[Bad] Facebook automatically shares your information

1056 views
Skip to first unread message

Michiel de Jong

unread,
Jun 13, 2012, 3:13:54 PM6/13/12
to to...@googlegroups.com
according to http://www.kickstarter.com/projects/joeandrieu/a-standard-information-sharing-label

Facebook automatically shares your information with Bing, Pandora,
TripAdvisor, Yelp, Rotten Tomatoes, Clicker, Scribd, and Docs, unless
you manually opt-out

Hugo Roy

unread,
Jun 19, 2012, 1:11:59 PM6/19/12
to to...@googlegroups.com
Yes, this is the Facebook Partners program. See the full data use
policy:
https://www.facebook.com/full_data_use_policy#ip

there are obviously tons of data points in that document. But I'm not
done processing it.

--
Hugo Roy
French Coordinator, FSFE chat: hu...@jabber.fsfe.org
www.fsfe.org/about/roy mobile: +336 08 74 13 41
mobile DE: +49 151 143 56 563

Hugo Roy

unread,
Jan 12, 2013, 8:56:40 AM1/12/13
to to...@googlegroups.com
Le mardi 19 juin 2012 à 19:11 +0200, Hugo Roy a écrit :
> Le mercredi 13 juin 2012 à 21:13 +0200, Michiel de Jong a écrit :
> > according to http://www.kickstarter.com/projects/joeandrieu/a-standard-information-sharing-label
> >
> > Facebook automatically shares your information with Bing, Pandora,
> > TripAdvisor, Yelp, Rotten Tomatoes, Clicker, Scribd, and Docs, unless
> > you manually opt-out
> >
>
> Yes, this is the Facebook Partners program. See the full data use
> policy:
> https://www.facebook.com/full_data_use_policy#ip
>

So, nobody wants to review that? This is just about finding the relevant
part to quote from the ToS ;)

No volunteers?

The key part would be to determine what information from the user is
shared exactly.
--
Hugo Roy
French Coordinator, FSFE chat: hu...@jabber.fsfe.org
Support the FSFE, sign up ↓ mobile: +336 08 74 13 41
https://www.fsfe.org/support

zapg...@gmail.com

unread,
Aug 9, 2013, 3:13:41 PM8/9/13
to to...@googlegroups.com

QUESTION:

If I'm posting copyrighted material (photo) on my facebook that I do not own the copyright to and facebook shares/uses that material, can the original copyright owner file suit against facebook that they did not grant the use of the photo to facebook, that essentially facebook is using a pirated image?

ujwal...@gmail.com

unread,
Aug 4, 2014, 10:01:06 AM8/4/14
to to...@googlegroups.com
How do i manually opt out?

When the outside services prompt Facebook to ask whether we should authorize the app and tell they have access to basic information, should to decline and not use the service?

Message has been deleted

Hedge Sparrow

unread,
Nov 13, 2014, 2:54:13 AM11/13/14
to to...@googlegroups.com

From https://www.facebook.com/full_data_use_policy#ip :

Instant personalization (sometimes also referred to as "Start now") is a way for Facebook to help partners (such as Bing and Rotten Tomatoes) on and off Facebook to create a more personalized and social experience for logged in users than a social plugin can offer. When you visit a site or app using instant personalization, it will know some information about you and your friends the moment you arrive. This is because sites and apps using instant personalization can access your User ID, your friend list, and your public information.

They automatically give your info to partner sites (from this I can't tell if they share the info when you visit those sites or if those sites have access to that information anyway. In any case, it seems the info they share is more-or-less public anyway (see underlined above).

The first time you visit a site or app using instant personalization, you will see a notification letting you know that the site or app has partnered with Facebook to provide a personalized experience.
The notification will give you the ability to disable or turn off instant personalization for that site or app. If you do that, that site or app is required to delete all of the information about you it received from Facebook as part of the instant personalization program. In addition, we will prevent that site from accessing your information in the future, even when your friends use that site.
If you decide that you do not want to experience instant personalization for all partner sites and apps, you can disable instant personalization from the “Apps” settings page.
If you turn off instant personalization, these partner third party sites and apps will not be able to access your public information, even when your friends visit those sites.

COMMENT: Thus, you can turn off info sharing (so far, it seems, only on a case by case basis). If you turn off personalization via this notification, the site/app is required to delete all the info it received from Facebook.

If you turn off an instant personalization site or app after you have been using it or visited it a few times (or after you have given it specific permission to access your data), it will not automatically delete information about you it received through Facebook. Like all other apps, the site is required by our policies to delete information about you if you ask it to do so.

