Palo Alto, Calif. – Facebook has announced that it found
some application developers have sold data on Facebook users to a data broker,
prompting a six-month suspension for several companies. Facebook did not name
any of the companies involved, but said the suspensions will affect less than a
dozen, mostly small developers.
"While we determined that no private user
data was sold and confirmed that transfer of these UIDs did not give access to
any private data, this violation of our policy is something we take
seriously," the company wrote in a blog post.
"As such, we are taking
action against these developers by instituting a 6-month full moratorium on
their access to Facebook communication channels, and we will require these
developers to submit their data practices to an audit in the future to confirm
that they are in compliance with our policies."
Facebook has also reached
an agreement with Rapleaf, a data broker named in initial reports about the
user ID privacy breach. The company has agreed to delete all Facebook user IDs
in its possession, and will no longer conduct any activity on the Facebook
Facebook added that next week it will release a new mechanism that
developers must use to share anonymous profile identifiers, instead of the user
Additionally, ad networks must delete any previous Facebook user IDs as a
precondition for being allowed to continue to serve ads on the site.