Invisible
JF Admin
- Feb 26, 2006
- 16,286
- 8,380
Details of 100m Facebook users collected and published
By Daniel Emery
Technology reporter, BBC News
28 July 2010
The torrent is attracting hundreds of downloads
The personal details of more than 100 million Facebook users have been harvested and published on the net.
Ron Bowles, an online security consultant, used a simple piece of code to collect the data from Facebook.
The list, which has been shared as a downloadable file, contains the URL of every searchable Facebook user's profile, their name and unique ID.
Mr Bowles said he published the data to highlight privacy issues, but Facebook said it was already public information.
The file has spread rapidly across the net.
On the Pirate Bay, the world's biggest file-sharing website, the list was being distributed and downloaded by more than 1,000 users.
One user, going by the name of lusifer69, described the list as "awesome and a little terrifying".
In a statement to BBC News, Facebook said that the information in the list was already freely available online.
"People who use Facebook own their information and have the right to share only what they want, with whom they want, and when they want," the statement read.
"In this case, information that people have agreed to make public was collected by a single researcher and already exists in Google, Bing, other search engines, as well as on Facebook.
"No private data is available or has been compromised," the statement added.
'Privacy confusion'
But Simon Davies from the watchdog Privacy International told BBC News that Facebook had been given ample warning that something like this would happen.
"Facebook should have anticipated this attack and put measures in place to prevent it," he said
"It is inconceivable that a firm with hundreds of engineers couldn't have imagined a trawl of this magnitude and there's an argument to be heard that Facebook have acted with negligence, he added.
Mr Davies said that the trawl of data fed into "the confusion of the privacy settings".
"People did not understand the privacy settings and this is the result," he said.
Earlier this year there was a storm of protest from users of the site over the complexity of Facebook's privacy settings. As a result, the site rolled out simplified privacy controls.
Facebook has a default setting for privacy that makes some user information publicly available. People have to make a conscious choice to opt-out of the defaults.
"It is similar to the white pages of the phone book, this is the information available to enable people to find each other, which is the reason people join Facebook," said a spokesman for the firm.
"If someone does not want to be found, we also offer a number of controls to enable people not to appear in search on Facebook, in search engines, or share any information with applications."
But Mr Davies disagreed, saying the default settings should be changed.
"This highlights the argument for a higher level of privacy and proves the case for default nondisclosure," he said.
"There are going to be a lot of angry and concerned people right now who be wondering who has their data and what they should do."
However, Mr Davies pointed out that this was something of an "ethical attack" and that more personal information, such as email addresses, phone numbers and postal addresses had not been included in the trawl.
Do you use Facebook and is your profile public? Are you concerned about your privacy on social networks? Are you affected by any other issues raised in this story?
By Daniel Emery
Technology reporter, BBC News
28 July 2010
The torrent is attracting hundreds of downloads
The personal details of more than 100 million Facebook users have been harvested and published on the net.
Ron Bowles, an online security consultant, used a simple piece of code to collect the data from Facebook.
The list, which has been shared as a downloadable file, contains the URL of every searchable Facebook user's profile, their name and unique ID.
Mr Bowles said he published the data to highlight privacy issues, but Facebook said it was already public information.
The file has spread rapidly across the net.
On the Pirate Bay, the world's biggest file-sharing website, the list was being distributed and downloaded by more than 1,000 users.
One user, going by the name of lusifer69, described the list as "awesome and a little terrifying".
In a statement to BBC News, Facebook said that the information in the list was already freely available online.
"People who use Facebook own their information and have the right to share only what they want, with whom they want, and when they want," the statement read.
"In this case, information that people have agreed to make public was collected by a single researcher and already exists in Google, Bing, other search engines, as well as on Facebook.
"No private data is available or has been compromised," the statement added.
'Privacy confusion'
But Simon Davies from the watchdog Privacy International told BBC News that Facebook had been given ample warning that something like this would happen.
"Facebook should have anticipated this attack and put measures in place to prevent it," he said
"It is inconceivable that a firm with hundreds of engineers couldn't have imagined a trawl of this magnitude and there's an argument to be heard that Facebook have acted with negligence, he added.
Mr Davies said that the trawl of data fed into "the confusion of the privacy settings".
"People did not understand the privacy settings and this is the result," he said.
Earlier this year there was a storm of protest from users of the site over the complexity of Facebook's privacy settings. As a result, the site rolled out simplified privacy controls.
Facebook has a default setting for privacy that makes some user information publicly available. People have to make a conscious choice to opt-out of the defaults.
"It is similar to the white pages of the phone book, this is the information available to enable people to find each other, which is the reason people join Facebook," said a spokesman for the firm.
"If someone does not want to be found, we also offer a number of controls to enable people not to appear in search on Facebook, in search engines, or share any information with applications."
But Mr Davies disagreed, saying the default settings should be changed.
"This highlights the argument for a higher level of privacy and proves the case for default nondisclosure," he said.
"There are going to be a lot of angry and concerned people right now who be wondering who has their data and what they should do."
However, Mr Davies pointed out that this was something of an "ethical attack" and that more personal information, such as email addresses, phone numbers and postal addresses had not been included in the trawl.
Do you use Facebook and is your profile public? Are you concerned about your privacy on social networks? Are you affected by any other issues raised in this story?
