Privacy concerns swirled around Facebook again after an employee of a firm called Skull Security compiled and released personal data on more than 100 million Facebook users, about a fifth of the site’s membership.
The computer file, released Wednesday, contained publicly accessible information, which included peoples’ names and profile addresses. It raised new privacy issues.
Skull Security said it was pointing out vulnerabilities in Facebook privacy controls. Facebook defended itself, saying that no private data had been compromised. "Similar to the white pages of the phone book, this is the information available to enable people to find each other, which is the reason people join Facebook,” the company said in a statement.
The fallout from the incident spread quickly. People at dozens of well-known corporations and organizations (or at least IP addresses linked to those companies and other groups) have downloaded the file, according to a report by the tech blog Gizmodo.
Why would these groups want a list of publicly accessible information? They simply may be employees curious to see if their name is on the list. Another possibility is that the information would help them target advertising and outreach efforts, say privacy advocates.
“Computational advertising enables companies to compile billions of discrete data points and create an analysis of a particular individual and how that person relates with friends, places, geographic information,” explains Jeff Chester, executive director of the Center for Digital Democracy.
The Facebook file takes one massive step out of the equation for advertisers – finding and aggregating the data of millions of users.
“Facebook users in particular, who tend to skew younger, are in the most valuable demographic,” adds Mr. Chester. “There’s a tremendous amount of interest from Fortune 500 advertisers.”
And while the information compiled by Ron Bowes, the security researcher with Skull Security, came from Facebook users, they may not have realized how widely they were sharing their data.
“There are a lot of people unaware of the amount of information Facebook is sharing,” says Ginger McCall, staff counsel for the Electronic Privacy Information Center, a Washington-based research center advocating for privacy issues. “Most people are under the impression that when set the privacy setting they won’t change.”
But Facebook has changed its privacy settings twice since last summer. Both times, some of users’ privacy settings have defaulted back to the public options, Ms. McCall said. Privacy advocates worry that users unaware of the changes won’t switch their privacy setting back, or that they won’t be aware of how to do so in the first place.