Global social networking site Facebook has banned developers it caught selling user names and contact lists for six months and has instructed them that they must subsequently submit themselves to an audit to ensure they comply with the social network's policies.
The sales were uncovered as part of an investigation into a web browser bug that let user IDs (UIDs) be accidentally shared. The user details were sold to data brokers who used the information to target adverts more precisely.
Facebook first began examining the issues surrounding UIDs following media reports that the information and lists of contacts were being sold on to advertising firms. The firm quickly admitted that technical issues with certain browsers meant that some user IDs were being leaked and that some developers that were creating applications for Facebook were selling on the UIDs of those who used them.
Facebook claimed that no private user data was sold and confirmed that transfer of these UIDs did not give access to any private data but said that it was nonetheless taking the breach very seriously. The identity of the developers being punished has not been made public but the total number is understood to be around 10.
Facebook also named ad-targeting firm Rapleaf as one of the data brokers which had been buying UIDs and has reached an agreement with the firm which would permanently end Rapleaf's involvement with any application on Facebook.
The sales were uncovered as part of an investigation into a web browser bug that let user IDs (UIDs) be accidentally shared. The user details were sold to data brokers who used the information to target adverts more precisely.
Facebook first began examining the issues surrounding UIDs following media reports that the information and lists of contacts were being sold on to advertising firms. The firm quickly admitted that technical issues with certain browsers meant that some user IDs were being leaked and that some developers that were creating applications for Facebook were selling on the UIDs of those who used them.
Facebook claimed that no private user data was sold and confirmed that transfer of these UIDs did not give access to any private data but said that it was nonetheless taking the breach very seriously. The identity of the developers being punished has not been made public but the total number is understood to be around 10.
Facebook also named ad-targeting firm Rapleaf as one of the data brokers which had been buying UIDs and has reached an agreement with the firm which would permanently end Rapleaf's involvement with any application on Facebook.
No comments:
Post a Comment