>If you asked 1,000 facebook users what they had consented to, they probably would not think that they had consented to that.
SomeFacebookApp is requesting permission to do the following:
Access my basic information: Includes my name, profile picture, gender, networks, user ID, list of friends, and any other information I've shared with everyone.
Access my contact information: Current Address and Mobile Phone Number
I can't imagine how much more explicit this could be. I don't think the argument that it's behind legalese would hold. And it seems pretty informative about what information is going to be taken.
>Ah yes, and what exactly are they doing with this information? I can't imagine how much less explicit this could be.
I would have appreciated less smugness, but I get your point. The permissions request should go further and say how the permissions will be used and what can happen if they are used.
The idea of informed consent applied here (which is EU law) gives SomeFacebookApp permission to access the data, like the text you have written says, and nothing beyond that.
Once they had accessed the data, they would not [legally] be able to store it, or use it for any purpose. Text like this worries me because it's clear there is some illegal intent - that doesn't mean I agree to the illegal action.
That 'list of friends' meant 'oh, and all of these for all of your friends as well, and by accepting this, you tell us they know about this and they accepted it as well' - in which case, your friends, of course, are not even aware of this.
Please don’t post blatantly incorrect statements like this.
An app that gets a friend list of a user does not get the same access to each friend as to the authorizing user. This should be obvious; if I agree to allow an app to post on my wall and access my friends list, it doesn’t mean the app can post on my friends’ walls from my friends’ identities.
The only information the FB API returns about the authorizing user’s friends is data those friends have made publicly available. In fact, the friends even have the option to configure their privacy settings to exclude them from any “friend lists” given to apps.
Honestly it’s ridiculous... nothing was breached in the CA scandal. Users authorized access to their data, and any data of other people was publicly available and authorized by TOS or (admittedly opt-out) privacy settings.
If you want to stay private online, maybe don’t use a service with the singular business model of monetizing your data.
You assume an unlimited ability to give consent. Some protected classes (ie children) and countless others may not be able to give consent. And id assume that in some country somewhere even adults might not be able to divest themselves of all privacy rights forever. There are limits to reasonability.
Well that notification doesn't say what SomeFacebookApp will do with the information, it implies they won't share it with anyone else. "any other information" is too broad, so it's not clear what that covers.
SomeFacebookApp is requesting permission to do the following:
Access my basic information: Includes my name, profile picture, gender, networks, user ID, list of friends, and any other information I've shared with everyone.
Access my contact information: Current Address and Mobile Phone Number
I can't imagine how much more explicit this could be. I don't think the argument that it's behind legalese would hold. And it seems pretty informative about what information is going to be taken.