Security concerns up again as Facebook allows access to addresses, phone numbers

 @ibtimes on January 18 2011 3:48 AM

Facebook's new modification on its privacy policy has yet again brought up concerns on the level of security the social networking site manages to provide its users.

On Friday, Facebook made an announcement that the site was enabling third-party application developers to access users' addresses and cell phone numbers.

We are now making a user's address and mobile phone number accessible as part of the User Graph object. Because this is sensitive information, we have created the new user_address and user_mobile_phone permissions, the post on the Facebook Developer Blog said.

However, aiming to assure the users of the safety of their private information, the site insisted that the data will be available to the developers only if the users explicitly grant permission to it.

Please note that these permissions only provide access to a user's address and mobile phone number, not their friend's addresses or mobile phone numbers, the blog post added.

Nevertheless, these assurances were not convincing for the thousands of users, who have in the past been bitten by the lack of security on Facebook. Justifying the fears of the users, the leading security firm Sophos termed Facebook's new move a recipe for disaster.

Even though on the looks of it the change may not alter anything substantially, the fact that majority of the users hit the Allow button when asked for access to basic information does amount to something worth worrying about.

This change isn't as drastic as it might first appear, because users will need to give permission for third-party Facebook applications to access this data.

But it still sounds like a recipe for disaster, given the prevalence of rogue scam applications already on Facebook - all of which benefit from apparently being blessed by the Facebook name and brand, Graham Cluley, senior technology consultant at IT security and control firm Sophos, is quoted as saying.

Facebook has earned a scathing reputation on security due to the presence of rogue applications, which post spam links on walls, mislead users to survey scams that earn them commission and trick users into handing over other personal data. Now, with the passage opened up to the address and mobile number data, the whole mix is likely to increase the effectiveness of the rogue apps.

While analysts are still trying to figure out why Facebook would take a step such as this, there are several questions on what the third party developers will do with the additional information.

With over 500 million users, Facebook has a lot of private and personal data that the advertisers would love to get their hands on. This would in turn produce revenue for the site. But the site does have a responsibility towards its users. What the social networking site would chose as the priority would be interesting to wait and watch.

Join the Discussion