Feeds

Facebook to share home addresses, phone numbers

How Zuckerberg learned to stop worrying and love opt in

Internet Security Threat Report 2014

To the dismay of some, Facebook will indeed introduce a new feature that gives users the option of sharing their home addresses and cellphone numbers with third-party application developers.

Facebook managers are still working out specifics, but under a plan the company outlined late last month, the site would allow users to plug their address and phone number into applications they run on their accounts. The information would be shared only after a user specifically grants permission, and the information could be removed at any time by making a few changes in the user's settings panel.

Facebook already forbids people under 13 to use its services. The company still hasn't decided whether it users under the age of 18 will be permitted to share their address and phone number at all. Facebook also hasn't decided when the new capability will be rolled out.

The plan is being watched carefully by US Representatives Edward Markey and Joe Barton, co-chairs of the House Bi-Partisan Privacy Caucus. When Facebook first announced its intentions in January to allow address and phone number sharing, they objected to the plan, despite its opt-in nature. They said it was problematic “given the sensitivity of personal addresses and mobile phone numbers compared to other information users provide Facebook.”

Markey and Barton, a Massachusetts Democrat and a Texas Republican respectively, voiced their objections in a February 2 letter to CEO Mark Zuckerberg, but by then the criticism was so stiff that Facebook had already put the plan on hold.

Last week, Facebook VP for Global Public Policy Marne Levine sent a response (PDF) to the congressmen reiterating that the additional information would be shared only with a user's explicit permission.

“We allowed applications to ask users for that information, through a permissions screen, represented below, that provided clear and conspicuous notice to the user regarding what information the application is seeking,” Levine wrote. “Nor did we require or encourage users to grant such access.”

Facebook permissions screen

Levine went on to explain that users of certain third-party apps, such as those that send text messages to cellphones or deliver printed photos, might benefit from the feature.

The congressmen say the plan is still unsatisfactory.

“I don't believe that applications on Facebook should get this information from teens, and I encourage Facebook to wall off access to teen's contact information if they enable this new feature,” Markey wrote in a press release. “Facebook has indicated that the feature is still a work in progress, and I will continue to monitor the situation closely to ensure that sensitive personal user data, especially those belonging to children and teenagers, are protected.”

People are right to be wary of Facebook. Too many times over the past few years, the social network has betrayed a better-to-beg-for-forgiveness-than-ask-for-permission approach to sharing users' personal information by repeatedly relaxing its privacy policies without first getting explicit approval for the changes. That's not what's happening this time.

It's still questionable whether it's a good idea to share intimate information with a site that generates billions of dollars brokering it to world+dog. But that's life in the 21st Century. Facebook appears to have learned its lesson this time around. Now that the site is seeking informed consent before turning on the feature, it's up to users to decide if they want to use it.

Whether users are too generous with permission screens, as we've worried about in the past, is something better sorted out by Darwinian evolution than politicians. ®

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.