For me one of the most interesting aspects of the modern internet (Web 2.0, if you like) is the high availability and feature depth of APIs that websites make available to enable integration into a variety of systems. These range across the whole spectrum of websites from flickr to BetFair.

One API that has particularly taken my interest of late is the Facebook Developers API, this is the API used to build all Facebook applications. What is particularly interesting, and perhaps surprising, about this API is the amount of personal information that is made available about Facebook users.

In order to increase awareness of the information that Facebook makes available about you and your friends to every applicaiton you install I created a ‘What Applications Know About You’ application. Read on for more details.

Facebook makes no secret about the information that it makes available to applications. The full documentation is available here. However neither do they go out of their way to let users view exactly what information they’re making available.

Information that Facebook applications have access to includes:

• Your Profile
• Your Friends and their profiles
• Your Events
• Your Groups
• Your Markeplace Posts
• Photos of you
• Photos you have uploaded

Significantly, and fortunately, applications do NOT have access to any of your contact information. Also if you set your birthday to ‘only me’ then it is excluded from application visibility.

Two things surprised me when I was looking into the API

• If you set your profile visibility to ‘Only My Friends’ applications can still see your profile.
• Applications your friends install also have access to your profile.

Applications installed by one of your friends are referred to as ‘Other Applications’. Privacy settings are available to control the level of access you give to your data to these ‘Other Applications’ but by default the settings are fairly wide, including your education and work histories, photos of you etc. If you have installed any applications then you must share your name, networks and list of friends to any applications your friends install. To select ‘do not share any information’ you must remove all applications from your profile.

What’s particulary interesting is that in this kind of social network an application doesn’t really have to achieve a massive penetration before if can build up access to a significant subset of Facebook member profiles if so inclined. For applicaitons with a large install base such as Fun Wall or Super Poke everyone must have at least one friend with one of these applications installed.

Whilst the Facebook developers Terms of Service includes the statement; “You can only cache user information for up to 24 hours to assist with performance.”, they have no method to enforce this other than relying on the honesty of the developers themselves. As all third party applications are hosted externally from Facebook they do not have access to audit how personal data is used one it leaves their network.

If you’re interested in seeing what information you’re exposing to third parties when you install their applications then I’ve put together an application that reflects this information back to you. What Applications Know About You is a simple application that displays a significant subset of the data that applcations have access to. Whilst you have to login or add the application to use it no information is retained about you, not even the fact that you have it installed. All the information you see is dynamically generated when you request the page. The application contains no adverts and does not generate any money, it’s just there for informational purposes.

If you’ve got any comments on it then post here or on the applications about page.

-Comments now closed due to too much spam, particularly for this post. Please post any comments on the applications about page.