Facebook to share home addresses, phone numbers

How Zuckerberg learned to stop worrying and love opt in


To the dismay of some, Facebook will indeed introduce a new feature that gives users the option of sharing their home addresses and cellphone numbers with third-party application developers.

Facebook managers are still working out specifics, but under a plan the company outlined late last month, the site would allow users to plug their address and phone number into applications they run on their accounts. The information would be shared only after a user specifically grants permission, and the information could be removed at any time by making a few changes in the user's settings panel.

Facebook already forbids people under 13 to use its services. The company still hasn't decided whether it users under the age of 18 will be permitted to share their address and phone number at all. Facebook also hasn't decided when the new capability will be rolled out.

The plan is being watched carefully by US Representatives Edward Markey and Joe Barton, co-chairs of the House Bi-Partisan Privacy Caucus. When Facebook first announced its intentions in January to allow address and phone number sharing, they objected to the plan, despite its opt-in nature. They said it was problematic “given the sensitivity of personal addresses and mobile phone numbers compared to other information users provide Facebook.”

Markey and Barton, a Massachusetts Democrat and a Texas Republican respectively, voiced their objections in a February 2 letter to CEO Mark Zuckerberg, but by then the criticism was so stiff that Facebook had already put the plan on hold.

Last week, Facebook VP for Global Public Policy Marne Levine sent a response (PDF) to the congressmen reiterating that the additional information would be shared only with a user's explicit permission.

“We allowed applications to ask users for that information, through a permissions screen, represented below, that provided clear and conspicuous notice to the user regarding what information the application is seeking,” Levine wrote. “Nor did we require or encourage users to grant such access.”

Facebook permissions screen

Levine went on to explain that users of certain third-party apps, such as those that send text messages to cellphones or deliver printed photos, might benefit from the feature.

The congressmen say the plan is still unsatisfactory.

“I don't believe that applications on Facebook should get this information from teens, and I encourage Facebook to wall off access to teen's contact information if they enable this new feature,” Markey wrote in a press release. “Facebook has indicated that the feature is still a work in progress, and I will continue to monitor the situation closely to ensure that sensitive personal user data, especially those belonging to children and teenagers, are protected.”

People are right to be wary of Facebook. Too many times over the past few years, the social network has betrayed a better-to-beg-for-forgiveness-than-ask-for-permission approach to sharing users' personal information by repeatedly relaxing its privacy policies without first getting explicit approval for the changes. That's not what's happening this time.

It's still questionable whether it's a good idea to share intimate information with a site that generates billions of dollars brokering it to world+dog. But that's life in the 21st Century. Facebook appears to have learned its lesson this time around. Now that the site is seeking informed consent before turning on the feature, it's up to users to decide if they want to use it.

Whether users are too generous with permission screens, as we've worried about in the past, is something better sorted out by Darwinian evolution than politicians. ®


Other stories you might like

  • Facebook phishing campaign nets millions in IDs and cash
    Hundreds of millions of stolen credentials and a cool $59 million

    An ongoing phishing campaign targeting Facebook users may have already netted hundreds of millions of credentials and a claimed $59 million, and it's only getting bigger.

    Identified by security researchers at phishing prevention company Pixm in late 2021, the campaign has only been running since the final quarter of last year, but has already proven incredibly successful. Just one landing page - out of around 400 Pixm found - got 2.7 million visitors in 2021, and has already tricked 8.5 million viewers into visiting it in 2022. 

    The flow of this phishing campaign isn't unique: Like many others targeting users on social media, the attack comes as a link sent via DM from a compromised account. That link performs a series of redirects, often through malvertising pages to rack up views and clicks, ultimately landing on a fake Facebook login page. That page, in turn, takes the victim to advert landing pages that generate additional revenue for the campaign's organizers. 

    Continue reading
  • Google has more reasons why it doesn't like antitrust law that affects Google
    It'll ruin Gmail, claims web ads giant

    Google has a fresh list of reasons why it opposes tech antitrust legislation making its way through Congress but, like others who've expressed discontent, the ad giant's complaints leave out mention of portions of the proposed law that address said gripes.

    The law bill in question is S.2992, the Senate version of the American Innovation and Choice Online Act (AICOA), which is closer than ever to getting votes in the House and Senate, which could see it advanced to President Biden's desk.

    AICOA prohibits tech companies above a certain size from favoring their own products and services over their competitors. It applies to businesses considered "critical trading partners," meaning the company controls access to a platform through which business users reach their customers. Google, Apple, Amazon, and Meta in one way or another seemingly fall under the scope of this US legislation. 

    Continue reading
  • Zuckerberg sued for alleged role in Cambridge Analytica data-slurp scandal
    I can prove CEO was 'personally involved in Facebook’s failure to protect privacy', DC AG insists

    Cambridge Analytica is back to haunt Mark Zuckerberg: Washington DC's Attorney General filed a lawsuit today directly accusing the Meta CEO of personal involvement in the abuses that led to the data-slurping scandal. 

    DC AG Karl Racine filed [PDF] the civil suit on Monday morning, saying his office's investigations found ample evidence Zuck could be held responsible for that 2018 cluster-fsck. For those who've put it out of mind, UK-based Cambridge Analytica harvested tens of millions of people's info via a third-party Facebook app, revealing a – at best – somewhat slipshod handling of netizens' privacy by the US tech giant.

    That year, Racine sued Facebook, claiming the social network was well aware of the analytics firm's antics yet failed to do anything meaningful until the data harvesting was covered by mainstream media. Facebook repeatedly stymied document production attempts, Racine claimed, and the paperwork it eventually handed over painted a trail he said led directly to Zuck. 

    Continue reading
  • Another VPN quits India, as government proposes social media censorship powers
    New Delhi now fighting criticism of eroding free speech and privacy with two proposed regulations

    India's tech-related policies continue to create controversy, with fresh objections raised to a pair of proposed regulation packages.

    One of those regulations is the infosec reporting and logging requirements introduced by India's Computer Emergency Response Team (CERT-In) in late April. That package requires VPN, cloud, and numerous other IT services providers to collect customers' personal information and log their activity, then surrender that info to Indian authorities on demand. One VPN provider, ExpressVPN, last week quit India on grounds that its local servers are designed not to record any logs so compliance would be impossible. ExpressVPN will soon route customers' traffic outside India.

    On Tuesday, another VPN – Surfshark – announced it would do likewise.

    Continue reading

Biting the hand that feeds IT © 1998–2022