Facebook has revealed that a data broker has been buying identifying Facebook user information from app developers, and as a result the social-networking powerhouse has placed some developers on a six-month suspension.
The announcement, which Facebook made Friday afternoon on its developer blog, comes on the heels of the revelation that many popular Facebook apps were transmitting user IDs--which can be used to look up a users' names and, in some cases, the names of the app user's friends--to at least 25 advertising and data firms.
According to Facebook's developer blog:
As we examined the circumstances of inadvertent UID transfers, we discovered some instances where a data broker was paying developers for UIDs. While we determined that no private user data was sold and confirmed that transfer of these UIDs did not give access to any private data, this violation of our policy is something we take seriously. As such, we are taking action against these developers by instituting a 6-month full moratorium on their access to Facebook communication channels, and we will require these developers to submit their data practices to an audit in the future to confirm that they are in compliance with our policies. This impacts fewer than a dozen, mostly small developers, none of which are in the top 10 applications on Facebook Platform.
Facebook did not identify the data broker that was purchasing user information but did say it had reached an agreement with Rapleaf, a San Francisco-based data aggregation company that was previously identified as receiving some user information. Facebook said that Rapleaf has agreed to delete all user ID information in its possession and agreed not to conduct any further activities on the social network. The blog post did not indicate whether Rapleaf was the broker involved in the sale of user information, and Rapleaf representatives did not immediately reply to a request for comment.
In announcing the suspensions, Facebook said it "never sold and will never sell user information" and has a "zero tolerance for data brokers because they undermine the value that users have come to expect from Facebook."
The social-networking giant has blamed the issue on "referrer URLs," which tell sites which Web sites directed Internet users to sites, and has proposed a technical solution to prevent future transfers. Facebook also announced it had modified its policy to require developers to use the anonymous identifiers when working with ad networks.
Steven Musil is the night news editor at CNET News. Before joining CNET News in 2000, Steven spent 10 years at various Bay Area newspapers. E-mail Steven.
Comments