysidia (191772)

      It has privacy issues similar to tracking cookies. It is like a tracking cookie you cannot delete.

      It's not necessarily that it contains private information in itself, but it can be used to uniquely identify you.

      If someone records what information goes with that UID once, then it's possible to match your UID to that information in the future, either by a past or future gathering from that party, or by purchasing the information to match against the UID from an information broker

  • by mysidia (191772) on Monday October 18, 2010 @12:18PM (#33934236)

    That the apps with problems are the top ones.

    How do they become top apps?

    They work, are designed well, and are appealing to their audience both graphically and functionally.

    How do apps that best meet these criteria get built? By hiring top-notch programmers, web designers, and marketers.

    What do you need to hire top-notch programmers, designers, and marketers? Lots of financial backing?

    How do you get lots of financial backing and excellent investors? By selling a very good business plan.

    How do you get lots of money to fund development? Advertising and information brokering.

    What do advertisers pay a lot for? Extremely well-targetted ads that take into account specific characteristics of the audience.

    What do information brokers pay a lot for? Private information about your users.

  • Imagine going through this crap.

    Chuck in Fargo needs help building his barn.

    Mary in New York needs to borrow some fertilizer.

    Some data miner for Farmville hates his life.

    • by Dogtanian (588974)

      Imagine going through this crap. [..] Mary in New York needs to borrow some fertilizer.

      Ship the big pile of crap to Mary. Problem solved!

  • The link in the article leads to a spam link page with a big timed Flash ad. The actual Wall Street Journal article mentioned is here. [wsj.com]

  • "I am shocked - SHOCKED - to find out private information is being used by developers" - Mark Zuckerberg
  • I have a facebook account. It's not so bad. I don't use it very often but it's useful for some things. From time to time in the past I've gotten invitations to start using some app or another, and in rare circumstances it was an app which appealed to me for one reason or another. But, when I click to install it, I'm always confronted by a scary warning message saying that the app was going to steal my identity and rape my grandmother -- or something like that, it's hard to remember after something so scary.

    • So if such a warning is attached to every FB "app" what are the grounds for all the outrage?

      • by Myopic (18616)

        Outrage? I don't know, I would call myself outraged.

        But I think the issue is that the individual apps have data sharing policies, which would be more restrictive than the warning I stopped at, and those policies were not respected. I have never gotten to that point, though, so I couldn't be outraged about that.

    • The problem is that applications that your friends use can "share" (aka sell) your data. In Facebook, under Account -> Privacy Settings, click the "Edit your settings" link beneath "Applications and Websites", then click the "Edit Settings" on the "Info accessible through your friends" row. After you've unchecked all the boxes in a (probably futile) attempt to protect your privacy, check out this blurb just before you click Save Changes:

      Your name, profile picture, gender, networks and user ID (along with

  • It's the cross-pollination of data that concerns me the most. You don't know where one link of your Facebook account will turn up. This is a Google example, but I HAD a YouTube account and after Google bought them out I got a prompt to share my Google login info, which I did. So, now the YouTube account that allowed me to semi-anonymously comment on videos, pick favorites, and rate those I liked is rolled into my Google "screw your privacy" profile. A few weeks ago, I log in to see that somehow Google h

The trouble with opportunity is that it always comes disguised as hard work. -- Herbert V. Prochnow

Working...