Do you publish your home address online? Facebook has caused no small amount of concern by quietly opening the address and phone number fields to developers. A post on Saturday by Jeff Bowen in Facebook’s developer support team explained that users’ addresses and mobile phone numbers are being made available on the development platform through a number of APIs.
Users would have to accept a new app and allow it access to personal information. Contact details of friends would not be accessible unless they too accepted the app.
But the primary concern, as neatly summarised by Graham Cluley on the Sophos blog, is that rogue app developers could efficiently harvest this very valuable information by developing apps that scrape this contact information and use it for spam or cold-calling.
“Facebook is already plagued by rogue applications that post spam links to users’ walls, and point users to survey scams that earn them commission – and even sometimes trick users into handing over their cellphone numbers to sign them up for a premium rate service,” he wrote last night. “You have to ask yourself – is Facebook putting the safety of its 500+ million users as a top priority with this move?”
Facebook’s latest API allows developers access to users’ address and mobile number.
This is clearly the downside of Facebook’s open apps policy, though it’s extremely unlikely Facebook would reverse that and head down the Apple road of approving apps – which has a whole set of different problems. Cluley suggests developers should only be granted access to this information if it proven to be a valid use, or that users should be asked to approve sharing this data.
Facebook reminds us that there’s a difference between rogue applications and apps with a genuine reason for accessing your address or phone number. A spokesperson gave the example of an airline’s e-commerce app that could be more useful if it could notify users about last minute flight changes.
“On Facebook you have absolute control over what information you share, who you share it with and when you want to remove it. Developers can now request permission to access a person’s address and mobile phone number to make applications built on Facebook more useful and efficient. You need to explicitly choose to share your data before any app or website can access it and no private information is shared without your permission. As an additional step for this new feature, you’re not able to share your friends’ address or mobile information
To change your shared settings , goto your Account | Privacy Settings , choose ‘customise settings’ and amend the tab accordingly