Those defenses, already fairly porous with caveats and exceptions, have now just crumbled to dust. If Facebook advertisers have your name, anonymity goes out the window. There is no opt out, short of quitting Facebook (unlikely) or not installing any apps (a good idea) or not clicking on any ads (a very good idea). In any case, how can you opt out of something you don’t know is happening?
In the short term, this kind of data leak isn’t as serious as, say, a government agency or credit bureau spilling millions of social security or credit card numbers, which has happened ad nauseum over the last 10 years. In the long run, though, it’s worse. If advertisers can tie your identity to your Web history, so can anyone else. The concept of aggregating anonymous information becomes as quaint and archaic as the rotary phone, and the Web becomes even more of a data miner’s paradise.
It’s like that old Sting song: Everywhere you go, everything you do, they’ll be watching you.
Call it the “slippery slope” or “the frog in the boiling water” or “the canary in the coal mine.” Pick a metaphor, any metaphor. It’s bad. But that’s not all. Other conclusions you might draw from this incident:
* Once again, Facebook demonstrates that it “takes user privacy seriously” mostly by issuing statements about how it takes user privacy seriously -- not by being proactive about it.
* Privacy policies aren’t worth the paper they’re not printed on. Good intentions (sincere or otherwise) don’t mean squat if there’s no oversight.
* Penalizing companies after they’ve already got your data is a lame response. It’s like trying to unring a bell. Once the data is out there, there’s no way to get it all back.
* The WSJ looked at 10 apps. That leaves 549,990 to go. I don’t imagine the news gets much better.
* Incompetence is a poor defense.
To its credit, Facebook recognized the seriousness of this breach and responded immediately, instead of the usual “let’s cover our ears and hide in our cubicles until people stop complaining” response. On the other hand, some apps that got suspended for this behavior were reinstated a few hours later. And the biggest single app on the WSJ’s list, Zynga’s hateful Farmville, didn’t get dinged at all.
Here’s my favorite bit about this whole thing. As part of its defense, Facebook Developer Blogger Mike Vernal writes: