Then one of my good friends commented on my post 11 things I learned from myFarm–she is reluctant to accept the gifts I’ve sent her on facebook because she doesn’t want to give the application permission to access all her information. That got me wondering:
- How much access do those facebook applications really have?
- What are they allowed to do with people’s information?
- What restrictions are placed on applications to protect users’ privacy? Are there any? Should there be?
- Why do they need access?
- And the big question: should we facebook users put our trust in facebook apps?
If you just go from the message that is displayed, facebook apps have access to:
- Your facebook profile (gender, birthdate, relationship status, religious views, political views, activities, interests, favorite music/TV/movies, etc., contact information, e-mail address, phone number, IM name, address, web site, education, work)
- Your photos (all the photos you’ve posted on facebook)
- Your friends’ info (Does that mean my friend list? How much info about my friends do they have access to?)
- Other content that it requires to work (What does that include? Haven’t they already given the app every bit of personal information they have about me and all my friends?)
So basically, facebook apps have access to everything you’ve shared on facebook other than perhaps your Notes and Posted items, but it’s not clear that those are off limits either.
Now to give facebook a little credit, they have posted “Guiding Principles” for applications to follow; however, there is nothing that forces application builders to adhere to these principles. Guiding Principle #2 is:
Applications should be Trustworthy. …
- Secure: Protects user data and honors privacy choices for everyone across the social graph …
- Respectful: Values user attention and honors their intentions in communications and actions …
- Transparent: Explains how features will work and how they won’t work, especially in triggering user-to-user communications …
Read the guiding principles here.
But we know not all facebook apps follow these principles. Some facebook apps apparently load adware to your computer.
Last November, facebook launched an application verification program, but when browsing facebook applications, I don’t see any verification information on any of them. Okay, I only spot-checked a few apps, but it makes me wonder: Is this really being implemented? I see no positive comments from the developers, who appear to be afraid of paying an exorbitant fee to get verified.
I was hoping some good news would come out of this investigation, but I really couldn’t find any good reasons for people to trust facebook apps–or to even know which ones to trust and which not to. If you are one of the people who was scared off by the warning message, perhaps you’re one of the smart ones!
The best advice is probably not to share anything on facebook that you don’t want to be shared publicly and to be careful about which applications you choose to trust. Read customer reviews and the application description, and take your best guess at how trustworthy they are.