Close
Report Comment to a Moderator Our Moderators review all comments for abusive and offensive language, and ensure comments are from Verified Users only.
Please report a comment only if you feel it requires our urgent attention.
I understand, report it. Cancel

FarmVille and other Facebook games unknowingly leaking private details

Mon 18 Oct 2010 7:33am GMT / 3:33am EDT / 12:33am PDT
Online

User and friend names transmitted and sold to ad firms

A number of leading Facebook applications including some of its most popular games have been identified as transmitting users' identities to third-party firms.

In most cases this has seemingly been done without the developers' knowledge, but Facebook this weekend shut down apps identified as deliberately sharing information (including a number by VC-backed startup LOLapps Media).

An investigation by The Wall Street Journal found that games such as Zynga's FarmVille and Texas HoldEm Poker were apparently inadvertently making players' Facebook IDs from which real names can be easily established to data-mining and advertising companies.

In some cases (again including FarmVille), the identity of users' friends was also shared. "Zynga has a strict policy of not passing personally identifiable information to any third parties," claimed a spokeswoman. "We look forward to working with Facebook to refine how web technologies work to keep people in control of their information."

The WSJ outed a data firm known as RapLeaf as selling on a database of users which included those extrapolated from leaked Facebook IDs. It was also found to be transmitting user IDs to a dozen more marketing organisations, which it claimed was unintentional.

Facebook confirmed it would be taking steps to prevent this from continuing, as well as shutting down any further apps found to be deliberately transmitting information.

The company also claimed that knowledge of user IDs doesn't entail access to anything other than real names, but pledged to tighten its systems in response to the findings.

"This is an even more complicated technical challenge than a similar issue we successfully addressed last spring on Facebook.com," said a spokesman, "but one that we are committed to addressing."

The social network has been subject to significant scrutiny over its privacy systems, and in June this year was forced to overhaul its security controls in response to widespread user concern and confusion over what details were being made public.

16 Comments

Kirill Yarovoy Game designer / Narrative designer / Writer

41 5 0.1
I never trusted 3rd party apps at social networks and was afraid of leak. My friends called me a paranoiac, but now i feel better because i was right. Not same investigation should be started at another social networks like Vk (vkontakte).

Posted:4 years ago

#1
Anyone playing FarmVille deserves to be mass e-mailed spam

Posted:4 years ago

#2

Kingman Cheng Illustrator and Animator

955 184 0.2
To be quite honset I can't say I'm surprised...

Posted:4 years ago

#3

Paul Shirley Programmers

178 150 0.8
Let's not pretend there's any technical issue here: Facebook simply don't respect privacy, profit from that lack of respect and have a corporate policy of doing the exact minimum needed to appease their users.

Their users are so careless about their own privacy that 'mimimum' will be very, very minimal.

So business as usual for Facebook and their corporate buddies.

Posted:4 years ago

#4

Darren Adams Managing Director, ChaosTrend

268 609 2.3
'unknowingly', ha don't make me laugh.

Posted:4 years ago

#5

Christopher McCraken CEO/Production Director, Double Cluepon Software

111 257 2.3
Why is anyone surprised by this? My guess is, FB knew but maintained plausible deniability regarding this. Facebook is a place you are forbidden, by policy, to be anonymous. Having all of those real names is just too much a temptation for any faceless business entity. What shocks me more is that people willingly go along with such a system.

Posted:4 years ago

#6

Mark Hill Studying Computing & Networks, University of Abertay Dundee

21 0 0.0
I notice that they're only punishing developers that are 'deliberately' leaking data.
How about they punish all those 'accidental' leaks and encourage a little security.
Sounds like they're only going to slap the wrists of people being too obvious, and everyone else can carry on.

Posted:4 years ago

#7

Petr Mores Principal Animator, Crytek

1 0 0.0
Is it not the very raison d'etre of Facebook itself to harvest all kinds of personal information in order to monetize them?



Posted:4 years ago

#8

Yiannis Koumoutzelis Founder & Creative Director, Neriad Games

363 207 0.6
there is no such thing as "unknowingly" in piece of code that transmits to specific 3rd party recipients in such massive way.

I hate corporate wars :)

Posted:4 years ago

#9

Giora Eshkol 3D Animator / Facial Animation Specialist

1 0 0.0
I am an artist and was 3 years on facebook had 1600 friends visiting my art and making comments
I used facebook to communicate with my family
last week no warning or explanation my profile was deactivated
I got from them this:
Hi Giora,

Your account was disabled because your behavior on the site was identified as harassing or threatening to other people on Facebook. Prohibited behavior includes, but is not limited to:

Sending friend requests to people you don't know
Regularly contacting strangers through unsolicited Inbox messages
Soliciting others for dating or business purposes

After reviewing your situation, we have determined that your behavior violated Facebook's Statement of Rights and Responsibilities. You will no longer be able to use Facebook. This decision is final and cannot be appealed.

Please note that for technical and security reasons, we will not provide you with any further details about this decision.

Thanks,

Niklas
User Operations
Facebook


What about all my data? and how facebook can be trusted?
geshkol@gmail.com

Posted:4 years ago

#10

Private Industry

1,176 182 0.2
"without the developers"

How is it possible that the application made by the developers can transmit data to third parties without the knowledge of the people who made it?

Good that I don`t play FarmVille or have any information on facebook that would be sensible.

Posted:4 years ago

#11

George Lachanas Community Management

1 0 0.0
I'm glad i never played those kinds of games on facebook and that deleted my facebook account after changing all my information !

Posted:4 years ago

#12

Ryan Duclos Code Monkey, Double Cluepon Software

10 0 0.0
Hi I'm facebook I eat your soul Nom nom nom.

Posted:4 years ago

#13

Christopher Bowen Owner, Gaming Bus

118 0 0.0
"Unknowingly" my ass. This is their entire business model! It's what they do. They just wanted plausible deniability.

That sounds like tinfoil hat ranting, but Zynga and Facebook have done this too often for me to take anyone's word at face value.

Posted:4 years ago

#14

Jamie Watson Studying Bachelor of Games & Interactive Entertainment, Queensland University of Technology

179 0 0.0
thats not good....i played farmvile for a bit a now i find out that my details are been shared!....oh so thats how my inbox became full of junk....looks like i wont be playing on facebook anytime soon...

the simple thing is facebook cant and never can be trusted...i wonder when the public will wake up and hear the music.....

number 1 facebook track "i eat your soul" -mark zuckberg feat. facebook

facebook has just lost all my support ,but i will continue to use it becuase i have friends on it and this is one of the main ways they contact me....

dammm you FACEBOOK!

Posted:4 years ago

#15

Henry Durrant Programmer, SUMO Digital

50 43 0.9
It has long been established that Facebook Apps have access to most of your information.
That's the reason apps are created, to mine user data to be sold, that's how they make money.
I use as few apps as possible, and as mentioned above, I only use Facebook because it has become an institution.

Posted:4 years ago

#16

Login or register to post

Take part in the GamesIndustry community

Register now