Congressmen Question Facebook Privacy

Two congressmen sent a letter to Facebook CEO Mark Zuckerberg with questions about user privacy in light of the latest controversy.

Two congressmen have sent Facebook a letter with questions about privacy in light of the recent controversy regarding applications exposing user data.

An investigation by the Wall Street Journal revealed some of the most popular applications on Facebook were exposing User IDs, the identifying numbers Facebook assigns to users. The numbers can be used to look up a user's name as well as any other public information on their account. The applications reviewed by the Journal were sending Facebook IDs to at least 25 advertising and data firms, the paper reported.

In response to the incident, Reps. Joe Barton, R-Texas, and Edward Markey, D-Mass., sent Facebook CEO Mark Zuckerberg a list of questions seeking more information about the situation.

"Given the number of current users, the rate at which that number grows worldwide, and the age range of Facebook users, combined with the amount and the nature of information these users place in Facebook's trust, this series of breaches of consumer privacy is a cause for concern," the lawmakers wrote.

Among the questions in the letter are what procedures does Facebook have in place to detect and prevent third-party apps from violating its privacy policies, and how many users were impacted. A copy of the letter can be viewed here (PDF).

A Facebook spokesperson told eWEEK the site would work with the congressmen to answer questions they have.

"Facebook is committed to safeguarding private data while letting people enjoy meaningful social experiences with their friends," the spokesperson said. "As our privacy policy states, when a Facebook user connects with an application, the user ID is part of the information that the application receives. The suggestion that the passing of a user ID to an application, as described in Facebook's privacy policy, constitutes a 'breach' is curious at best."

"We also prohibit applications from transferring user data to ad networks or data brokers, and when we receive a report that such an improper transfer has occurred, we investigate and take action as appropriate," he continued. "We are continually working with developers and other responsible parties in the community to put in place further safeguards against violations of our terms."

In an online poll of more than 1,000 people, Sophos found about 95 percent believe Facebook should follow Apple's example and institute a strict review policy for third-party applications on the site.

"Apple has successfully run a 'walled garden' on its iPhone App Store, meaning that only approved apps are allowed to be run on the iPhone, iPad and iPod Touch," said Graham Cluley, senior technology consultant a Sophos, in a statement. "Although some people may not appreciate the level of control that Apple has over what apps you can run on your device, it certainly has been instrumental in keeping malicious hackers and malware off the platform."