14 DAY TRIAL // Facebook announced that it has suspended several developers for a period of six month after determining that they leaked user IDs (UIDs) to data brokers in exchange of money.
Two weeks ago, news broke out that many Facebook application, including all of the top ten ones, were transmitting UIDs to their advertising partners in referrer headers.
UIDs are unique identifiers that can be used to access the profile of a user, which at the least, can contain their name and picture.
One implication of advertisers and data brokers receiving UIDs, is that they could link ad clicks to people and build databases about them and their interests.
Facebook said at the time that in most cases the transmission was unintentional and even though this problem stems from the way the browsers work, the company came up with a technical solution to prevent it in the future.
However, it seems that not all developers were so innocent. "As we examined the circumstances of inadvertent UID transfers, we discovered some instances where a data broker was paying developers for UIDs," wrote Facebook's Mike Vernal on the Developer Blog.
"[…] We are taking action against these developers by instituting a 6-month full moratorium on their access to Facebook communication channels, and we will require these developers to submit their data practices to an audit in the future to confirm that they are in compliance with our policies," he added.
Mr. Vernal further stressed that less than a dozen developers were suspended and that none of them have applications in the top ten.
Facebook also plans to strengthen its policy governing how developers use data, to prohibit distributing UIDs outside of applications or the infrastructure (servers) required to run them.
The company has asked the advertising networks operating on the platform to delete any acquired UIDs and has reached an agreement with RapLeaf, the data broker at the heart of the scandal, to do the same.