Facebook has instituted a new system whereby developers of Facebook apps can access users’ addresses and phone numbers. While some Facebook users add this information to their pages, and this information is visible to friends, it was not previously accessible to developers. Third parties will now be able to access this information automatically, if users opt in.
The problem with all such schemes is twofold: first, as shown in the sample screenshot above (from the Facebook Developer Blog), is that to use certain apps, users may have no choice but to allow access to this information. The second problem is that it is highly possible that Facebook malware (or, more correctly, cross-site scripting attacks that function when people click links on Facebook) will eventually be able to crack this system and access this information even when users don’t choose to allow it.
Users who are concerned about this information being made public, or, especially, being harvested by advertisers, should delete their addresses and phone numbers from Facebook.
Update: Facebook has announced that they are putting this new feature on hold:
Over the weekend, we got some useful feedback that we could make people more clearly aware of when they are granting access to this data. We agree, and we are making changes to help ensure you only share this information when you intend to do so. We’ll be working to launch these updates as soon as possible, and will be temporarily disabling this feature until those changes are ready. We look forward to re-enabling this improved feature in the next few weeks.
