Earlier this week, Facebook found itself embroiled in yet another privacy "breach". And on cue, the media, politicians, and lawyers (yes, those lawyers) were ready to pounce.

At issue: the fact that Facebook user IDs were being shared with advertising and analytics companies through Facebook applications.

In most cases, this undisclosed sharing really wasn't Facebook's doing. Because user IDs are included in URLs used by Facebook applications, advertising and analytics companies were able to access them through referrer data. Despite the uproar, it still isn't clear how many companies were intentionally keeping track of, or sharing, user IDs.

While it's hard to blame Facebook for the scourge of referrers (note sarcasm), Facebook isn't exactly a victim here: it certainly knew that user IDs could be exposed in this fashion and used in violation of its rules. For whatever reason, it seems to have simply ignored this.

But faced with more unwanted attention that reminds the world that what happens on Facebook doesn't always stay on Facebook, Facebook has proposed a solution: encrypt user information. Developers of Facebook applications would have to decrypt the user information within their applications; information, such as user IDs, would no longer be visible in plain text in URLs.

Is this a viable solution? Unfortunately not. While it would prevent inadvertent tracking and sharing of user IDs, it will do nothing to prevent intentional tracking and sharing of user IDs. An application developer who decides that the value of this data exceeds the risk of being banned by Facebook could still decrypt this information in his or her application and then transmit it to third parties.

Will this be a common occurrence? Who knows, which highlights the fact that Facebook's real problem is one of trust and transparency. There can be no doubt that Facebook's open platform has been a boon to the company, its users and entrepreneurs. But the open platform model Facebook has adopted has some inherent limitations. Pragmatically, Facebook cannot fully police or control the behavior of third party developers. They have access to certain data, and Facebook has to trust that they will follow its rules for the use of that data.

That data, of course, is potentially valuable, and there will always be an incentive for some developers to use it in ways that violate Facebook's rules. The issue for the average user is that much of this is not obvious. Many users, for instance, are probably entirely unaware of what data is shared with Facebook applications and what is going on behind the scenes.

The challenge for Facebook is balancing what's good for its open platform strategy with what's good for user privacy. But Facebook can't meet that challenge until it recognizes that not all of these privacy conundrums will be resolved solely by technical means.

Patricio Robles

Published 22 October, 2010 by Patricio Robles

Patricio Robles is a tech reporter at Econsultancy. Follow him on Twitter.

2641 more posts from this author

You might be interested in

Comments (4)



I ran across this in search of tools to help with security features with Facebook, you may want to try it out it worked for me.

Free Cloakguard plugin for Facebook available from:
Download - https://addons.mozilla.org/en-US/firefox/addon/194385/
Demo - http://www.youtube.com/watch?v=C4qN3TBqx08

over 7 years ago

Peter Bordes

Peter Bordes, Executive Chairman & Founder at oneQube

hers the Billion Dollar Privacy question: Good or Evil: Have We Shared Too Much w/ ,Facebook , Google & Apple ? http://ityb.it/2p8Hr this is the best info graphic i have seen that lays it out...

over 7 years ago



please solv you this facebook problem

over 5 years ago


দেঙ্গু মশা


over 5 years ago

Save or Cancel

Enjoying this article?

Get more just like this, delivered to your inbox.

Keep up to date with the latest analysis, inspiration and learning from the Econsultancy blog with our free Digital Pulse newsletter. You will receive a hand-picked digest of the latest and greatest articles, as well as snippets of new market data, best practice guides and trends research.