Network News

X My Profile
View More Activity
Anchored by Melissa Bell  |  About  |  Get Updates:  Twitter  |  Facebook  |  RSS Feeds RSS Feed

Facebook games privacy breach: Farmville, Texas HoldEm, other games release user data


Update, 3:50 p.m.

The Post's Rob Pegoraro says the whole breach is more of a molehill than a mountain.

To me, this whole episode confirms two general principles to remember when thinking about electronic privacy breaches.

1) Data will leak by accident for a variety of benign reasons: Developers used the same technique that worked before; they assumed all their users kept the default settings; they didn't factor in how older software would behave, and so on.

2) Some companies won't resist the temptation to use data they weren't supposed to see.

Read his whole take here.

8:00 a.m.

Facebook admitted to a privacy breach affecting tens of millions of Facebook users this Sunday.

After a Wall Street Journal investigation, the social media network admitted that certain apps--including some from its top 10 most popular apps, such as Farmville and Texas HoldEm--had been transmitting user IDs to advertising and Internet-tracking companies.

Facebook responded to the issue last night with a post on its developers' blog saying that the problem had only recently come to the site's attention. "In most cases, developers did not intend to pass this information, but did so because of the technical details of how browsers work," the posting said.

Officials representing Facebook and most of the apps said they had no idea the breach was occurring. Facebook did shut down LOLapps Media, one app company, that had been transmitting user IDs, on Friday.

It could very well be a glitch in the system of which Facebook was unaware. However, a very similar glitch was exposed in May by another Wall Street Journal article.

When a user clicked on an ad, the advertising company was able to see the last page viewed by that user. Called a "referer," these pages help sites know how a user got to their page. The Wall Street Journal calls referers "one of the Web's enduring privacy weak links."

Many times, a referer page will not expose any private information. But if the referer page is a person's personal Facebook page, advertising companies can see private information, even when privacy settings are in place.

A lawsuit is now underway in California courts, on the heels of the first discovery of the privacy breach, alleging that Facebook violated federal and California law when it sent data to advertisers without consent.

Facebook has not said it has solved the privacy gap, only that officials are working to do so. In the meantime, the best option for users is to take another look at their privacy settings and tighten up their virtual belts.

The company has long been dogged by privacy concerns. On the heels of this latest exposure, Germany's consumer affairs minister Ilse Aigner criticized the company for a "series of dubious practices".

Here's two ways to ensure more privacy on Facebook:

Give up the farming, get back to work.

Go to Privacy Settings -- > Applications, Games and Websites -- > Unwanted or spammy applications -- > Click the "x" next to each application you do not use.

Limit what your friends share about you.

Go to Privacy Settings -- > Applications, Games and Websites -- > Info accessible through your friends -- > Edit Settings -- > Uncheck all boxes and save changes.

By Melissa Bell  | October 18, 2010; 8:00 AM ET
Categories:  The Daily Catch  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   StumbleUpon   Technorati   Google Buzz   Previous: Music morning: Wynton Marsalis stings like a bumblebee
Next: Homer Simpson a Catholic? Must be following Stephen Colbert's lead


No!!! Not Farmville! Who will I get to help harvest my pumpkins?

Posted by: yellojkt | October 18, 2010 9:08 AM | Report abuse

Simple fix:

Don't click on ads....

Posted by: icyone | October 18, 2010 10:42 AM | Report abuse

Even simpler fix; quit using facebook, and call people to say hello.

Posted by: kblgca | October 18, 2010 10:48 AM | Report abuse

In September I got a False Security Virus from Facebook.
Very good advice Do Not Leave the center of your webpage.

Posted by: MilfordD | October 18, 2010 10:49 AM | Report abuse

I love the solution! "Give it up and get back to work"!

Posted by: swatkins1 | October 18, 2010 10:55 AM | Report abuse

I swear it's as if some people just discovered the Internet. Yes, Facebook and the app providers had no idea this was going on because they are essentially life support systems for advertising and they have no interest in data relating to customers who use their service. They're philanthropists doing it for the good of humanity and to score points with the babes.

Posted by: Minckey | October 18, 2010 10:56 AM | Report abuse

It makes you wonder about the value of Facebook if any applications can just farm its data. This data is surely the assets of the company.
It also makes one think about the future of Farmville's creators if they are so cavalier with users' data

Posted by: juliantoms | October 18, 2010 11:15 AM | Report abuse

One more reason why I never bothered with facebook or any of the other "community" sites. The first thing that comes to mind when thinking about such places is, security breach.
The billionaires who profit from these sites don't give a flying bleep for anyone's privacy but their own, and will always turn to excuses like: "..the problem had only recently come to the site's attention..." and "In most cases, developers did not intend to pass this information, but did so because of the technical details of how browsers work,"
Protecting ones privacy starts with employing common sense.
Building your own web site, today, is not a difficult thing to do.

Posted by: mikie44 | October 18, 2010 11:52 AM | Report abuse

The apps mentioned all seem to be Zynga apps. I guess it's time to kill off my Mafia War alter ego.

Posted by: kbockl | October 18, 2010 12:25 PM | Report abuse

I'm shocked! SHOCKED!

Posted by: BoteMan | October 18, 2010 2:44 PM | Report abuse

A little rant on internet privacy:

By the way - I find it a little ironic that i needed to give my personal information in order to comment on this post :)

Posted by: anthony_franco | October 18, 2010 5:15 PM | Report abuse

Facebook really does not seem to be interested in social networking anymore. There have been too many instances where Facebook could have, but haven't, used privacy settings to control user information and not misuse it by allowing third part access to it. Having developed a facebook app I know how easy it is to obtain all the user data. it is also easy to sell it and this i believe is very wrong on the part of Facebook. However a more secure, safer website such as MyCube would be a good solution. I have been looking around for alternatives and Mycube really looks like it could fit the bill - for both developers and regular users.

Posted by: clarkwalker | October 19, 2010 4:41 AM | Report abuse

Post a Comment

We encourage users to analyze, comment on and even challenge's articles, blogs, reviews and multimedia features.

User reviews and comments that include profanity or personal attacks or other inappropriate comments or material will be removed from the site. Additionally, entries that are unsigned or contain "signatures" by someone other than the actual author will be removed. Finally, we will take steps to block users who violate any of our posting standards, terms of use or privacy policies or any other policies governing this site. Please review the full rules governing commentaries and discussions.

characters remaining

RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company