A couple weeks ago, we discussed news that some Facebook application developers were selling or accidentally sharing user IDs
to advertisers and data brokers in violation of Facebook's privacy terms. Now, the company writes that they've updated the policy to dictate how UIDs can be handled within applications, and also punished the offending developers by blocking access to the site's communication channels for a period of six months
"While we determined that no private user data was sold and confirmed that transfer of these UIDs did not give access to any private data, this violation of our policy is something we take seriously. As such, we are taking action against these developers by instituting a 6-month full moratorium on their access to Facebook communication channels, and we will require these developers to submit their data practices to an audit in the future to confirm that they are in compliance with our policies. This impacts fewer than a dozen, mostly small developers, none of which are in the top 10 applications on Facebook Platform. We have also reached an agreement with Rapleaf, the data broker who came forward to work with us on this situation. Rapleaf has agreed to delete all UIDs in its possession, and they have agreed not to conduct any activities on the Facebook Platform (either directly or indirectly) going forward."