Many of the most popular applications, or “apps,” on the social-networking site Facebook Inc. have been transmitting identifying information—in effect, providing access to people’s names and, in some cases, their friends’ names—to dozens of advertising and Internet tracking companies, a Wall Street Journal investigation has found.
The issue affects tens of millions of Facebook app users, including people who set their profiles to Facebook’s strictest privacy settings. The practice breaks Facebook’s rules, and renews questions about its ability to keep identifiable information about its users’ activities secure.
The problem has ties to the growing field of companies that build detailed databases on people in order to track them online—a practice the Journal has been examining in its What They Know series. It’s unclear how long the breach was in place. On Sunday, a Facebook spokesman said it is taking steps to “dramatically limit” the exposure of users’ personal information.
“A Facebook user ID may be inadvertently shared by a user’s Internet browser or by an application,” the spokesman said. Knowledge of an ID “does not permit access to anyone’s private information on Facebook,” he said, adding that the company would introduce new technology to contain the problem identified by the Journal.
Do you want anyone who can get your address on the Internet to be able to call up a photo of your house? If you don’t, that’s unfortunate, because it’s all there on Google Street View, like it or not. Facebook has apparently taken to changing its default settings so that your information—the personal news you thought you were sharing only with friends—is available to strangers and mined for commercial data. And young people will say anything on networking sites because they’re young, because no one has taught them not to, because they’re being raised in a culture that has grown more exhibitionistic.
Privacy advocates have called on regulators to intervene. Some frustrated users, meanwhile, have created websites that highlight what they see as shortcomings in Facebook’s privacy controls.
The site’s privacy travails have rattled Facebook employees and put pressure on Mr. Zuckerberg, who has argued for years that its users should be more open with their information. He has at times over-ruled employees who argue Facebook should make more information private, by default, according to people familiar with the matter. He has instead pushed to offer tools so users can control their information, these people said.
In recent days, executives and other employees have hunkered down in Facebook’s Silicon Valley headquarters, debating how to address the backlash to two recently launched features. Participants are discussing whether to implement new controls that allow users to conceal their profiles more universally, according to people familiar with the matter. Such tools would represent a big shift from Facebook’s current approach of giving users multiple controls for specific parts of their profiles, and are an option Mr. Zuckerberg has resisted. On Monday, rival MySpace said it would simplify its privacy settings by giving users the option to select one privacy setting for all the information in their profiles. MySpace is owned by News Corp., as is The Wall Street Journal.
Original Post 5-5-10:
I’m deleting my Facebook Account permanently. The last straw is the news reported in the New York Times about its latest security and privacy failure:
For many users of Facebook, the world’s largest social network, it was just the latest in a string of frustrations.
On Wednesday, users discovered a glitch that gave them access to supposedly private information in the accounts of their Facebook friends, like chat conversations.
Not long before, Facebook had introduced changes that essentially forced users to choose between making information about their interests available to anyone or removing it altogether.
Although Facebook quickly moved to close the security hole on Wednesday, the breach heightened a feeling among many users that it was becoming hard to trust the service to protect their personal information.
The issue is exactly one of trust. Although it was fun to reconnect with old friends and keep up with current ones through this social medium, but it’s no longer worth the hassles or the risk.
See you here instead, or on Twitter!