Feeds

Facebook claims mail API less intrusive than Gmail

This sh*t right here is tight

Secure remote control for conventional and virtual desktops

Facebook has defended plans to open up members' inboxes to application developers as a technology designed to spur for innovation in areas such as mobile messaging.

The social networking site said security consultant concerns that development of the technology makes for an unacceptable privacy risk are misplaced. In particular, Facebook said its Mailbox API plans poses less of a privacy risk than Gmail, which scans email messages to serve targeted ads.

Facebook users who sign up to applications that make use of Mailbox API give permission for applications to scan the contents of messages sent through the social networking website.

In answer to our questions about what privacy controls would be applied to the delivery of this functionality, Facebook offered a response that also sheds light on how the Mailbox software hook-ins might be developed to offer push email style-functionality for messages sent through the social networking website.

We are looking at ways of opening up Facebook to make it more accessible to users in the ways they want to access it, but we aren't the ones that decide how they want to use the tools we can provide, only the users can choose.

A good example of how we think it could be used is getting your Facebook Inbox on your Blackberry through POP similar to how Gmail is brought to you on your Blackberry. This type of API is standard for email providers across the Web and benefits users because it allows them to access their messages off of Facebook.

Doesn't allowing third-party app developers to hook into user's mailboxes go further than Gmail's scanning of emails to display targeted ads, we asked. Not so, a Facebook spokeswoman responded, arguing that users will have to give "explicit permission" for an app to access their inbox.

I was interested by your thought that it was potentially more contentious than Gmail? We believe it is much safer for a number of reasons. Facebook will be white-listing individual applications and the user must give explicit permission for the app to access the Inbox. I'm not aware of any webmail service that does any vetting for applications that use their POP features. And unlike Gmail, we don't have to share username and password for it to work which we believe makes it more secure.

This is also different to the regular API for applications, and importantly there are no advertiser implications either. We would, of course advise any users to always be cautious when interacting with applications.

Facebook's response follows our earlier article on the potential privacy concerns of allowing applications to hook into inboxes. Graham Cluley, senior technology consultant, described the development as a "privacy nightmare waiting to happen" and worried that a road-map for the technology may include plans to integrate functionality which would allow application developers to send mails from their users' inboxes. ®

The essential guide to IT transformation

More from The Register

next story
Apple promises to lift Curse of the Drained iPhone 5 Battery
Have you tried turning it off and...? Never mind, here's a replacement
Mozilla's 'Tiles' ads debut in new Firefox nightlies
You can try turning them off and on again
Linux turns 23 and Linus Torvalds celebrates as only he can
No, not with swearing, but by controlling the release cycle
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
This is how I set about making a fortune with my own startup
Would you leave your well-paid job to chase your dream?
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Advanced data protection for your virtualized environments
Find a natural fit for optimizing protection for the often resource-constrained data protection process found in virtual environments.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.