U.S. Representatives Edward Markey (D., Mass.) (right) and Joe Barton (R., Texas) (left) are demanding Facebook answer questions about a recent privacy breach.  (Source: AP Photo/House Panel on Global Warming)

Companies exploited a loophole in Facebook's URL structure to get user names and compile lists of friends, even among users with the strictest privacy settings. The companies then worked with Google to build cookies to track the users' online activities.  (Source: Taste Goblet)
Two House members have sent a letter to Facebook following reports of violations

U.S. Representatives Edward Markey (D., Mass.) and Joe Barton (R., Texas) may sit on opposite aisles of the political spectrum, but both can agree on some issues.  Together the two representatives have penned a request for information to Facebook, Inc. the world's largest social network and one of the biggest tech companies in America.

The request for information follows a report in The Wall Street Journal that accused Facebook's app partners of knowingly and/or unknowingly violating the site's privacy terms of service and exposing many of the site's 500 million users' names and friends to data mining companies for ad revenue.

Reps Markey and Barton happen to be co-chairs of the House Bipartisan Privacy Caucus.  They are asking Facebook for details about how applications on the social network handle user information, to better understand who is responsible for the latest breach.  Referring to the current incident and past problems, the officials write "this series of breaches of consumer privacy is a cause for concern."

A Facebook spokesperson tells The Wall Street Journal that they are looking into the request.  And while they admit that a flaw in Facebook's privacy settings allowed users' names to be exposed to third parties, they disagree that this constitutes a "breach".  The spokesperson asserts, "The suggestion that the passing of a user ID to an application, as described in Facebook's privacy policy, constitutes a 'breach' is curious at best."

This contradicts somewhat what Facebook executive Mike Vernal wrote in a blog post yesterday.  He writes:
We take user privacy seriously. We are dedicated to protecting private user data while letting users enjoy rich experiences with their friends. This more social Web will only occur if users trust that they are in control of their information.

Our policy is very clear about protecting user data, ensuring that no one can access private user information without explicit user consent. Further, developers cannot disclose user information to ad networks and data brokers. We take strong measures to enforce this policy, including suspending and disabling applications that violate it.

Recently, it has come to our attention that several applications built on Facebook Platform were passing the User ID (UID), an identifier that we use within our APIs, in a manner that violated this policy. In most cases, developers did not intend to pass this information, but did so because of the technical details of how browsers work.

Facebook did take action against some of the ten accused app makers in The Wall Street Journal's report.  It suspended some of their apps, though most had been restored by late Monday. 

Among those suspended and restored was LOLapps, makers of Gift Creator and other popular apps.  The company reportedly was selling user info to a company called RapLeaf that was then compiling and selling it to companies like Google.  LOLapps reports having severed its undisclosed relationship with RapLeaf and claims it never intended to collect user information.

The U.S. government in recent months has shown a fascinating desire to protect consumer privacy from corporate interests.  Reps. Markey and Barton have reportedly filed 15 similar requests for information to various data mining firms that may be violating users' online privacy. 

On a seemingly bipolar note the U.S. government is reportedly seeking to expand its spying powers online, with incoming legislation looking to make it easier to file warrantless requests for Facebook records.  Federal courts have also asserted that federal and state agents should be allowed to invade personal property and plant tracking devices on U.S. citizens' cars without warrants.

"Well, we didn't have anyone in line that got shot waiting for our system." -- Nintendo of America Vice President Perrin Kaplan

Most Popular Articles

Copyright 2018 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki