在用户注册Facebook账户的同时，用户与Facebook网站就等于达成了一个协议。用户向Facebook网站分享了自己的个人信息资料，而Facebook则会根据用户的期望允许特定群体浏览用户的帖子。与此同时，用户也允许Facebook网站根据自己的数据决定展示的广告。

facebook zynga

这是一个复杂的协议。很多用户在注册Facebook账户时并不清楚之后自己个人信息将面临的问题。与此同时，协议中还包含了一种信任关系——如果Facebook没有遵守协议中的某些条例，它将引起用户的广泛争议。

本周一当Facebook承认网站中的确有某些应用（如FarmVille）不当地向广告公司或网络信息追踪公司泄露了玩家个人资料后，Facebook网站与用户之间的信任关系又一次受到了挑战。对此，Facebook的负责人称网站正在和应用开发公司协商用户个人信息的处理方法，希望防止这类事情的再次发生。

这一事件起源于昨日《华尔街日报》一篇文章。文章中提到，Facebook网站的某些热门应用向外界公司传递了用户ID之类的用户资料，违反了Facebook的隐私政策。

通过用户ID，外界公司可以查询到该用户的姓名和如就读的学校，最喜欢的电影等公共资料数据，但并无法查看到用户设为仅对朋友公开的个人信息。

在这个泄漏问题的重要性上，隐私拥护者和技术专家们产生了分歧。

网络自由组织Electronic Frontier Foundation的资深技术员工Peter Eckersley认为这个问题十分严重。广告商可以通过用户ID查找到很多用户相关的资料。他指出，Facebook的无心之失泄露了网上对用户进行追踪的关键“钥匙”。但同时，Eckersley也承认目前为止并没有证据说明获取用户数据的人已经滥用了这些数据。

目前，开发FarmVille等多款Facebook热门游戏的Zynga公司不愿对该事件发表评论。

另有一些技术专家和博客主则认为这次的泄露问题并不严重，他们指出很多信用卡公司和杂志拥有更加细致的客户信息。

同时，Facebook也想弱化这次泄漏事件的影响，他们表示泄漏用户ID只是一个疏忽。用户ID为Mike Vernal的Facebook工程师在公司的博客上写道，“新闻媒体夸大了这一事件的影响。外界公司即便获得了用户ID，但如果他们没有得到用户同意，也就无法获得用户的私密信息。”

Facebook还在声明中表示将计划引进“限制分享用户ID的新技术系统”，另外还向外界应用再次强调网站的政策，提出如有必要将会关闭违规应用。同时，获得用户ID的公司也纷纷表示并没有使用这些账号。不论如何，这次事件揭露了Facebook公司面临的另一个挑战：在用户和技术复杂性高度发展的同时，Facebook几经无法完全控制网站中发生的各种事件。Facebook网站除了5亿多用户人口外，还有100多玩款第三方应用。

这次的资料泄露可以能是长期使用Web浏览器的一个问题。该浏览器允许网站记用户点击的页面地址，大量的信息被浏览器处理成缓存数据。而facebook有这样的信息处理方式已经好长时间了。

去年技术专家就指出这有可能泄漏用户ID。今年，Facebook修正了这一问题，但显然它并无法解决网站中应用的类似问题。

印第安纳大学应用网络安全研究中心的隐私拥护者Christopher Soghoian认为，Facebook并非故意泄露用户信息，也并没有从这一事件中得利。但它必须重视对网站系统的重新构建。

同年，Christopher Soghoian向联邦贸易委员会抱怨：谷歌公司泄露用户个人信息，因为搜索条款中包含了缓存的一些内容。

Facebook的隐私问题长期以来一直是用户争议的重点，这次的泄露事件可再次引起用户的共鸣。

另外，Facebook还多次变化网站形式，促进用户信息的公开化。如今年Facebook公开用户对品牌或电影的喜好后，很多用户因此抱怨无法保护自己的个人隐私。今年5月，因为用户和隐私拥护者的一再要求，Facebook网站对隐私设置进行了全面修改。

Facebook公司的首席执行官Mark Zuckerberg就这次资料泄露事件向Facebook用户表示了歉意。他表示隐私设置经常由于太过复杂而使用户不便理解。尽管公司对隐私设置方面进行了修改，但这个问题仍然一直困扰着Facebook。另外，加利福尼亚大学伯克利分校信息学院的隐私专家Deirdre Mulligan也表示，“这一事件再次说明Facebook不仅要在其隐私政策上下苦功，同时也要将其融入到网站的技术设计中。” （本文由游戏邦/gamerboom.com编译）

SAN FRANCISCO — When you sign up for Facebook, you enter into a bargain. You share personal information with the site, and Facebook agrees to obey your wishes when it comes to who can see what you post.

