Facebook deceived developers and users with Verified Apps program
Posted on 14 August 2012.
The privacy settlement that the US Federal Trade Commission and Facebook agreed on last November has been finalized on Friday and, unlike Google earlier that week, Facebook managed to avoid paying any fines.


"Following a public comment period, the FTC has accepted as final a settlement with Facebook resolving charges that Facebook deceived consumers by telling them they could keep their information on Facebook private, and then repeatedly allowing it to be shared and made public," the commission stated in the press release.

"The settlement requires Facebook to take several steps to make sure it lives up to its promises in the future, including by giving consumers clear and prominent notice and obtaining their express consent before sharing their information beyond their privacy settings, by maintaining a comprehensive privacy program to protect consumers' information, and by obtaining biennial privacy audits from an independent third party."

Among the things that FTC's investigation has unearthed is the fact that Facebook's App Verification program, established and closed within six months in 2009, was a complete sham.

"Designed to offer extra assurances to help users identify applications they can trust - applications that are secure, respectful and transparent, and have demonstrated commitment to compliance with Platform policies," the program required developers to pay from $175 to $375 to have their app verified.

But, "contrary to the statements set forth in Paragraph 46, before it awarded the Verified Apps badge, Facebook took no steps to verify either the security of a Verified Application’s website or the security the Application provided for the user information it collected, beyond such steps as it may have taken regarding any other Platform Application," the commission found.

So, in fact, Facebook earned thousands of dollars by simply appending the green checkmark to the apps in question. And while the developers in question at least got a more prominent spot for their apps, Facebook users used them and believed themselves to be perfectly safe.






Spotlight

The security threat of unsanctioned file sharing

Posted on 31 October 2014.  |  Organisational leadership is failing to respond to the escalating risk of ungoverned file sharing practices among their employees, and employees routinely breach IT policies.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 31st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //