Facebook plans encryption to protect user data


Facebook plans encryption to protect user data

Warwick Ashford

Facebook has proposed using encryption after reports that popular applications expose user identification numbers.

A report by the Wall Street Journal revealed that the privacy breaches by the 10 most popular apps affected millions of users.

The report led to increased concerns about privacy at Facebook, and two US congressmen have demanded more details from the social networking firm.

The issue is that certain Facebook apps transmit user identification numbers (UIDs) , which may be used to identify users and link actions at other Web sites to a Facebook identity.

Facebook plans to lay the groundwork to implement encrypted UIDs in the next few weeks, and then to add support for encryption after consulting internal developers and the greater web community, Mike Vernal, a Facebook engineer said in a blog post.

"While initial press reports greatly exaggerated the implications of sharing a UID, we take this issue seriously. Our policy is already very clear that UIDs may not be shared with ad networks and data brokers, but we recognise that some developers were inadvertently sharing this information," he wrote.

The proposed change is aimed at preventing the accidental sharing of UIDs, but will not stop deliberate UID sharing in violation of Facebook policy.

"While this proposal will address the inadvertent sharing of this information on Facebook, the underlying issue of data sharing via HTTP headers is a web-wide problem," wrote Vernal.

"We look forward to working with the web standards community and browser suppliers over the coming months to help address this issue," he said.

Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy