Facebook give app developers access to your Phone number and address

January 16, 2011

Facebook now give access to your Phone number and address

Well this is nice. Did you know that facebook have given application developers access to your phone number and address details.

They've created two new fields new user_address and user_mobile_phone permissions. These permissions are granted to by the application by the user via the standard permissions dialogs.

Facebook are keen to state that:

"these permissions only provide access to a user’s address and mobile phone number, not their friend's addresses or mobile phone numbers."

Facebook Policy

Now I can hear you ask "surely Facebook has a policy against this?"  Well that have a very clear policy but do you think suspect application developers are going to care about that.

And do you think Facebook care about letting them have it? Given there are half a billion users on Facebook it can only drawn more developers (and criminals) across because they've made it easy.

Perhaps it's time that Facebook introduced a vetting system similar to Apple's where every line of code is checked before publishing.  It's difficult to police this situation and probably just as difficult to sort out the current mess.

What's the problem?

We've already seen a number of rouge Facebook applications but giving access to this type of data just opens the flood gates for dodgy apps writers to steal valuable information.  And this data is valuable.

What happens when you start to get cold calls from sales companies? Mystery text messages selling you stuff? And there's the increased risk for potential identity theft.

And it won't take too long for the criminals to get involved in this. Cyber crime is already a massive business and this is handing data to them on a plate.

What can I do?

Our advice is simple. Clear out your Address and Telephone numbers now.

How do I clear my facebook address details?

To remove your personal address details. Click on the your profile

Now click on "Edit Profile"

Now select the "contact information" on the left hand menu.

Now just clear out the data and no one can get at it