APPLICATIONS
http://www.eff.org/deeplinks/2010/04/facebook-timeline
Current Facebook Privacy Policy, as of April 2010:
When you connect with an application or website it will have access to General Information about you. The term General Information includes your and your friends’ names, profile pictures, gender, user IDs,
connections*, and any content shared using the Everyone privacy setting. ... The default privacy setting for certain types of information you post on Facebook is set to “everyone.” ... Because it takes two to connect, your privacy settings only control who can see the connection on your profile page. If you are uncomfortable with the connection being publicly available, you should consider removing (or not making) the connection.
https://www.eff.org/deeplinks/...english-translator#connections
CONNECTIONS
You create a "Connection" to most of the things that you click a "Like button" for, and Facebook will treat those relationships as public information. If you Like a Page on Facebook, that creates a public connection. If you Like a movie or restaurant on a non-Facebook website (and if that site is using Facebook's OpenGraph system), that creates a public connection to either the applicable Page on Facebook or the affiliated website.
Last week, Facebook announced a plan to transform most of the bits in your profile (including your hometown, education, work, activities, interests, and more) into connections, which are public information. If you refuse to make these items into a Connection, Facebook will remove all unlinked information.
===================================================
http://theharmonyguy.com/2010/...todays-facebook-announcements/
GRANULAR DATA ACCESS
Though perhaps overlooked, Facebook made good on their promise to include more granular permissions when applications request user information. This feature comes in response to concerns raised by Canada’s Privacy Commissioner last fall. With the new setup, applications will have to individually request private profile fields when a user chooses to authorize.
PROS
* This change will immediately provide more transparency and accountability, since users will see listed out exactly what fields an application will want access to when they authorize.
* Many users may simply click through anyway, but the new system may raise awareness for many users who did not previously understand the range of information applications could access. Seeing a greedy list of data fields may give users pause.
CONS
* Since announcing granular access last fall, Facebook has radically changed the definition of what constitutes “private” information. Consequently, many of the fields that might have been included in this setup are now considered “public” and thus generally outside access controls.
* While commendable, this change may not lead to any substantial changes in practice.
The model relies on developers limiting their requests, AND MANY USERS WILL PROBABLY STILL WANT ACCESS TO APPLICATIONS THAT ASK FOR ALL INFORMATION.
PERSISTENT DATA STORAGE
Until this week, applications and Facebook-enabled websites could not store most information accessed via the Facebook API beyond 24 hours. Now, Facebook has removed this time limit, meaning developers can save user data for as long as they want.
PROS
* This change will significantly reduce overhead for both developers and Facebook, since applications will no longer have to exchange data with the service each day a user connects.
* Users will likely see some performance gains from applications, since they can cache data locally rather than constantly checking with Facebook before rendering content.
CONS
* Facebook applications will now be far more valuable targets for attackers. If a popular application suffers a database compromise, millions of users’ private information could be put at risk. Hacking Facebook directly tends to be difficult, but many applications lack the same level of security.
* This increases opportunities for behavioral targeting and visitor tracking, SINCE THIRD-PARTY DEVELOPERS WILL NOW BE ABLE TO MAINTAIN COMPLETE ARCHIVE OF PROFILE INFORMATION.