If it's earth-shatteringly bad for your users if their private data is leaked by a third-party, you cannot exfiltrate that data to a thrid-party. Full stop. No amount of policy un-leaks data, and "You cannot continue to operate as a Facebook service" is an empty threat the moment it becomes more valuable for the third-party to violate the agreement than to continue to operate as a Facebook service.
The takeaway: if you are responsible for user privacy, you must do the computations on the user's data. Have partners ship you the computations they wish to do, vet them, and then ship them results compliant with your users' expectations. Don't hand third-parties a subset of the keys to the kingdom and expect an honor system to preserve user privacy.
In this case, the user clicked okay on a dialog that said something like "Share my friend list with this application." It would be sane at that point to expect that the application has access to your friend list. The application typically doesn't want to do a "computation", per se, they want to do something like show you your friends that are already using the application, so that you can share things with them and so on.
There are many, many services that share data in this way. iOS and Android share your contact list in a similar way, for example. And those services have the same exact problem, that sometimes third parties leak data. There is no other, better-implemented way for a platform to share data.
In the end, this is a "scandal" because Facebook is getting bad press already for other issues, and people do not really understand the nature of data platforms so they cannot distinguish big problems from small ones.
Putting control in the hands of the user is quite different from allowing third parties to exfiltrate data on a user without their consent.
(It is worth noting that this approach is still exploitable---third party convinces users to cough up their authentication codes, then acts as the user and makes the request for the whole kingdom themselves. But user education on the amount of power handed to someone when you literally give them your passwords is a separate issue).
(Note that when people talk about data portability they're really talking about federation since social networking can't work otherwise. Non-social data is a little easier.)
At that time the Facebook's API was pretty much open and you can get everything. It was an experiment and Mark Zuckerberg had a lot of hope in what people could do with that data to add value to the users. I was not doubting that he was doing it with good intentions. But he was naive...
Unfortunately, most of the apps were abusing all the channels that Facebook was giving them to get more users and milk money out with ads and micro-payments (ex: through OfferPal Media - now Tapjoy).
During that time I was pretty surprised how much info people were giving away with a click through. Even on the main Facebook product people were posting all kind of stuff, including stupid things they were doing. It really seemed that people were becoming more open and it was the beginning of a new era for privacy (or lack thereof).
Facebook realized pretty quickly what apps were doing and they started adding more granular permissions. Eventually Facebook started limiting more and more access to the API until 2011/2012 when the user generating gold mine was pretty much gone. Again, Facebook has always been working to fix the experience for their users and also to make clear that those where 3rd party apps. But people did not really care.
There have been probably hundred of thousands of apps that had access to "sensitive" user data. According to the Facebook's Term of Service, data could not be stored for more than a certain amount of time. But nothing was technically preventing people to store that data forever...
And here we are...
A couple of local startups were talking about how to leverage the "login with facebook" button. It was a big thing...
Most people I talked to, told me: "The very first thing I do is to save all the email of their friends" or stuff like that.
So yeah, this was years ago. I'm failing to see how this is a surprise at all.
Seems to suggest that FB platform apis were designed to not share any privacy metadata with devs. Maybe not the same as how apps like At The Pool stored that data, but might explain the firehose of data that FB gave devs and now they will point the finger and say it was their fault for these leaks/breaches. Food for thought.
I guess my question for you, considering it looks like you worked with devs at FB, is this article regarding FB platform design accurate? That's the most shocking thing to me that this article conveys, that even if you wanted to ensure data privacy as a dev, you couldn't unless you built a custom tool. I'd be pretty surprised if most (or any) would.
Curious on your thoughts.
Not to downplay the issue... but its clearly written clickbait
I wrote this even with the original link and version of the headline.
That headline the first thing you would likely think is Facebook was using AWS and left some data open somewhere. It 100% implied Facebook was doing more wrong now, instead of the companies that already had the data from the previous issues were not handling the data correctly.
Yes this news is still notable. But the headline gave the wrong impression and was banking on the already bad attitude towards Facebook.
