Feeds

Facebook developers exiled for selling user IDs to brokers

Data broker comes clean

Reducing security risks from open source software

Facebook is taking action against developers who flouted company rules by selling unique user IDs to a data broker.

The unnamed developers, which numbered fewer than 12, won't have access to Facebook communication channels for six months, Facebook platform engineer Mike Vernal said on Friday. They also will be required to submit their data practices to a third-party auditor to confirm they comply with Facebook policies.

Facebook has also reached an agreement with data broker Rapleaf, which according to a Wall Street Journal investigation linked Facebook user IDs it got from games developers to its own database of Internet users, which it sells. Rapleaf will delete all the IDs in its possession and has promised not to conduct similar activities in the future.

“In taking these steps, we believe we are taking the appropriate measures to ensure people stay in control of their information, while providing developers the tools they need to create engaging social experiences,” Vernal said. “We look forward to broader cooperation from everyone in the web community to confront issues that impact all of us.”

The action comes after the WSJ caught Facebook transmitting the user IDs of those playing some of the site's most popular games to dozens of advertising and Internet tracking companies. The disclosure came even as Facebook's terms of service promised that personally identifiable information would never be sold to advertisers or data brokers.

The allegations are now part of a federal lawsuit filed against Zynga, developer of some of the social network's most popular apps. The complaint claims Zynga collected and shared the IDs of 218 million users. Zynga has said the complaint is without merit. A similar lawsuit has been filed against Facebook.

The user IDs by themselves don't reveal personal information, but when combined with other information, they could jeopardize user privacy, critics contend. Facebook recently introduced plans to encrypt user IDs to prevent inadvertent sharing. So-called parameter encryption could make it harder for data brokers, intelligence agencies and other snoops to track the activities of Facebook users. ®

Mobile application security vulnerability report

More from The Register

next story
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Microsoft: You NEED bad passwords and should re-use them a lot
Dirty QWERTY a perfect P@ssword1 for garbage websites
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
NUDE SNAPS AGENCY: NSA bods love 'showing off your saucy selfies'
Swapping other people's sexts is a fringe benefit, says Snowden
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
British data cops: We need greater powers and more money
You want data butt kicking, we need bigger boots - ICO
Crooks fling banking Trojan at Japanese smut site fans
Wait - they're doing online banking with an unpatched Windows PC?
NIST told to grow a pair and kick NSA to the curb
Lrn2crypto, oversight panel tells US govt's algorithm bods
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Mobile application security vulnerability report
The alarming realities regarding the sheer number of applications vulnerable to attack, and the most common and easily addressable vulnerability errors.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.