Sections

FarmVille and other Facebook games unknowingly leaking private details

User and friend names transmitted and sold to ad firms

A number of leading Facebook applications including some of its most popular games have been identified as transmitting users' identities to third-party firms.

In most cases this has seemingly been done without the developers' knowledge, but Facebook this weekend shut down apps identified as deliberately sharing information (including a number by VC-backed startup LOLapps Media).

An investigation by The Wall Street Journal found that games such as Zynga's FarmVille and Texas HoldEm Poker were apparently inadvertently making players' Facebook IDs from which real names can be easily established to data-mining and advertising companies.

In some cases (again including FarmVille), the identity of users' friends was also shared. "Zynga has a strict policy of not passing personally identifiable information to any third parties," claimed a spokeswoman. "We look forward to working with Facebook to refine how web technologies work to keep people in control of their information."

The WSJ outed a data firm known as RapLeaf as selling on a database of users which included those extrapolated from leaked Facebook IDs. It was also found to be transmitting user IDs to a dozen more marketing organisations, which it claimed was unintentional.

Facebook confirmed it would be taking steps to prevent this from continuing, as well as shutting down any further apps found to be deliberately transmitting information.

The company also claimed that knowledge of user IDs doesn't entail access to anything other than real names, but pledged to tighten its systems in response to the findings.

"This is an even more complicated technical challenge than a similar issue we successfully addressed last spring on Facebook.com," said a spokesman, "but one that we are committed to addressing."

The social network has been subject to significant scrutiny over its privacy systems, and in June this year was forced to overhaul its security controls in response to widespread user concern and confusion over what details were being made public.

Related stories

Zynga sues two former employees over data theft

Both creators now at rival firm Scopely

By Christopher Dring

Facebook: "We've just unlocked a very, very big gaming platform"

Leo Olebe explains Facebook's deeper push into games with Instant Games like Pac-Man becoming available through Messenger and News Feed

By James Brightman

Latest comments (16)

Kirill Yarovoy Game designer / Narrative designer / Writer 6 years ago
I never trusted 3rd party apps at social networks and was afraid of leak. My friends called me a paranoiac, but now i feel better because i was right. Not same investigation should be started at another social networks like Vk (vkontakte).
0Sign inorRegisterto rate and reply
Kieran Harkin6 years ago
Anyone playing FarmVille deserves to be mass e-mailed spam
0Sign inorRegisterto rate and reply
Kingman Cheng Illustrator and Animator 6 years ago
To be quite honset I can't say I'm surprised...
0Sign inorRegisterto rate and reply
Show all comments (16)
Paul Shirley Programmers 6 years ago
Let's not pretend there's any technical issue here: Facebook simply don't respect privacy, profit from that lack of respect and have a corporate policy of doing the exact minimum needed to appease their users.

Their users are so careless about their own privacy that 'mimimum' will be very, very minimal.

So business as usual for Facebook and their corporate buddies.
0Sign inorRegisterto rate and reply
Darren Adams Managing Director, ChaosTrend6 years ago
'unknowingly', ha don't make me laugh.
0Sign inorRegisterto rate and reply
Christopher McCraken CEO/Production Director, Double Cluepon Software6 years ago
Why is anyone surprised by this? My guess is, FB knew but maintained plausible deniability regarding this. Facebook is a place you are forbidden, by policy, to be anonymous. Having all of those real names is just too much a temptation for any faceless business entity. What shocks me more is that people willingly go along with such a system.
0Sign inorRegisterto rate and reply
Mark Hill Studying Computing & Networks, University of Abertay Dundee6 years ago
I notice that they're only punishing developers that are 'deliberately' leaking data.
How about they punish all those 'accidental' leaks and encourage a little security.
Sounds like they're only going to slap the wrists of people being too obvious, and everyone else can carry on.
0Sign inorRegisterto rate and reply
Petr Mores Principal Animator, Crytek6 years ago
Is it not the very raison d'etre of Facebook itself to harvest all kinds of personal information in order to monetize them?



0Sign inorRegisterto rate and reply
Yiannis Koumoutzelis Founder & Creative Director, Neriad Games6 years ago
there is no such thing as "unknowingly" in piece of code that transmits to specific 3rd party recipients in such massive way.

I hate corporate wars :)
0Sign inorRegisterto rate and reply
Giora Eshkol 3D Animator / Facial Animation Specialist 6 years ago
I am an artist and was 3 years on facebook had 1600 friends visiting my art and making comments
I used facebook to communicate with my family
last week no warning or explanation my profile was deactivated
I got from them this:
Hi Giora,

Your account was disabled because your behavior on the site was identified as harassing or threatening to other people on Facebook. Prohibited behavior includes, but is not limited to:

Sending friend requests to people you don't know
Regularly contacting strangers through unsolicited Inbox messages
Soliciting others for dating or business purposes

After reviewing your situation, we have determined that your behavior violated Facebook's Statement of Rights and Responsibilities. You will no longer be able to use Facebook. This decision is final and cannot be appealed.

Please note that for technical and security reasons, we will not provide you with any further details about this decision.

Thanks,

Niklas
User Operations
Facebook


What about all my data? and how facebook can be trusted?
geshkol@gmail.com
0Sign inorRegisterto rate and reply
Private Industry 6 years ago
"without the developers"

How is it possible that the application made by the developers can transmit data to third parties without the knowledge of the people who made it?

Good that I don`t play FarmVille or have any information on facebook that would be sensible.
0Sign inorRegisterto rate and reply
George Lachanas Community Management 6 years ago
I'm glad i never played those kinds of games on facebook and that deleted my facebook account after changing all my information !
0Sign inorRegisterto rate and reply
Ryan Duclos Code Monkey, Double Cluepon Software6 years ago
Hi I'm facebook I eat your soul Nom nom nom.
0Sign inorRegisterto rate and reply
Christopher Bowen Owner, Gaming Bus 6 years ago
"Unknowingly" my ass. This is their entire business model! It's what they do. They just wanted plausible deniability.

That sounds like tinfoil hat ranting, but Zynga and Facebook have done this too often for me to take anyone's word at face value.
0Sign inorRegisterto rate and reply
Jamie Watson Studying Bachelor of Games & Interactive Entertainment, Queensland University of Technology6 years ago
thats not good....i played farmvile for a bit a now i find out that my details are been shared!....oh so thats how my inbox became full of junk....looks like i wont be playing on facebook anytime soon...

the simple thing is facebook cant and never can be trusted...i wonder when the public will wake up and hear the music.....

number 1 facebook track "i eat your soul" -mark zuckberg feat. facebook

facebook has just lost all my support ,but i will continue to use it becuase i have friends on it and this is one of the main ways they contact me....

dammm you FACEBOOK!
0Sign inorRegisterto rate and reply
Henry Durrant Programmer, SUMO Digital6 years ago
It has long been established that Facebook Apps have access to most of your information.
That's the reason apps are created, to mine user data to be sold, that's how they make money.
I use as few apps as possible, and as mentioned above, I only use Facebook because it has become an institution.
0Sign inorRegisterto rate and reply

Sign in to contribute

Need an account? Register now.