Facebook privacy functions
Vaizey's proposal comes at a time when the UK's Information Commissioner (ICO) is re-investigating Google's Street view practices where data from individual's unsecured Wi-Fi connections were ‘accidently' collected.
Facebook has just declared it has ‘zero tolerance' on data brokers, after admitting some developers had sold user data.
In October, Facebook's Mike Vernal wrote on the firm's developer blog: "Recently, it has come to our attention that several applications built on Facebook Platform were passing the User ID, (UID) an identifier that we use within our APIs, in a manner that violated this policy. In most cases, developers did not intend to pass this information, but did so because of the technical details of how browsers work."
While it stressed it suspends and disables apps that violate its policy, Facebook also said the press has exaggerated the implications of UIDs being shared. Now Facebook said it is working with browser vendors to fix the problem.
"Moving forward, our policy will state that UIDs cannot leave your application or any of the infrastructure, code, and services you need to build and run your application. You can use services, such as Akamai, Amazon Web Services and analytics services as long as those services keep UIDs confidential to your application," Vernal wrote in a new blog post.
Trying to positioning itself as a responsible site in regards to privacy but also on the developers' side, Facebook said it understands that developers sometimes have to share a UID with content partners, advertisers or service providers but it is adding a mechanism that they must use to share anonymous identifiers for these situations.
"We will release this functionality (available via the Graph API and FQL) early next week. We encourage developers to move to this mechanism quickly and will require it on January 1, 2011," said Facebook.
It stressed it has ‘never sold and will never sell user information' as well as its zero tolerance for data brokers. Facebook believes no private user data was sold and confirmed UIDs that were sold by brokers did not yield any individual's private data.
"This violation of our policy is something we take seriously. As such, we are taking action against these developers by instituting a 6-month full moratorium on their access to Facebook communication channels, and we will require these developers to submit their data practices to an audit in the future to confirm that they are in compliance with our policies. This impacts fewer than a dozen, mostly small developers, none of which are in the top 10 applications on Facebook Platform," said Vernal.
It has also reached an agreement with Rapleaf, an offending broker which will now delete all the UIDs in its possession and avoid Facebook in future.
