Home Facebook: New Privacy Provisions Won’t Add Protections for Apps

Facebook: New Privacy Provisions Won’t Add Protections for Apps

The latest round of privacy controls improvements from Facebook – widely perceived as a response to competition from Google+ – let members select per-item policies for literally everything they post. It’s a simple, but very pervasive, set of controls that let users set limits on everything, and preview their published assets as friends and the general public would see them.

But do these changes have any effect on what apps running on the Facebook Platform will be able to see? The way the Platform works now, a Facebook app runs with the permissions of its user. That makes sense, because how else can an app such as a game gain access to the list of friends with whom the user might want to play? Still, although it’s officially against Facebook policy, apps are capable of collecting that data for servers that may store it for other purposes.

This afternoon, Facebook spokesperson Meredith Chin tells RWW that visibility of other user’s data through apps running on the Facebook platform will not change following the rollout of new privacy controls. In other words, apps will continue to inherit the permissions of their users.

“Nothing is changing with what apps can access,” states Chin.

Facebook Platform apps, however, will not have visibility into what the user’s privacy settings are, Chin tells us, and will not be able to determine if the user has posted any assets to Facebook that are restricted to friends only.

When asked whether a Platform app would be capable of elevating its privileges so that assets that were not visible to the app before could be made visible, Chin responded no. Privilege elevation has been used legitimately on other platforms, mainly operating systems, to enable remote apps to have limited (or in some dangerous cases, unlimited) access to restricted resources, such as the file system. When methods for legitimate privilege elevation have been made public, historically they’ve led to catastrophic consequences.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.