Ash Nallawalla's blog

Facebook privacy concerns? Think outside the Platform API.

A lot of articles about tightening up Facebook security are flooding my Facebook news feed. I knew that one needs to check one’s Privacy and other settings frequently, but here is an interesting conundrum. I noticed that my setting for the Platform API was on, even though I recall turning it off at some time.

Most of the articles that ask you to tighten your privacy settings mention the Platform API and how one should turn it off. Here is a typical article, in this case from the EFF, one of the most reliable sources of such advice.

Yes, that’s fine. And here is the link to the App Settings in Facebook (you will need to be logged into Facebook to see it): If you are like me, each Facebook privacy scare sends me rushing to check my settings. While they are usually unchanged, sometimes they are changed and not in my favour.

The Trojan Horse

So the recent publicity about Cambridge Analytica spawned a flurry of articles and TV spots that haven’t abated. I checked my settings and got a rude shock. My Platform setting was On. What? It is accessed via Settings > Apps > Apps, Websites and Plugins.

Platform Settings

Then I looked at another setting. Hey, didn’t I uncheck some of those before?

Permissions for other apps to use should be unchecked
Permissions for other apps to use should be unchecked

I don’t remember, but at times I would swear that unchecked settings keep getting checked.

OK, so here is the Trojan Horse and it lives outside the Facebook castle. There are many such Trojan Horses. Do you remember if you linked Instagram, LinkedIn, Klout, etc to Facebook? Or, if you develop chatbots for Facebook and tried out something like It’s Alive? I was guilty of some of these, but when you are approving at the other website, your mind is far removed from articles talking about Facebook privacy. So you actively authorise the connection, but don’t realise that you could be allowing others to access data that you have checked in the Facebook settings above.

And certain games or quizzes also use the Facebook Platform API, so game players are inadvertently giving permission.

I am not suggesting that you stop doing those things, but consider not sharing too much in your personal profile. If your career information is on LinkedIn, why repeat it on Facebook?

So check out your own Trojan Horses. Check regularly and often.

Ash Nallawalla

Search strategist experienced in large, complex websites. Ash's Google+ profile

Related Posts

Facebook Contest Guidelines Explained

Feel free to share...FacebookTwitterGoogle+RedditStumbleUponLinkedinemailAll popular Facebook Pages run contests — it’s a great way to get fan interaction and it’s a great way to attract new fans. I’ve personally gained many hundred real fans for my clients using Facebook Contest Apps that I’ve created and they work great. However, most pages have contests where they […]

Read More

Why your Facebook Page could get removed by Facebook without warning

Feel free to share...FacebookTwitterGoogle+RedditStumbleUponLinkedinemailI spend a lot of time checking the business pages of local businesses and other businesses that I like on Facebook. Facebook marketing is part of my job, so I’m very critical and observant of what other people do. I’ve found that lot of these pages are either very boring or the […]

Read More

Older Posts