Facebook's Latest Faux Pas
The latest public relations disaster for the company that brought the world Beacon stems from Top Friends, an application created by Slide.
Turns out that Top Friends had a glitch that allowed any users who downloaded the application to see information like the birthdays and gender of any other Top Friends users. Some of the users affected include Larry Page's wife, according to CNet, which first reported the story.
Facebook suspended the application after reporters from CNet raised questions about it.
The social networking site is blaming Top Friends, saying that third-party developers must agree to comply with guidelines to place apps on the site. But consider, Facebook was specifically warned that this type of data breach could occur.
Last month, Canadian advocates filed a privacy complaint that specifically highlighted the privacy risks posed by third-party applications. The complaint criticized Facebook for setting up an installation system that requires users to give developers permission to access their personal data by default. A pre-checked box says that users will allow the application to "Know who I am and access my information." Users who uncheck that box can't install the application. Instead, they're shown the message, "Granting access to information is required to add applications. If you are not willing to grant access to your information, do not add this application."
While there is a way to opt out of sharing information with developers, users can only do so from a separate privacy page on the site, according to the Canadian complaint.
The privacy group criticized Facebook for this procedure, arguing that the site should obtain users' explicit consent before sharing personal information with third parties.
The Canadian group also took Facebook to task for doing "an inadequate job of monitoring the development of third party platform applications."
"Hackers may easily penetrate into these poorly developed programs," the complaint charges.
With Top Friends, ordinary users were apparently able to discover personal information about other ordinary users, thanks to a third-party app with a security flaw. One only wonders how many other privacy breaches are waiting to occur on the site.