Facebook apps caught harvesting personal IDs to sell for profit

facebook app farmville violates facebook rules

Popular Facebook apps like Farmville were transmitting Facebook user IDs to data tracking companies who sell the information for profit. Image: CC sabrina.dent/Flickr

Facebook apps have been discovered transmitting personal data from Facebook users to advertisers and Internet marketing companies profiting from the information. Tens of millions of users have had their privacy violated by Facebook apps such as Farmville, Texas HoldEm Poker and FrontierVille. In response to the latest Facebook privacy issue, the company said it had shut down the offending Facebook apps.

Facebook privacy takes another hit

Facebook apps have been transmitting tens of millions of Facebook user IDs to companies who use the data to target personal online habits. A Wall Street Journal investigation discovered that Facebook apps were sending Facebook user ID numbers to at least 25 advertising firms and data processing companies. The Journal wrote that transmitting the user IDs of Facebook users is a direct violation of Facebook rules and raises more questions about Facebook privacy and the company’s ability or willingness to keep personal information secure.

Violating privacy for profit

Most Facebook apps are written by independent developers. Ars Technica reports that many Facebook apps gather a user’s Facebook ID when users install the apps on their profiles. The apps transmit Facebook ID numbers to their own servers, sometimes even when Facebook privacy settings deny such access. Other apps, including Farmville, transmit personal information about the user’s friends to data tracking companies. RapleafInc, developer of Facebook apps such as LOLapps and Family Tree, was caught linking Facebook ID numbers with its own database and selling the information to no fewer than a dozen advertising firms.

Facebook app developers spin an apology

Facebook shut down Rapleaf apps Friday. Information Week reports that Facebook pulled the plug on popular games including Critter Island, Diva Life, Band of Heroes, Yakuza Lords and Facebook versions of Dante’s Inferno and Champions Online. On Sunday, the Facebook developer blog said the developers didn’t intend to collect personal information, but it happened because of how browsers work. After the unauthorized user data loophole was closed, Facebook restored access to the apps. Rather than apologize for invading their Facebook privacy, a LOLapps blog on Monday said the company was sorry that the 150 million Facebook users playing its games had to go without them over the weekend.

Other recent posts by bryanh