Mark Zuckerberg, chief of Facebook, apologized to users for site settings that they found too complicated to understand.

At the same time, you agree that Facebook can use that data to decide what ads to show you.

It is a complicated deal that many people enter into without perhaps fully understanding what will happen to their information. It also involves some trust — which is why any hint that Facebook may not be holding up its end of the bargain is sure to kick up plenty of controversy.

The latest challenge to that trust came on Monday, when Facebook acknowledged that some applications on its site, including the popular game FarmVille, had improperly shared identifying information about users, and in some cases their friends, with advertisers and Web tracking companies. The company said it was talking to application developers about how they handled personal information, and was looking at ways to prevent this from happening again.

Facebook’s acknowledgment came in response to an article in The Wall Street Journal that said several popular applications were passing a piece of data known as a user ID to outside companies, in violation of Facebook’s privacy policy.

Having a user ID allows someone to look up that user’s name and any data posted on that person’s public profile, like a college or favorite movies, but not information that the user had set to be visible only to friends.

Privacy advocates and technology experts were split on the significance of the issue.

“That is extremely serious,” said Peter Eckersley, a senior staff technologist at the Electronic Frontier Foundation, an online liberties group.

Mr. Eckersley said advertisers could use the user IDs to link individuals with information they had collected anonymously about them on the Web. “Facebook, perhaps inadvertently, is leaking the magic key to tracking you online,” he said.

At the same time, Mr. Eckersley said there was no evidence that anyone who had access to this data had actually misused it.

Zynga, the maker of FarmVille and other games on Facebook that have a combined 219 million users, declined to comment.

Several technology pundits and bloggers minimized the issue, with some saying that credit card companies and magazines have access to far more detailed information about customers than any Facebook application.

Facebook also sought to play down the importance of the leak, saying the sending of user IDs appeared to have been inadvertent. “Press reports have exaggerated the implications of sharing” a user ID, Mike Vernal, a Facebook engineer, wrote on a company blog for application developers. “Knowledge of a UID does not enable anyone to access private user information without explicit user consent.”

In a statement, Facebook said that while it would be a challenge to do so, it planned to introduce “new technical systems that will dramatically limit the sharing of user IDs,” and would continue to enforce its policies on outside applications, shutting them down when necessary. It added that the companies that had received the user IDs said they had not made use of them.

Regardless, the problem underscores another challenge facing the company: Facebook has grown so rapidly, in both users and in technical complexity, that it finds it increasingly difficult to control everything that happens on its site. In addition to more than 500 million Facebook users, there are more than one million third-party applications running on the site.

The latest information leak was made possible by a quirk in a long-established technical standard used by Web browsers. The standard allows Web sites to record the address of the page a user clicked on to arrive there, a bit of information known as a referrer.

Facebook has been including user IDs in these referrers for some time, and last year technology experts pointed out that user IDs had leaked to advertisers that way. Facebook fixed that this year, but apparently never addressed the problem when it came to referrers used by applications on its site.

“Facebook isn’t benefiting from it, and Facebook is not intentionally leaking this data,” said Christopher Soghoian, a privacy advocate and research fellow at the Center for Applied Cybersecurity Research at Indiana University. “But it is not a trivial thing to re-engineer their systems.”

This year he filed a complaint with the Federal Trade Commission, claiming Google was leaking personal information because search terms appeared in its referrers.

The latest issue may have had particular resonance with Facebook users because the company has been reeling from a series of privacy controversies, in part because it has been subtly pushing users to share data more publicly.

This year, for example, many users complained when Facebook changed the way in which users expressed preferences for certain movies or bands, essentially making it more difficult to keep thatinformation private.

And in May, after a series of complaints from some users and privacy advocates, the company made wholesale changes to its privacy settings.

Mark Zuckerberg, the company’s chief executive, apologized to users, saying the settings were often too complicated for people to understand. Despite the changes, the privacy issue has continued to dog Facebook.

“This is one more straw on the camel’s back that suggests that Facebook needs to think holistically not just about its privacy policies, but also about baking privacy into their technical design,” said Deirdre Mulligan, a privacy expert and professor at the School of Information at the University of California, Berkeley. （Source：nytimes）