Skip to main content

New tools aim to plug Facebook leaks

Mark Milian
Many social-network users are unknowingly offering up browsing histories to site providers and personal info to third parties.
Many social-network users are unknowingly offering up browsing histories to site providers and personal info to third parties.
  • Many social-network users unknowingly share info with corporations
  • Some app developers offer to sell access to their databases of personal info
  • New tools help users block developers and the social-network giants from tracking

(CNN) -- Your Facebook friends aren't the only ones reading those wall posts.

Many of Facebook's 600 million members make intimate "friend" connections with corporations without knowing the extent of those relationships.

Facebook users forge these ties when they install a Facebook application from a company, click a "Like" button on a company page or log into many third-party websites by using their Facebook accounts. In many cases, these actions also cause unknowing users to fork over their names, lists of friends, e-mail and home addresses, phone numbers and other personal info.

People who sign up to send greeting cards on Jibjab by using the Facebook Connect button, for example, give that site's owner access to information they've posted on their Facebook profiles. Ditto for apps, those little utilities and games that show up on or interface with the social network. Facebook says users install 20 million apps on the website per day.

Instead of wading through the swamps of app-connection and privacy settings pages buried within Facebook's menus, some third-party developers have designed tools to help people manage the information they're sharing, often unknowingly, with strangers and corporations.

Social Monitor, a service that launched Thursday, is a Web browser extension that looks at apps attached to the user's Facebook, Twitter and LinkedIn accounts.

Social Monitor's dashboard shows an indicator next to each app, which looks like those scary Homeland Security threat level signs at airports. The colors signify how much info the app can access from a social-network profile. Next to that color rating, users see an evaluation of the Facebook app developer's reputation in terms of data privacy.

The Social Monitor tool was developed by, which provides a popular service for opting out of unwanted mass e-mails.

While investigating the market, researchers discovered some unsettling trends with Facebook usage.

Users connect their Facebook accounts with a new service, and therefore granted the keys to their personal info, every three days on average, according to Social Monitor's beta testing research. Most people don't bother to turn off that access to unused apps or are unaware of the option, according to the study. The company did not site the number of subjects who participated in the research.

"Keeping your Facebook authorization hygienic is something that's going to be very important," said CEO James Siminoff. "It's becoming harder to disconnect from this stuff."

To inform Social Monitor's developer-reputation rating, researched or attempted to contact thousands of people behind popular Facebook apps. Many, even ones who had collected tens of millions of people's info, could not be reached, Siminoff said.

Some developers say they make games and other apps for the sole business purpose of collecting personal info and selling access to their databases. Facebook in November suspended its relationships with developers who were caught brokering data.

"Even in the top 10, they're getting huge amounts of information from their customers, and you can't find out who these developers are, where they are," Siminoff said, referring to the most popular Facebook apps. "This seems like a dangerous thing."

Developers of Twitter apps can access people's private messages. (So Congressmen looking to commit a digital indiscretion may want to think twice about doing so through UberSocial.) Next week, Twitter will ask users to give special permission to developers that want access to those correspondences.

Other apps provide shields against even less tangible social-network data snoops.

Disconnect, which has incorporated since CNN reported on the project's launch last year, offers a Web browser extension that blocks Facebook, Twitter and Google from collecting browsing history.

Facebook's "Like" button and the social sharing buttons sprinkled throughout the Web call back to the social-network companies every time it recognizes a visitor. Each company that uses these features says it deletes the info after a reasonable period of time.

The Like button appears on one-third of the top 1,000 websites and Twitter's share feature on one-fifth of those most-trafficked sites, according to data compiled by Disconnect.


Most popular Tech stories right now