W3C home > Mailing lists > Public > public-privacy@w3.org > July to September 2010

RE: today's change in integrated facebook apps

From: Sören Preibusch <Soeren.Preibusch@cl.cam.ac.uk>
Date: Sun, 1 Aug 2010 17:21:13 +0100
To: "'Kristin Tigart'" <ktigart@tessituranetwork.com>
Cc: <public-privacy@w3.org>
Message-ID: <00ed01cb3195$8fab7de0$af0279a0$@Preibusch@cl.cam.ac.uk>
Thanks for sharing. I had been advocating this “incremental consent” in my
position paper. I think it’s a step forward to seeing it live.
Unfortunately, with the exception of “sending email”, Facebook only
communicates the data items but not their intended use.






From: public-privacy-request@w3.org [mailto:public-privacy-request@w3.org]
On Behalf Of Kristin Tigart
Sent: 30 July 2010 14:52
To: public-privacy@w3.org
Subject: today's change in integrated facebook apps


Hello all:
If you hadn’t already seen… today is the day Facebook changes the degree and
manner in which integrated apps can surface profile data. >From their site…

As documented in the authentication guide
<http://developers.facebook.com/docs/authentication/> , we are updating the
way data read permissions are granted in the platform. Previously, when a
user installed your application, your application would automatically get
access to all of the data that user had permission to read on Facebook.com.
Starting June 30, 2010, your application will only be able to read the
publically <http://www.facebook.com/help/?faq=16374>  available information
of a user's profile by default.

To get access to other parts of the user's profile, your application must
explicitly request all of the data it needs to function. For example, if you
want to incorporate a user's photos into your application, you would request
the user_photos extended
permission. During the authentication process, the user is presented with a
UI in which the user can authorize your application to access that specific
part of her profile:

Authentication dialog

To protect the privacy of users who have not explicitly authorized your
application, your application will only be able to access the basic profile
information about a user's friends, like their names and profile pictures.
If your application needs to access other data about a user's friends, you
will need to request additional, special extended permissions. For example,
if you want to enable a user of your application to browse her friends'
photos in addition to their own photos, you would request the friends_photos
permission in addition to the user_photos permission. You can request
extended permissions in the initial authentication dialog or elsewhere in
your application or website when appropriate.

Also, as part of these changes, we will no longer support the automatic
authentication feature available for some users of canvas applications.



Kristin Tigart

Director, Internet Services and Online Community

Tessitura Network


office: 1.888.643.5778  x 320 |  mobile: +1 443.514.4828  |  fax: +1

 <mailto:ktigart@tessituranetwork.com> ktigart@tessituranetwork.com



(image/jpeg attachment: image001.jpg)

Received on Sunday, 1 August 2010 16:21:43 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:23:51 UTC