October 31, 2010

Facebook Ropes In User Data Sharing

Facebook has taken more steps to stop software developers from sharing user information through Web browser programs.

"Today, we are clarifying our policy to ensure that developers understand the proper use of UIDs (user identification data) in their applications," the world's leading online social network said in a release.

"Our policy has always stated that data received from Facebook, including UIDs, cannot be shared with data brokers and ad networks."

Software developers behind outside applications were "inadvertently" sharing user identification numbers through Web browser programs.

"We have proposed a technical solution to prevent this sort of transfer in the future," Facebook said. "In addition, we are working with browser vendors to address this issue more broadly across the web."

Facebook modified its policy to forbid user identification data from being taken from third-party applications and for this type of information to remain confidential if used by analytics services connected to programs.

"Ad networks that operate on Facebook Platform are already required to sign terms that govern their use of data," the social network said.

"We are requiring these ad networks to delete any Facebook UIDs, regardless of how they were obtained."

The world's largest social networking site said that its investigation into the situation revealed that a data broker paid some developers for UIDs in violation of the Facebook's policy.

According to Facebook, developers that violate the new policy are being placed on 6-month moratoriums and will have their data practices audited to make sure they are in compliance with rules at the social network.

The moratorium affected fewer than a dozen developers, none of which are in the top ten applications at Facebook.

Two U.S. Congress members asked Facebook to explain how applications transmitted information about users to advertising and Web tracking companies in violation of the social network's rules.

Joe Barton, a Texas Republican Congressman, along with Edward Markey, a Democratic Congressman from Massachusetts, asked Facebook founder Mark Zuckerberg to reply to 18 questions about what they called a "privacy breach."

The two asked Zuckerberg how many users were impacted, what information was transmitted to other parties and how many third-party applications were involved.

The congressman also asked whether Facebook will "seek the deletion of its users' personal information from data bases of the Internet or advertising companies who received it as a result of this series of privacy breaches?"

Andrew Noyes, a Facebook spokesman, told AFP that Facebook "is committed to safeguarding private data while letting people enjoy meaningful social experiences with their friends."

"As our privacy policy states, when a Facebook user connects with an application, the user ID is part of the information that the application receives," he said.

"The suggestion that the passing of a user ID to an application, as described in Facebook's privacy policy, constitutes a 'breach' is curious at best," Noyes said.

The Wall Street Journal reported that applications were providing access to Facebook members' names and their friends' names to companies that build detailed databases on people.

It said that all of the 10 most popular applications on Facebook transmitted unique user ID numbers to outside companies.


On the Net: