Security

What developers need to know about Facebook's huge data privacy changes

Facebook has announced more coming changes to how it handles user data, including an expansion of its bug bounty program to cover data misuse by third-party apps.


Building a slide deck, pitch, or presentation? Here are the big takeaways:
  • Facebook has announced a number of changes to its privacy policies that will affect developers. Included are the freeze of app approval, the addition of data misuse to its bug bounty program, and rigorous new B2B app privacy standards.
  • Developers of Facebook apps are going to see huge changes at Facebook—what we know about is just the initial stages. Devs need to be hyper aware of what's changing in the coming months to avoid getting caught misusing data under new rules.—TechRepublic

With the Cambridge Analytica scandal still looming large for Facebook, the company is taking additional steps to ensure the privacy of user data.

Included in Facebook's plans are the expansion of its bug bounty program to include data privacy violations, which will allow developers and users to report third-party apps found to be harvesting personal information in violation of Facebook's terms.

Changes to Facebook's handling of private user data will have an effect on developers just as much as it does for users. Facebook has been unspecific about what "abuse of personal data" constitutes, meaning developers will need to be even more careful of falling afoul of coming changes.

Now may be the time for devs to review and make changes to any Facebook apps they are responsible for.

How Facebook is rewriting its privacy rules

An initial release from Facebook on March 21, 2018, spoke about the company's plans to "crack down on platform abuse" by more closely monitoring apps that request user data, reviewing its platform, disabling unused apps, and other steps.

The latest Facebook Developers blog post from March 26, 2018, indicates that the company has already taken some steps to make the mentioned changes. Most importantly for developers may be the fact that all apps now in review have been frozen until Facebook implements new, unmentioned platform changes.

SEE: IT leader's guide to big data security (Tech Pro Research)

Facebook also announced that it had changed the way apps gain access to users' friends lists: Now both the app user and their friends must have granted explicit permission at login for an app to gain access to their friends list. Facebook further restricted which friends show up to only those who have granted access to the specific app. In other words, a user's friends who don't also use the app won't show up when friends list access is granted.

Facebook announced the addition of data misuse to its bug bounty program as well. Details of the addition have yet to be revealed, with Facebook saying more information will be available in the coming weeks.

Several other privacy-related changes are in the works that could affect developers:

  • Facebook is performing an in-depth review of its platform, investigating all apps that had access to user data prior to its 2014 privacy policy changes, and auditing all apps that have been reported as suspicious.
  • Apps that misuse data will be automatically removed from Facebook, and all users of the affected apps will be notified that their data may have been exposed.
  • Users can already see which apps have access to what data; now Facebook is going to make that information "more prominent and easier to manage."
  • Facebook is cracking down on business-to-business apps, but it isn't revealing much, only saying that "all developers that build applications for other businesses will need to comply with rigorous policies and terms, which we will share in the coming weeks."

Changes at Facebook are likely to continue as the Cambridge Analytica scandal unfolds. CEO Mark Zuckerberg has yet to testify before Congress, which may prompt even more policy changes from the company.

Developers of Facebook apps and users of its massive pool of data will need to keep their eyes, ears, and web browsers open in the coming weeks and months.

Also see

facebook.jpg

About Brandon Vigliarolo

Brandon writes about apps and software for TechRepublic. He's an award-winning feature writer who previously worked as an IT professional and served as an MP in the US Army.

Editor's Picks

Free Newsletters, In your Inbox