Network News

X My Profile
View More Activity
Posted at 2:11 PM ET, 01/18/2011

Facebook address-sharing retreat provides further proof of law of unintended consequences

By Rob Pegoraro

Your Facebook applications will no longer steal your home address or your mobile-phone number. Then again, they weren't going to do that in the first place.

The Palo Alto, Calif., social network hit the pause button on plans announced Friday night to allow third-party applications to request access to that information.

facebook_address_mobile_permission.png

In a blog post time-stamped at 2:25 this morning, Facebook head of developer relations Douglas Purdy wrote that adding this option to a permissions dialog many users unthinkingly click through (as seen in the image at right, from Facebook's earlier post) might not be so wise:

Over the weekend, we got some useful feedback that we could make people more clearly aware of when they are granting access to this data. We agree, and we are making changes to help ensure you only share this information when you intend to do so. [....] We look forward to re-enabling this improved feature in the next few weeks.

Too many people see one "is this OK?" dialog and think that they've seen them all--with results visible every time a Facebook friend gets suckered by some spammy application written to spread itself virally across the site. (For the last time, do not click to see the status update that got this girl expelled from school!)

Facebook's management should know better by now, after all of their prior privacy misadventures.

(Post Co. chairman Donald E. Graham sits on Facebook's board of directors.)

On the other hand, the overreaction to this story also shows a lack of foresight. Headlines like "Facebook Offers App Makers Your Home Address and Phone Number" suggested that users would have no control over this change, when in fact they'd have to allow it.

And suggestions that you respond by removing your mobile number from Facebook, such as Sunday's blog post by the security firm Sophos, miss an important issue: Your mobile number may be your best shot at recovering your account if it gets compromised.

(The Sophos post made a better point when it asked: "Wouldn't it be better if only app developers who had been approved by Facebook were allowed to gather this information?")

I should also note that there's a simpler way to avoid having Facebook applications misuse their data: Don't install them. You may feel like you have to be on the site--you don't--but that doesn't mean you then need to clutter up your profile with a host of third-party add-ons. In this respect, using Facebook is just like using a computer: If you haven't seen an app recommended by a trusted, knowledgeable source, don't install it. If you're not sure, don't install it.

By Rob Pegoraro  | January 18, 2011; 2:11 PM ET
Categories:  Privacy, Social media  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Sony hits snag in case over PS3 hacks
Next: Comcast and NBC: Did the Feds fold?

Comments

Hi Rob - thanks for the information. With regards to applications, in that respect, is using Facebook really just like using a computer? It's obviously more like reading your own autobiography, or hanging out with your friends. How can you compare it to something so mundane as a "computer." Careful, Rob.

Posted by: kgustaf | January 18, 2011 3:20 PM | Report abuse

@kgustaf: That's exactly my point. You can't treat Facebook like a real-world bulletin board, coffee shop, bar or park, or you probably will make a mistake with your privacy--because it's not some neutral meeting ground. It's a for-profit company that can afford to give away a valuable service by offering advertisers an enormous and well-defined audience.

Plus, just like a computer, you can choose to use Facebook as-is, without adding any other applications. Or you can try to extend its usefulness with add-on apps--some of which may not be anything you want.

- RP

Posted by: Rob Pegoraro | January 18, 2011 4:17 PM | Report abuse

Who does Facebook think they are...Google??
Maybe we should start posting false information and share the true stuff via e-mail. Apparently, even vulnerable mail ISPs are safer than FB, who seems to have no real concern for the welfare of its users.

Posted by: flipper49 | January 18, 2011 5:25 PM | Report abuse

One thing you didn't cover is whether this permission was retroactively granted to existing installed apps?

Also, I think this misstep indicates the danger of putting private information on facebook. Time and time again, FB has made it clear that their goal is sharing information as widely as possible. So unless you want to keep up with the changes to FB terms and permission, you shouldn't put your private information there.

Posted by: tundey | January 18, 2011 5:48 PM | Report abuse

Why don't I use Facebook? They're too intrusive with respect to my privacy. I'll keep my privacy, they can keep their Facebook.

Posted by: John991 | January 18, 2011 6:03 PM | Report abuse

One more reason only totally mindless idiots post anything on facebook.

Posted by: ksobserver1 | January 18, 2011 8:11 PM | Report abuse

Post a Comment

We encourage users to analyze, comment on and even challenge washingtonpost.com's articles, blogs, reviews and multimedia features.

User reviews and comments that include profanity or personal attacks or other inappropriate comments or material will be removed from the site. Additionally, entries that are unsigned or contain "signatures" by someone other than the actual author will be removed. Finally, we will take steps to block users who violate any of our posting standards, terms of use or privacy policies or any other policies governing this site. Please review the full rules governing commentaries and discussions.




characters remaining

 
 
RSS Feed
Subscribe to The Post

© 2011 The Washington Post Company