Facebook has suspended a feature enabling app developers to access user’s addressees and mobile numbers after drawing the ire of its members and security professionals.
New code introduced on January 14 reportedly allows developers to specify the sharing of addresses and phone numbers as a requirement for allowing Facebook members to use their apps, and the permission screen looked similar to the one used before the ability was added.
As a result, the company yesterday said it had disabled the feature after receiving “useful feedback that we could make people more clearly aware of when they are granting access to this data.”
Facebook said the feature was introduced to allow users to easily share details with shopping sites or receive LBS-based shopping deals, and that users have to explicitly agree to share addresses and phone numbers.
But Sophos senior technology consultant Graham Cluley said requiring permission to gather details was thin protection for Facebook subscribers.
“There are just too many attacks happening on a daily basis which trick users into doing precisely this,” he stated in a blog. “Now, shady app developers will find it easier than ever before to gather even more personal information from users.”
The incident is the latest in a line of privacy gaffes for the social networking site in the past year.