Facebook's latest privacy breaches have gotten the attention of Congress. US Representative Edward Markey (D-MA) and Joe Barton (R-TX) have written a joint letter (PDF) to Facebook CEO Mark Zuckerberg, interrogating him on what the company knew about third-party applications transmitting user data and what the company is doing to remedy the situation.
*Although Facebook often finds itself on the wrong end of the PR stick when it comes to user privacy, this is one area where the company usually does pretty well.*A report was published Sunday night by the Wall Street Journal, which conducted its own investigation into the behaviors of Facebook's "tens of millions" of apps. The newspaper found that many of them gather and transmit a user's Facebook ID when the app is installed and used on a user's profile.
That's not such a huge deal, but some apps went so far as to collect other personal information and friend lists from users—even in cases when the user's profile was set to completely private. One company, responsible for several Facebook apps, was found to be gathering Facebook IDs and cross-checking them with its own database of users from the Internet. That's a much bigger deal.
Markey and Barton expressed concern about the report in their letter, largely due to the age range and sheer number of Facebook users there are worldwide. The two congressmen have 18 questions that they want Zuckerberg to answer by October 27, ranging from whether Facebook users were notified of the breaches to who at Facebook is responsible for holding third-party developers to Facebook's terms.
Some of the questions seemed to go into detail far beyond what Facebook (and its users) typically do on the site—for example, one asks how much personal financial or medical data was breached—but most of the questions require Facebook to comb over its paperwork, 'fess up about any other third-party breaches, tell the Congressmen how much it makes from third-party apps, and formulate a plan to prevent this kind of thing in the future.
Although Facebook often finds itself on the wrong end of the PR stick when it comes to user privacy, this is one area where the company usually does pretty well. There's a whole privacy section for third-party apps that shows you the last time those apps accessed your profile and exactly what information those apps pulled at that time. Additionally, Facebook already cracks down on apps that violate its terms by collecting unauthorized user data.
It seems there's not much more Facebook could do in this situation aside from getting rid of apps altogether, but it's likely that most Farmville-addicted Facebook users would object to that move more passionately than having their friend lists leaked to advertisers.
