>Advice from Unofficial Guide to FB Privacy and Security – Telephone Numbers


Facebook will re-enable apps to request permission to access phone numbers and addresses. Facebook’s reply to Congressmen:

by Unofficial Guide to FB Privacy and Security on Monday, 28 February 2011 at 21:19

In January Facebook allowed Apps to request access to users phone numbers and address’s in their dialogue permissions, (temporarily disabled after negative feedback.) Congressman Barton and Congressman Markey wrote a letter to Facebook which asked various questions about this practise including plans to re-enable the feature. We posted this information on February 6 2011.

Facebook’s Marne Levine has issued a three page response to those questions which in short states that this feature will be re-enabled. 

Note that Apps can only access information uploaded to Facebook.  If a mobile number is not uploaded, the App cannot access it.  Also note that when developers were given permission to request access to this information, most permissions dialogue boxes had the request as part of the Basic Information required to use the App, meaning that if the user did not want to allow access to this information they would not be able to use the app at all. 

Facebook’s Developer Principles and Polices (https://developers.facebook.com/policy/) states “You will only request the data you need to operate your application.”

In Marne Levine’s response she uses two screenshots to describe app permissions dialogue boxes.  The examples is for the apps ‘My Great Website’ and ‘Farmville’.   Neither App offer anything new to the user which would require this information in order to use it.  In my opinion unless the app requires the users address in order to run such as a location finder, or their phone number in order to run such as a tool which would text information to that users, this information should never be requested.

Although Ms Levine explains in Answer 1 “we are assessing potential additions to the permissions screen that would appear when an application requests a users contact information”, this does not mean that apps won’t ask for access to this information in order to use the app on the initial request. 

I also noted at the time this additional information was permitted access by Facebook that the ‘Information accessible through my friends’ was not updated to include phone number and address.  I have discussed previously that apps are accessing the following information from users friends:

Significant Others and Relationship
About Me

These information sections are not listed in the Information accessible through my friends‘ privacy setting which means that users cannot deny access to them.  Users phone numbers and addresses were also not added to the list during the time this feature was enabled.  I have previously asked both Tim Sparapani and Andrew Noyes to determine the reason why these data sections are not covered in this privacy setting and whether Facebook will include them, however no reply was given even though I discussed several issues with Mr Sparapani in 2010 following Marc Rotenberg’s decision to include them in his testimony in US Congress.   

I can see no explanation from Ms Levine as to why the examples she uses would require access to the users phone number or address in order to run and this is a question I will pose to both Congressmen and have already posed to Marc Rotenberg, President of EPIC.  I will also how Facebook plans to determine which apps have are validated as needing this information in order to run, and how the procedures in place will ensure only those apps request this data.

Apps play a hugely important role for Facebook users.  They are fun to use and help users engage with friends old and new.  Any app on or off the Facebook platform will access data.  Facebook does more than most platforms and gives users the opportunity to see what data is accessed by apps and when, and forces apps to request permission to access data before the app is used.  Ultimately the choice to share data in order to use an app is in the hands of the user and if the level of data requested to access becomes more than people are uncomfortable with, then they should take control and decide whether they still want to use that app.  Users can also ask app developers to delete their data, another policy imposed by Facebook.

Here is the link to the Congressmen’s letter:

This is Marne Levine’s response:

Remember, Facebook is a website designed for sharing.  Never upload any information to a social network if you are not comfortable for that information to be shared.  Privacy settings are designed so that information you share is only shared to those you choose at the time it is uploaded.  However that information can be shared by those authorized to see it. 

To check what data you may be sharing to apps you use, or those of your friends, click
Account Settings> Privacy Settings > Apps and Websites.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: