Feeds

Facebook claims mail API less intrusive than Gmail

This sh*t right here is tight

Combat fraud and increase customer satisfaction

Facebook has defended plans to open up members' inboxes to application developers as a technology designed to spur for innovation in areas such as mobile messaging.

The social networking site said security consultant concerns that development of the technology makes for an unacceptable privacy risk are misplaced. In particular, Facebook said its Mailbox API plans poses less of a privacy risk than Gmail, which scans email messages to serve targeted ads.

Facebook users who sign up to applications that make use of Mailbox API give permission for applications to scan the contents of messages sent through the social networking website.

In answer to our questions about what privacy controls would be applied to the delivery of this functionality, Facebook offered a response that also sheds light on how the Mailbox software hook-ins might be developed to offer push email style-functionality for messages sent through the social networking website.

We are looking at ways of opening up Facebook to make it more accessible to users in the ways they want to access it, but we aren't the ones that decide how they want to use the tools we can provide, only the users can choose.

A good example of how we think it could be used is getting your Facebook Inbox on your Blackberry through POP similar to how Gmail is brought to you on your Blackberry. This type of API is standard for email providers across the Web and benefits users because it allows them to access their messages off of Facebook.

Doesn't allowing third-party app developers to hook into user's mailboxes go further than Gmail's scanning of emails to display targeted ads, we asked. Not so, a Facebook spokeswoman responded, arguing that users will have to give "explicit permission" for an app to access their inbox.

I was interested by your thought that it was potentially more contentious than Gmail? We believe it is much safer for a number of reasons. Facebook will be white-listing individual applications and the user must give explicit permission for the app to access the Inbox. I'm not aware of any webmail service that does any vetting for applications that use their POP features. And unlike Gmail, we don't have to share username and password for it to work which we believe makes it more secure.

This is also different to the regular API for applications, and importantly there are no advertiser implications either. We would, of course advise any users to always be cautious when interacting with applications.

Facebook's response follows our earlier article on the potential privacy concerns of allowing applications to hook into inboxes. Graham Cluley, senior technology consultant, described the development as a "privacy nightmare waiting to happen" and worried that a road-map for the technology may include plans to integrate functionality which would allow application developers to send mails from their users' inboxes. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Android engineer: We DIDN'T copy Apple OR follow Samsung's orders
Veep testifies for Samsung during Apple patent trial
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Windows XP still has 27 per cent market share on its deathbed
Windows 7 making some gains on XP Death Day
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
Windows 8.1, which you probably haven't upgraded to yet, ALREADY OBSOLETE
Pre-Update versions of new Windows version will no longer support patches
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
Red Hat to ship RHEL 7 release candidate with a taste of container tech
Grab 'near-final' version of next Enterprise Linux next week
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.