Facebook privacy concerns? Think outside the Platform API.

A lot of articles about tightening up Facebook security are flooding my Facebook news feed. I knew that one needs to check one’s Privacy and other settings frequently, but here is an interesting conundrum. I noticed that my setting for the Platform API was on, even though I recall turning it off at some time.

Most of the articles that ask you to tighten your privacy settings mention the Platform API and how one should turn it off. Here is a typical article, in this case from the EFF, one of the most reliable sources of such advice. https://www.eff.org/deeplinks/2018/03/how-change-your-facebook-settings-opt-out-platform-api-sharing.

Yes, that’s fine. And here is the link to the App Settings in Facebook (you will need to be logged into Facebook to see it): https://www.facebook.com/settings?tab=applications. If you are like me, each Facebook privacy scare sends me rushing to check my settings. While they are usually unchanged, sometimes they are changed and not in my favour.

The Trojan Horse

So the recent publicity about Cambridge Analytica spawned a flurry of articles and TV spots that haven’t abated. I checked my settings and got a rude shock. My Platform setting was On. What? It is accessed via Settings > Apps > Apps, Websites and Plugins.

Platform Settings

Then I looked at another setting. Hey, didn’t I uncheck some of those before?

Permissions for other apps to use should be unchecked
Permissions for other apps to use should be unchecked

I don’t remember, but at times I would swear that unchecked settings keep getting checked.

OK, so here is the Trojan Horse and it lives outside the Facebook castle. There are many such Trojan Horses. Do you remember if you linked Instagram, LinkedIn, Klout, etc to Facebook? Or, if you develop chatbots for Facebook and tried out something like It’s Alive? I was guilty of some of these, but when you are approving at the other website, your mind is far removed from articles talking about Facebook privacy. So you actively authorise the connection, but don’t realise that you could be allowing others to access data that you have checked in the Facebook settings above.

And certain games or quizzes also use the Facebook Platform API, so game players are inadvertently giving permission.

I am not suggesting that you stop doing those things, but consider not sharing too much in your personal profile. If your career information is on LinkedIn, why repeat it on Facebook?


So check out your own Trojan Horses. Check regularly and often.


Ash Nallawalla

Search strategist experienced in large, complex websites. SEO consultant.

Related Posts

Only public profiles allowed on Google+

Feel free to share...FacebookTwitterRedditStumbleUponLinkedinemailSome months ago, Google announced that there would be no more private profiles in Google. It was around the time when rumours of Google+ started leaking out in the form of Circles. Loading... Here is the wording (emphasis mine): Loading... Feel free to share...FacebookTwitterRedditStumbleUponLinkedinemail Loading...

Read More

SEO Tip: Facebook Groups ARE indexed by Google

Ash Nallawalla

19 September 2010

Facebook, SEO

Feel free to share...FacebookTwitterRedditStumbleUponLinkedinemailThis isn’t breaking news, but Google definitely indexes Facebook Group pages and has done so since October 2009, as reported by AllFacebook.com in Google Now Indexes 620 Million Facebook Groups in February. I discovered it recently by accident and then went looking in Google to find out why I hadn’t heard earlier. […]

Read More

Older Posts