Facebook Apps Now Able To Grab Mobile Phone Number, Address
Facebook and privacy, the saga will never end it seems. A recent blog posting over at Facebook by Jeff Bowen outlines some of the platform updates for developers. The announcement is technical and most users have probably skipped it altogether, if they did find it in the first place that is.
Probably the most important information from a Facebook user perspective is the integration of a user's address and mobile phone number as part of the User Graph object. It basically means that application developers can now request permission to access the user's contact information on Facebook.
If a Facebook app requests the information they are displayed on the request for permission prompt. It reads "Access my contact information, Current Address and Mobile Phone Number".
Users who allow access basically hand over their address and mobile phone number, if they have added the data to their Facebook account.
Active Facebook users see those prompts on a regular basis, and it is likely that the majority clicks on the Allow button without reading the permission request first to play the game or access the app.
Rogue apps can exploit the issue to gather addresses and phone numbers next to basic information such as the user's name. With those information available spammers could send personalized SMS spam messages, phishing SMS or use the information for Identity Theft.
Facebook users have a few options at hand to protect their data. Those who do not play games or apps do not need to change anything as it is currently not possible to request permission to access the address and mobile phone number of friends currently.
Users who play games or use apps may want to consider changing or removing mobile phone and address information from Facebook. This way, they can grant access without revealing the information.
Considering that the information are sensitive, it would have been better if Facebook would have added an option to request the data manually from the user instead. A simple prompt asking the user to enter the mobile phone number or address would certainly be more acceptable to the majority of users. It would have the additional benefit of making the Facebook user aware of the request since it would mean that the user had to enter data in a form manually.
Have you added your mobile phone number and / or address to your Facebook account? What's your take on the latest change? (via)Advertisement