Wednesday, October 20, 2010

Week 4 Reading - Facebook Privacy Concern

From: http://techland.com/2010/10/18/facebook-in-hot-water-over-leaked-user-ids/

Facebook in Hot Water Over Leaked User IDs

By Doug Aamoth on October 18, 2010

Read more: http://techland.com/2010/10/18/facebook-in-hot-water-over-leaked-user-ids/#ixzz12ub7U4be
Over the weekend, the Wall Street Journal published a story concerning the inadvertent passing of Facebook users' personal information between popular third-party Facebook applications and several outside marketing agencies and data-gathering firms.

Every Facebook user is assigned a unique, non-identifying, numeric "user ID" that's used for several purposes within the site. At the most basic level, for instance, numeric IDs can be used to differentiate several users who have the same first and last names. So if there are 100 people named Joe Smith on Facebook, they each have their own user ID.

Facebook can also make use of these IDs for its own marketing purposes. It may not collect the actual personal information of User #12345 but it knows that User #12345 likes to play FarmVille and knows which kinds of ads that user clicks on, so it can target similar ads to that user in the future.

The problem is that the third-party apps like FarmVille also have access to these unique user ID numbers, and the Wall Street Journal contends that not only have these user IDs been passed to outside marketing and data-gathering companies, but the ID numbers themselves can be used to reveal personally identifying information about the users themselves.

According to the article:
"The information being transmitted is one of Facebook's basic building blocks: the unique 'Facebook ID' number assigned to every user on the site. Since a Facebook user ID is a public part of any Facebook profile, anyone can use an ID number to look up a person's name, using a standard Web browser, even if that person has set all of his or her Facebook information to be private. For other users, the Facebook ID reveals information they have set to share with 'everyone,' including age, residence, occupation and photos.
The apps reviewed by the Journal were sending Facebook ID numbers to at least 25 advertising and data firms, several of which build profiles of Internet users by tracking their online activities."

That's a pretty serious accusation; that "anyone can use an ID number to look up a person's name, using a standard Web browser, even if that person has set all of his or her Facebook information to be private."
Facebook has responded, saying:

"Recently, it has come to our attention that several applications built on Facebook Platform were passing the User ID (UID), an identifier that we use within our APIs, in a manner that violated [Facebook's privacy] policy. In most cases, developers did not intend to pass this information, but did so because of the technical details of how browsers work.

Press reports have exaggerated the implications of sharing a UID. Knowledge of a UID does not enable anyone to access private user information without explicit user consent. Nevertheless, we are committed to ensuring that even the inadvertent passing of UIDs is prevented and all applications are in compliance with our policy."

Basically, Facebook is saying that applications were indeed sending user IDs to outside companies in violation of Facebook's privacy policy but that it may have been inadvertent. More importantly, Facebook is saying that contrary to the Wall Street Journal's report, the user IDs can't be used to look up private personal information.
However, you may recall an article from a couple months ago about a Facebook bug that returned the photo, full name, and e-mail address of any user when trying to log in to the site using their e-mail address. Even if you got the password wrong, you could see the person's name and e-mail address and that data could be harvested using an automated script. If something similar is possible with someone's user ID, it's pretty troubling.

In the meantime, a Facebook spokesperson told the Journal, "We have taken immediate action to disable all applications that violate our terms," and the company blog post says, "We are talking with our key partners and the broader Web community about possible solutions."

