Facebook today rolled out a long-anticipated change to the way its members share information with applications built on its platform. Whereas before, applications installed by users had full access to all the information in their profiles, now applications will have to explicitly ask for personal information they want to use.
After first being announced in August 2009, it took until now for these changes to be implemented because they are a “fundamental part of applications” and “we didn’t want to risk breaking any user experiences,” Facebook CTO Bret Taylor said in an interview today. Interestingly, all existing installed applications will continue to operate by the old rules. (If Facebook had asked all apps to get their users to re-install it might have had a massive developer mutiny on its hands.)
Of course, since Facebook data is tied to a network of friends, it’s not just their own personal data that users are authorizing apps to see. For instance, a user could authorize the JibJab app to see all of her friends’ birth dates in order to send them virtual greeting cards, and those friends wouldn’t have a say in whether JibJab knew about their birthday.
If users decline to allow an application any of the data asked for in the new initial dialogue box, the application will not be installed, so applications are disincentivized to overreach for personal data. However, once installed, applications can ask users for additional information, such as their email address.
These changes are yet another way Facebook is ratcheting back the access its developers have to users, through its continual trimming of notifications and other viral channels. That’s a trend Facebook hopes to eventually reverse, Taylor said in a recent video interview with us — so that social games could stay in better touch with avid game players, for example. However, he said he expects the new installation permissions to be helpful for applications, because users will trust them more. “Good applications will really excel in this world,” he said.
Meanwhile, also on the personal information front, Facebook recently revised the terms by which outsiders can crawl its site, after a blogger pointed out inconsistencies in the site’s robots.txt file that allowed anyone to crawl users’ public profiles. Now, only search engines with explicit permission will be able to crawl, while everyone else will be sent to the API.
Related content from GigaOM Pro (sub req’d):
<a href="http://pro.gigaom.com/2010/05/facebook-tries-to-navigate-the-privacy-storm/?utm_source=gigaom&utm_medium=editorial&utm_content=lizg&utm_campaign=related"Facebook Tries to Navigate the Privacy Storm