Facebook rolls out new third-party app security policy

The latest move by Facebook to quell the uproar over its privacy settings requires third-party developers to request and receive permission from account holders for access to personal information stored in user profiles.

Henceforth, Facebook users attempting to access a new third-party application or website on the service will see a pop-up permissions box outlining the type of information to be shared.

“With this new authorization process, when you log into an application with your Facebook account, the application will only be able to access the public parts of your profile by default”, said Facebook CTO Brent Taylor in a blog posting. “To access the private sections of your profile, the application has to explicitly ask for your permission.”

Infosecurity notes that this opt-in data sharing feature has been advocated for by numerous privacy supporters, and is an apparent about face for a company that, just several weeks ago, said their privacy policies were “entirely proper” and little more than a “backlash to a public relations failure”.

Nonetheless, the Facebook CTO would go on to say that personal information, in the company’s view, belongs to the user and that sharing of that data should be easily controlled.

“If at any point you ask a developer to remove the data you’ve granted them access to”, added Taylor, “[then] we require that they delete this information.”

What’s Hot on Infosecurity Magazine?