Facebook has temporarily suspended a move to share user mobile phone numbers and addresses with applications.
Facebook has temporarily backed away from its decision to allow
applications to access users' mobile phone and address information.
The decision to share the information touched off days
controversy as privacy advocates and security pros aired concerns the
feature could be abused. According to Facebook, the idea was to make
applications more efficient. The change, for example, could have
allowed users to share their address and mobile phone number "with a
shopping site to streamline the checkout process," blogged Douglas Purdy
, director of developer relations for Facebook.
"Over the weekend, we got some useful feedback that we could make
people more clearly aware of when they are granting access to this
data," Purdy blogged. "We agree, and we are making changes to help
ensure you only share this information when you intend to do so. We'll
be working to launch these updates as soon as possible, and will be
temporarily disabling this feature until those changes are ready. We
look forward to re-enabling this improved feature in the next few
Facebook did not state exactly what those changes will be.
The social network's initial plans sparked discussions regarding privacy and security concerns,
some people questioning the wisdom of handing such information off to
developers. Some speculated the situation could be abused by rogue
developers to harvest personal data. The company, however, stressed
that users would still need to grant applications permission to access
"As with the other information you share through our permissions process
you need to explicitly choose to share this data before any application
or Website can access it, and you cannot share your friends' address or
mobile number with applications," Purdy wrote. "Also, like other data
you make available to third party apps and Websites, you can always
clearly see and control the ways your information is being used in the
The best solution would be to permit users to provide this data via
a dropdown or checkbox when they choose to add an application, blogged Chester Wisniewski
, a senior security adviser at Sophos Canada. It should not be required, however, he opined.
"Users who want the convenience that Facebook is offering should be
able to choose to share their information, but those of us who are more
security-conscious should be able to opt out and elect to type it in
when necessary," he wrote. "Facebook has been pushing the boundaries of
privacy for a long time, but despite the uproar, few in the community
have abandoned the service. It is great news that Facebook is
responding to the outrage about this recent change, but I wonder if
most users will be satisfied with their eventual solution."