As we outlined previously, we recently learned that some developers on Facebook Platform were inadvertently sharing User IDs (UIDs) due to an issue with the way that web browsers work. While we found no evidence that this inadvertent sharing resulted in the collection of any private user information, we have proposed a technical solution to prevent this sort of transfer in the future. In addition, we are working with browser vendors to address this issue more broadly across the web.
Today, we are clarifying our policy to ensure that developers understand the proper use of UIDs in their applications. Our policy has always stated that data received from Facebook, including UIDs, cannot be shared with data brokers and ad networks. Moving forward, our policy will state that UIDs cannot leave your application or any of the infrastructure, code, and services you need to build and run your application. You can use services, such as Akamai, Amazon Web Services and analytics services as long as those services keep UIDs confidential to your application.
We realize that developers may sometimes need a way to share a unique identifier outside of their application with permitted third parties, such as content partners, advertisers or other service providers. We are adding a mechanism that developers must use to share anonymous identifiers for this purpose. We will release this functionality (available via the Graph API and FQL) early next week. We encourage developers to move to this mechanism quickly and will require it on January 1, 2011.
Ad networks (including offer companies) that operate on Facebook Platform are already required to sign terms that govern their use of data. We are requiring these ad networks to delete any Facebook UIDs, regardless of how they were obtained, as a precondition to continuing to serve ads on Facebook Platform. Further, we will modify our policy to require that developers use the anonymous identifiers mentioned above when working with ad networks.
Zero Tolerance for Data Brokers
Facebook has never sold and will never sell user information. We also have zero tolerance for data brokers because they undermine the value that users have come to expect from Facebook. To restate our policy, developers may not pass any data from Facebook to data brokers, and we are now including anonymous identifiers in this protected category of Facebook data.
As we examined the circumstances of inadvertent UID transfers, we discovered some instances where a data broker was paying developers for UIDs. While we determined that no private user data was sold and confirmed that transfer of these UIDs did not give access to any private data, this violation of our policy is something we take seriously. As such, we are taking action against these developers by instituting a 6-month full moratorium on their access to Facebook communication channels, and we will require these developers to submit their data practices to an audit in the future to confirm that they are in compliance with our policies. This impacts fewer than a dozen, mostly small developers, none of which are in the top 10 applications on Facebook Platform.
We have also reached an agreement with Rapleaf, the data broker who came forward to work with us on this situation. Rapleaf has agreed to delete all UIDs in its possession, and they have agreed not to conduct any activities on the Facebook Platform (either directly or indirectly) going forward.
In taking these steps, we believe we are taking the appropriate measures to ensure people stay in control of their information, while providing developers the tools they need to create engaging social experiences. We look forward to broader cooperation from everyone in the web community to confront issues that impact all of us. If you have questions or concerns, please use the comments box below.