Facebook change will give you control over data sharing with apps

Users can now decide what types of data to share with third party apps

Facebook's new login also provides clearer information to users about how other apps post to Facebook on their behalf.

Facebook's new login also provides clearer information to users about how other apps post to Facebook on their behalf.

Users are getting greater choice over what information is shared with websites and apps when they log in using their Facebook ID.

A new version of Facebook Login, which begins its wide roll out this week, will present users with a prompt to "Edit the info you provide." Clicking that will let users grant or deny access to different types of information. The login now also highlights who will see content posted by the app in Facebook, for apps that request the ability to do so.

Facebook first announced this system during its F8 developers conference in April 2014. Many of the most popular apps, like Pinterest and Netflix, are already using it and over the next few weeks, Facebook will turn on the system for every app that uses the Facebook Login.

Facebook is also making a change to its software development kit so that third-party developers can ask permission to access a list of the person's friends who also use the app, but not information related to the friends such as their birthday, photos and likes.

Additionally, the company has a new team to review apps that ask for more than people's public Facebook profile, email address and friend list. Apps that Facebook determines are asking for unnecessary information from users could have their data access revoked.

The moves are part of Facebook's broader efforts to give better privacy controls to users in the hope more people will log in via Facebook. If that happens, it would help to grow Facebook's developer community. Facebook offers analytics and other tools to developers, including advertising.

"If people don't feel comfortable logging in with Facebook, then we don't have a platform," said Simon Kross, a product manager at the company, who described the changes during a meeting this week with reporters in San Francisco.

For end users, the changes will play out in at least a couple ways. For apps already on people's devices that employ the new system, users may not notice any change. This would likely be because they've already logged in to the app through Facebook and given it permission to access their data.

In this scenario, if users want to have finer controls over the data they share, they'll have to remove the app and revoke its permissions within their Facebook settings. That can be done on the desktop or in Facebook's mobile app.

Otherwise, users will see the new login after downloading apps that have transitioned to the system.

But, as a result of letting users decline access to certain data, some apps that have not reworked their code to account for the changes may behave erratically, crash or lose key functions. Job Fusion, for example, is an app that alerted users to job openings based on where their friends work. Although the app will continue to work for job searches, users will no longer be able to see where their friends work because of Facebook's changes, said developer Vitaliy Levit.

To help ensure that apps continue to run smoothly, Facebook is providing tips to developers for how to handle situations in which users decline to grant access to their data. One tip: If a user has declined access to, say, their email address, but that information would help the app work better, just ask for it again later.

"We recommend doing this after a person has had some time to familiarize themselves with your app, so they have a better understanding of how the permission will improve their experience," Facebook says in its tips, which it published online.

So, feel free to say "no" to handing over certain data while logging in. But in the case of insistent apps, be ready to continue saying "no."

Zach Miners covers social networking, search and general technology news for IDG News Service. Follow Zach on Twitter at @zachminers. Zach's e-mail address is zach_miners@idg.com

Join the CSO newsletter!

Error: Please check your email address.

Tags Internet-based applications and servicessecuritymobilesocial mediadata protectioninternetprivacyFacebookmobile applications

More about FacebookIDGNetflixNews

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Zach Miners

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place