Meet Jane, a suburban soccer mom who bought his junior a brand spanking new computer a few months ago so he too could join the half-a-billion strong community on Facebook. Lucas, her son, couldn’t be happier. After all, all he was thinking about at the time was friending his team’s cheerleaders.
Fast-forward a few months later and up pops a prompt asking Lucas to approve ChickFinder, a cool new Facebook app for match-making. To help the app find your perfect match, it needs to know a little bit more about Lucas – like his phone number and address. Like most youngsters, Lucas has no idea that ChickFinder is a rogue app designed to suck out his personal information to the cloud.
And while Facebook may hunt down and kill ChickFinder soon, it’ll be too late for Lucas – someone out there already has his phone number and snail mail address, just the kind of stuff stalkers, psychos and thieves live for.
It’s a made up example that serves to illustrate one of the possible consequences stemming from a change in policy that Facebook put in effect as part of the updated User Graph object this past Friday.
Let me underscore this – no Facebook app is allowed to use the phone number and personal address you gave to Facebook without your consent. Yes, there is an opt-in prompt should you want to share this information with third-party apps, but will it be enough?
Graham Cluley of Sophos told Techdigest this could be a drastic change innocently disguised, as always, into a benefit:
This change isn’t as drastic as it might first appear, because users will need to give permission for third-party Facebook applications to access this data. But it still sounds like a recipe for disaster, given the prevalence of rogue scam applications already on Facebook – all of which benefit from apparently being blessed by the Facebook name and brand.
In reality, how many folks you know of read those privacy prompts? Contrast those to the vast majority of people who either don’t understand their privacy on Facebook or never bother reading the small print. Either way, most of us approve Facebook apps without even thinking.
Of course, we should know better and review those privacy prompts thoroughly before accepting them. We can only hope this erosion of users’ privacy rights on Facebook will convince everyone to think twice before blindly accepting those app requests.