Facebook has put in a lot of effort to getting users to enter their mobile numbers. But now the social network is giving developers access to numbers in addition to home addresses with a single click. Is this just trouble waiting to happen?
The timing of the post couldn’t have been more questionable — just as most people were leaving work on the west coast and Facebook employees were beginning their weekly happy hour at Cafe 6. Granted, the company’s job is to make this post appear as though it’s just another day at the social network, in an effort to play down the significance of this new functionality. Over the weekend a number of publications began discussing the issue, the most sensational of which comes from Sophos, which writes “Rogue Facebook apps can now access your home address and mobile phone number.”
It’s true. Facebook’s new permissions gives those developers with bad intentions access to a greater amount of personal information. The flip side is that this isn’t exactly credit card information. However, as developers gain access to more information, the question arises: Is the company doing enough to protect our personal data? The answer is most definitely not clear cut.
The Consumer Perspective
All Facebook’s Editor, Jackie Cohen, provided us with the consumer’s perspective earlier this morning, pointing out that “most people will click ‘allow’ without noticing the permission window now includes the words ‘current address and mobile phone number.’ …Unfortunately, the developers plying the user graph objects include rogue applications, such as spamware, malware and deceptive schemes that security staff seems to have a hard time keeping up with. This category of n’er-do-wells can now gain access to people’s mobile phone numbers and street addresses. So we really hope the social network devises a way to bar the rogues from using this set of code, and if that’s not possible, then perhaps get rid of the entire thing before any damage could be done.”
It’s a legitimate perspective, which is why we’ve already seen a lot of people, including Sophos, criticize Facebook for the move. As one commenter told us, “I’m deleting all my personal info now. ugh!!!!!” This is probably the most rational response, in addition to being the best way to protect your personal information.
Facebook As An Identity Authenticator
On the flip side, Facebook is trying to legitimately provide users with a valuable tool to make surfing the web a whole lot easier. By serving as a centralized identity provider, the social network makes registering for new sites as easy as a couple of clicks. It’s a problem that has existed on the web for a long time now: You visit a new website and have to fill out a long form that typically includes the same information: email, first name, last name, password, and potentially additional data such as your age, gender, phone number and so on.
Rather than having to fill out the information over and over with each new application that you install, the social network enables users to accomplish the exact same thing in a matter of clicks. It’s a clear value add, and it’s exactly why the company says, “every month, more than 250 million people engage with Facebook on external websites.”
Facebook’s Questionable Communication
While the value proposition is clear, Facebook has used a questionable communication strategy. As previously mentioned, why would the company choose to post such a significant article at a time when most users are done with the week and now moving on to weekend activities? We can only see this as a deliberate effort to push the issue under the radar. This is exactly the type of communication that we don’t want from one of the most powerful identity providers in the world. Instead we want transparency from a company that expects its own users to be completely transparent.
Why not write an occasional blog post addressing the issues surrounding privacy and identity that are ever present in the media? With Facebook recently coming under attack over the sharing of user data on their platform by developers, it seems odd that the company would just push forward as though nothing happened. While such a policy is only expected based on past behavior, increasing transparency is something that would possibly bring comfort to users.
We can only sit and wait for the next Rapleaf to emerge, next time with much more personal user information, thanks to the increasing amount of data granted to developers. What’s most obvious is that we now live in a world of decreasing privacy, and Facebook is taking the lead in pushing us forward into this new age. As the leader though, it would be great to see Facebook take a much more proactive approach in communicating the company’s position. Then again, they’ve gotten this far with a less-than-transparent communications strategy, why stop now?
Do you agree or disagree with Facebook’s decision to grant developers access to additional user data? What additional information would you like to hear from Facebook that they aren’t providing now?