Read more: http://techland.com/2010/10/18/facebook-in-hot-water-over-leaked-user-ids/#ixzz12uMiCpXd
Reading comprehension
Answer the following questions in your own words, using the information in the article.
1.     What is the problem reported on the Wall Street Journal concerning Facebook?
2.     What is the function of a numeric “user ID” on Facebook?
3.     How can Facebook make use of these IDs?
4.     According to the WSJ, what can a person do with a Facebook user ID?
5.     According to Facebook, why is there such leak of user IDs?
6.     What is the incident that worries users several months ago?
Vocabulary
Choose the closest meaning to the following words. The words are highlighted in yellow the passage.
1.     Inadvertent
a.     Planned
b.    Unintentional
c.     Adventurous
d.    Inappropriate
2.     Assigned
a.     Pointed
b.    Requested
c.     Given
d.    Categorized
3.     Differentiate
a.     Discriminate
b.    Distinguish
c.     Vary
d.    Confirm
4.     Contend
a.     Fight
b.    Admit
c.     Agree
d.    Argue
5.     Violated
a.     Interrupted
b.    Disturbed
c.     Disregarded
d.    Followed
6.     Exaggerated
a.     Overstated
b.    Stretched
c.     Lenghtened
d.    Emphasized
7.     Compliance
a.     Harmony
b.    Regard
c.     Contrast
d.    Obedience
Expansion
1.     Do you know what marketing agencies and data-gathering firms do? Can you give some examples of such firms?
2.     Can you give some examples of third-paty Facebook applications?
Discussion
1.     Are you worried that your personal information will be collected and used in a way that you don’t consent
2.     Are you annoyed by advertisements?
3.     How do you understand privacy?
Optional
Based on your answers to the comprehension questions, write a summary of the article.
Posted by at

3 comments:

  1. ELLinkOctober 24, 2010 at 7:27 PM

    Answer key
    COMPREHENSION

    1. What is the problem reported on the Wall Street Journal concerning Facebook?

    The distribution of Facebook users’ personal information from third-party Facebook applications to marketing agencies and data-collecting firms.

    2. What is the function of a numeric “user ID” on Facebook?

    To differentiate users who have the same first and last names.

    3. How can Facebook make use of these IDs?

    Collect users’ preferences for advertisement purpose

    4. According to the WSJ, what can a person do with a Facebook user ID?

    Look up a person’s personal information including name, age, residence, occupation and photos

    5. According to Facebook, why is there such leak of user IDs?

    Third-party applications may pass the information due to lack of understanding technical details

    6. What is the incident that worries users several months ago?

    A bug returned personal information to people who tried to log in Facebook even with a wrong password.

    VOCABULARY
    1. unintentional
    2. given
    3. distinguish
    4. argue
    5. disregarded
    6. overstated
    7. obedience

    ReplyDelete
  2. ELLinkOctober 24, 2010 at 7:28 PM

    Quang's opinions regarding privacy on the Internet

    1. Are you worried that your personal information will be collected and used in a way that you don’t consent
    I really worry about that problem because I am afraid that someone can use them to be against me in the future.

    2. Are you annoyed by advertisements?
    Yes, absolutely. When signing up for an account in SUN, the developer of Java, I advertently consent that I want to receive the news from SUN. As a result, every week, they sent me an email that I do not understand what it is about.

    3. How do you understand privacy?
    Not much, since up to now, I have thought too much about benefit coming from registering some programs rather than the adverseness from these programs.

    ReplyDelete
  3. ELLinkOctober 24, 2010 at 8:12 PM

    Like Quang, you may not have thought much about the concept of personal space or privacy. However, you may have been through the time when you didn't want your parents to read your diary, or you didn't want the neighbors to "poke their nose" into your family business. Did you ever just want "to be let alone"?

    In order to help you think more about the issue, I'll include here the definitions of privacy given by a paper by Alice E. Marwick, Diego Murgia Diaz and John Palfrey (downloaded from http://cyber.law.harvard.edu/publications)

    Marwick, Diaz and Palfrey quoted the conception of "right to be let alone” (Warren & Brandeis 1890) or the right to control information of oneself (Westin 1967).

    They also mentioned six aspects of the conception of privacy from Solove (2002)

    (1) the right to be let alone
    (2) limited access to the self, or the ability to shield oneself from unwanted access by others
    (3) secrecy, or the concealment of certain matters from others;
    (4) control over personal information, or the ability to exercise control over information about oneself;
    (5) personhood, or the protection of one’s personality, individuality, and dignity; and
    (6) intimacy, which is to say, control over, or limited access to, one’s intimate relationships oraspects of life.

    I hope that those definitions help you better understand the issue and give you some thought about the issue of online privacy.

    ReplyDelete

Subscribe to: Post Comments (Atom)