Following a series of Wall Street Journal articles that highlighted the ways in which some third-party applications were sharing user data with advertisers, Facebook has declared a zero-tolerance policy for any developers who sell information to data brokers.
While we determined that no private user data was sold and confirmed that transfer of these UIDs did not give access to any private data, this violation of our policy is something we take seriously. As such, we are taking action against these developers by instituting a 6-month full moratorium on their access to Facebook communication channels, and we will require these developers to submit their data practices to an audit in the future to confirm that they are in compliance with our policies. This impacts fewer than a dozen, mostly small developers, none of which are in the top 10 applications on Facebook Platform.
The large data broker Rapleaf, which was highlighted by the Journal article, was not subject to this moratorium, but has agreed to delete all the Facebook User IDs in its database and promise “not to conduct any activities on the Facebook Platform (either directly or indirectly) going forward.”
Its hard to imagine that a data broker like Rapleaf, which makes a business out of selling user profiles to advertisers, would really give up snooping around Facebook. After all, with nearly five times as many users as the next largest social network, Facebook is the world’s biggest and best source of personal information.
The language of the post makes it seem as though Rapleaf will continue to glean data, but will have to do its scraping without any official access to the Facebook Platform.
It’s a solid compromise. Rapleaf gets to continue its lucrative business of assembling and selling user profiles to advertisers and Facebook gets the deniability it needs to keep users comfortable using its site.