Privacy Breach by Facebook


Facebook logo
Image via Wikipedia

Via The Wall Street Journal:

Many of the most popular applications, or “apps,” on the social-networking site Facebook Inc. have been transmitting identifying information—in effect, providing access to people’s names and, in some cases, their friends’ names—to dozens of advertising and Internet tracking companies, a Wall Street Journal investigation has found.

The issue affects tens of millions of Facebook app users, including people who set their profiles to Facebook’s strictest privacy settings. The practice breaks Facebook’s rules, and renews questions about its ability to keep identifiable information about its users’ activities secure.

The problem has ties to the growing field of companies that build detailed databases on people in order to track them online—a practice the Journal has been examining in its What They Know series. It’s unclear how long the breach was in place. On Sunday, a Facebook spokesman said it is taking steps to “dramatically limit” the exposure of users’ personal information.

Many top applications on Facebook have been transmitting identifying information to Internet tracking and ad companies. Emily Steel discusses. Also, Michael Ramsey discusses skepticism about the auto industry’s big bet that battery-powered cars will become big sellers.

“A Facebook user ID may be inadvertently shared by a user’s Internet browser or by an application,” the spokesman said. Knowledge of an ID “does not permit access to anyone’s private information on Facebook,” he said, adding that the company would introduce new technology to contain the problem identified by the Journal.

“Our technical systems have always been complemented by strong policy enforcement, and we will continue to rely on both to keep people in control of their information,” the Facebook official said.

Seems to be a continuing storyline for Facebook …

The Journal’s findings are the latest challenge for Facebook, which has been criticized in recent years for modifying its privacy rules to expose more of a user’s information. This past spring, the Journal found that Facebook was transmitting the ID numbers to advertising companies, under some circumstances, when a user clicked on an ad. Facebook subsequently discontinued the practice.

“This is an even more complicated technical challenge than a similar issue we successfully addressed last spring on Facebook.com,” a Facebook spokesman said, “but one that we are committed to addressing.”

The privacy issue follows Facebook’s effort just this month to give its users more control over its apps, which privacy activists had cited as a potential hole in users’ ability to control who sees their information. On Oct. 6, Facebook created a control panel that lets users see which apps are accessing which categories of information about them. It indicates, for example, when an application accesses a user’s “basic information” (including a user ID and name). However, it doesn’t detail what information friends’ applications have accessed about a user.

and 3rd party application developers.

The applications transmitting Facebook IDs may have breached their own privacy policies, as well as industry standards, which say sites shouldn’t share and advertisers shouldn’t collect personally identifiable information without users’ permission. Zynga, for example, says in its privacy policy that it “does not provide any Personally Identifiable Information to third-party advertising companies.”

A Zynga spokeswoman said, “Zynga has a strict policy of not passing personally identifiable information to any third parties. We look forward to working with Facebook to refine how web technologies work to keep people in control of their information.”

The most expansive use of Facebook user information uncovered by the Journal involved RapLeaf. The San Francisco company compiles and sells profiles of individuals based in part on their online activities.

The Journal found that some LOLapps applications, as well as the Family Tree application, were transmitting users’ Facebook ID numbers to RapLeaf. RapLeaf then linked those ID numbers to dossiers it had previously assembled on those individuals, according to RapLeaf. RapLeaf then embedded that information in an Internet-tracking file known as a “cookie.”

RapLeaf says it strips out the user’s name when it embeds the information in the cookie and shares that information for ad targeting. However, The Wall Street Journal found that RapLeaf transmitted Facebook user IDs to a dozen other advertising and data firms, including Google Inc.‘s Invite Media.

The more technology advances the more privacy concerns and security issues will arise.  The question is are the concerns overblown.

Powered by ScribeFire.

Enhanced by Zemanta

 

Advertisements

About brvanlanen

Just a thirty-something guy currently hanging it up in the greater Green Bay area. My post-high school educational background is mainly in the Information Technology field. Specifically I have an A.A.S. in Computer Network Systems and a B.S. in Information Systems Security, both from ITT Technical Institute, in addition to A and MCDST certifications. In my free time I enjoy spending time with my family, cooking and sports. My Christian faith is also important to me as a Missouri-Synod Lutheran and all my children attend a Lutheran grade school. When it comes to political leanings I am a conservative first and foremost which you will discover rather quickly. As for sports I am a huge fan of the Green Bay Packers.

Posted on October 21, 2010, in Cybersecurity, Facebook, Security breach, Social Networking, Technology and tagged , , , , , , . Bookmark the permalink. Comments Off on Privacy Breach by Facebook.

Comments are closed.

%d bloggers like this: