WSJ: Farmville, Facebook apps share names with advertisers, Web trackers
Some of Facebook's popular apps have been sharing your name - and, in some cases the names of your friends - to advertising and Internet tracking companies, according to an investigative report published by the Wall Street Journal late Sunday.
Among them is Zynga's Farmville, with 59 million users, Frontierville and Texas HoldEm Poker. Farmville reportedly shared the names of users, as well as user's friends. The report said that tens of millions of Facebook app users have been affected, even among those whose profiles were set to the strictest settings.
The WSJ reported that some apps were unavailable after the newspaper contacted Facebook about the findings of its own investigation. It's important to note that it was third-party apps, not Facebook itself, that were sharing the information and that app developers are prohibited from sharing user information with outside advertising or data companies, even if the user agrees.
The Journal's investigation shows how Facebook has not been able to police that rule. The company told the WSJ that it would address the problem with technology. A company spokesperson said:
This is an even more complicated technical challenge than a similar issue we successfully addressed last spring on Facebook.com but one that we are committed to addressing.
Facebook says that Journal's findings are overblown. In a blog post, Facebook said:
Recently, it has come to our attention that several applications built on Facebook Platform were passing the User ID (UID), an identifier that we use within our APIs, in a manner that violated this policy. In most cases, developers did not intend to pass this information, but did so because of the technical details of how browsers work.
Press reports have exaggerated the implications of sharing a UID. Knowledge of a UID does not enable anyone to access private user information without explicit user consent. Nevertheless, we are committed to ensuring that even the inadvertent passing of UIDs is prevented and all applications are in compliance with our policy.
It's an unfortunate setback for Facebook. The company has taken a PR beating in the past for missteps around privacy settings and user control but has recently gone to great lengths to address privacy and user control when it announces something new, just as it did when it launched a search partnership with Bing last week.
Call it a lesson learned for a growing "platform" company - and hopefully one that's resolved quickly. On several occasions, CEO Mark Zuckerberg has said that the power of Facebook is its platform, the foundation for bringing a social element into other areas of the Internet. That's true - but Facebook needs to make sure that that platform is a safe place for the users. That means policing the platform to make sure user data isn't compromised in any way that's going to betray the company's trust with the users.
Facebook users who are adamant about privacy can only be forgiving so many times.