Facebook Privacy Breach: What Happened and What You Can Do

By Katie Kindelan Comment

A few days removed from the headline-grabbing Facebook privacy breach that was, we take a deep breath to look at what happened and what steps you can take to protect your privacy online.

The mechanics behind the breach are surprisingly simple and used frequently across the Web to analyze traffic. A referrer URL comes to life whenever you click on an ad or a hyperlink. The referrer identifies the page you are going to from the page you’ve come from.

The Facebook breach, first reported by The Wall Street Journal, took it one step further. Once you log into Facebook, the referrer URLs begin to contain your unique identification number, “Facebook ID,” or, if you’ve opted for a personalized Facebook URL, your name. That can then be passed along inside the URL to the makers of the Facebook apps you’re using, who can then sell it to advertisers and online tracking companies.

And thus, the private information of tens of millions of Facebook users addicted to the site’s most popular apps like FarmVille, TexasHoldEm Poker, and FrontierVille was potentially exposed, even for those who had selected the social network’s strictest privacy settings.

Facebook quickly labeled the media’s response to the breach “exaggerated,” and rightly so. Your “Facebook ID” doesn’t reveal much that couldn’t be found anyway or isn’t that private to begin with.

What is not exaggerated, however, is the role that third party apps played in this breach, as well as the recent iPhone, Twitter and Android privacy concerns.

Who is to blame, exactly, may be difficult for users to hear. The reason that the apps have access to data like your “Facebook ID” is because you, the user, granted the app to access your data, whether you always knew it or not.

So what’s an app user to do? End the apps, or at least know what you’re agreeing to in granting access to your favorite apps and what you, and your friends, may be sharing.

Facebook, to its credit, now allows users to monitor which applications are accessing which parts of their profile through the “Privacy” and “Applications, Games and Websites” function under the “Account” option. Take a look and, if you don’t like what you see, block a specific app, or apps, completely.

From the “Applications, Games and Websites” function, you can also “Turn off all platform applications.” That’s the safest bet, as long as you’re willing to lose your hand in poker or give up your farm.

And don’t let your friends, who could be inadvertently sharing information through their apps, get away so easily either. Under “Privacy,” again, click the “Edit Settings” button next to “Info accessible through your friends,” and uncheck away.