A potentially serious security breach affecting tens of millions of Facebook users is the latest privacy snafu dogging the world's largest online social network.
The 10 most-popular Facebook applications — including Zynga's popular social game FarmVille, which reaches 56 million people— have been transmitting users' personal identifying information to dozens of advertising and Internet tracking companies, according to a report in The Wall Street Journal.
In a statement, Facebook called the report "exaggerated" and said there is "no evidence that any personal information was misused or even collected."
The company says it has taken immediate action to disable applications that violated terms of its privacy policy. (Most apps are made by independent software companies, not Facebook.)
It's also exploring technical solutions and expects to disclose details in the next few days.
Zynga did not respond to a request for comment.
At issue are user IDs, the unique identifier assigned to each Facebook member. Those IDs could be included in the "referers" that websites send to other sites to tell them where the user originated, the Journal reported.
Privacy advocates and legal experts say the issue is more a design flaw on the Internet than a nefarious bid by Facebook to monetize user data. Still, the imbroglio may fan some users' lingering doubts about the safety of their data on Facebook.
If members don't trust Facebook with their data, they aren't likely to use the site as much, says Alan Chapell, an attorney who specializes in privacy law.
"It's not intentional (on Facebook's part), but the leakage of data undermines its trust with some users," says Justin Brookman, senior fellow at the Center for Democracy & Technology.
Chester Wisniewski, senior security adviser at Sophos, suggests Facebook invoke a more stringent validation process for third-party applications, as Apple does.
ACLU attorney Chris Conley says Facebook needs to provide privacy settings that let members control which apps have access to their personal info.
0 Response to "Facebook disables apps that violated its privacy policy"