COMMENT: Here I get somewhat confused; the first sentence suggests that the site/app can keep your information if you've already given it permission, or if you have used it multiple times without turning off personalization. Okay. Then the second sentence says they're required to delete that information if you ask.
So, I suppose that means if you didn't turn off personalization when the notification showed up the first time, turning off personalization is NOT deleting the information which has already been given out. Deletion only happens when the site/app is expressly asked to delete your personal information. It seems you do this through Facebook, but how is anyone's guess.

Hedge Sparrow

unread,
Nov 13, 2014, 3:11:28 AM11/13/14
to to...@googlegroups.com
Moreover, from the next section "How It Works":

Instant personalization partners sometimes use an email hash process to see if any of their users are on Facebook and get those users' User IDs. This process is similar to searching for someone on Facebook using an email address, except in this case, the email addresses are hashed so no actual email addresses are exchanged. The partner is also contractually required not to use your User ID for any purpose (other than associating it with your account) until you or your friends visit the site.

They get (limited, it seems) access to Facebook's user information in order to see if any of their users are also on Facebook. They can't use your fb user id until you visit their site (which begs the question: how do they know you've visited their site assuming you don't have an account or haven't logged on?)

In addition to public info, it can see your user id, friends list (and any info they have made public). Unless given your express permission, the site/app cannot see any information you haven't made public

But, y'know. You may have given that permission in their ToS. ;")

Michiel de Jong

unread,
Nov 14, 2014, 6:32:07 AM11/14/14
to to...@googlegroups.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Hedge, thanks for the reviewing!

So this is about the new Facebook terms which are currently in
"proposal" status, right? I just read
http://venturebeat.com/2014/11/13/facebook-turns-its-data-policy-into-something-a-human-can-actually-read/
about that.

On 13.11.2014 08:11, Hedge Sparrow wrote:
> Moreover, from the next section "How It Works":
>
> Instant personalization *partners sometimes use an email hash
> process to
>> see if any of their users are on Facebook and get those users'
>> User IDs*. This process is similar to searching for someone on
>> Facebook using an email address, except in this case, *the email
>> addresses are hashed so no actual email addresses are exchanged*.
>> *The partner is also contractually required not to use your User
>> ID for any purpose (other than associating it with your account)
>> until you or your friends visit the site*.
>
>
> They get (limited, it seems) access to Facebook's user information
> in order to see if any of their users are also on Facebook. They
> can't use your fb user id until you visit their site (which begs
> the question: how do they know you've visited their site assuming
> you don't have an account or haven't logged on?)
>
> In addition to public info, it can see your user id, friends list
> (and any info *they* have made public). *Unless given your express
> permission, the site/app cannot see any information you haven't
> made public*.
>
> But, y'know. You may have given that permission in *their *ToS.
> ;")
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJUZeguAAoJECmDVpL5muhKNNMP/R2jHyRt6Wfy1p/KLMLggmW+
nOmMhcW8RMX4HkWzEvoNeKPvOMXN8rrEhwIbMvT5veAudscHoIuQc+PjmFJgTduu
WYaC2ZoKDeEZhxqzBZMQs1tYuezaxn+aa73W9SxNm6B4Vsdp2i/T29iT1XXiVO3J
8b8ZZPkRA5cKfsQszPdXH83kJL6o3/8dIAQfVfrTlIhFd2k6gcyTSZ/+667/QrRW
7g1NH/sAUfNVE5dBJaOC0gEKFzEqkkWtuw77PQHY4g+IzTcz0jBheXkLlHeQxdo8
aZhPgH00aMAe1HJQKujP5p8XHPBx3W7OVRl7ICt/++Fb2k8KTsmts6lEEyYGZBcQ
9aOjYombRg7qwTlXGUjZBhALrhDu9pNHVB/jLlCImlZQ1qsiD51oZ1S5SeaOPzTK
rI4BznaNJzekj7UoSn/3vOlrtzjWSdVh7rqAvadUZdK7S27pc4COtwAjHovQhKRp
Us0chNGXbb7Kx7EWZLesomQpZhTG/MMkJEBjTrffwypF/yT3IU8V0lOIs/2hyfck
8swWDpPVlYGiudgQBaklMYK1A3SKgMMF+sNtAO8MnXG4w5Llp/Wl9ONmdpP1CB/Y
pj7WYAH06mANpmIwsDGRT7PDVE+dPzZW3jh/8V535lqG3Re/ShVxhANxONklUG8p
wjFoU6Vvq2jbDzseeOEW
=hK/F
-----END PGP SIGNATURE-----
Reply all
Reply to author
Forward
0 new messages