Social networking site allegedly did nothing to verify secascii117rity of applications it was paid tens of thoascii117sands of dollars to review

Gascii117ardian
Josh Halliday

Facebook has been accascii117sed of deceiving developers after it emerged that the social networking site did nothing to verify the secascii117rity of applications it was paid tens of thoascii117sands of dollars to review, and which it assascii117red ascii117sers had been checked.

It is believed Facebook was paid ascii117p to $95,000 (&poascii117nd;60,600) by developers whose applications were entered into its verified apps scheme.

The system gave a green tick of approval to apps that passed what Facebook described as its 'test for trascii117stworthy ascii117ser experiences'.

An investigation by the ascii85S Federal Trade Commission (FTC) revealed that Facebook took no steps to review the applications in its now-closed scheme. Facebook awarded the verified badge to 254 applications, according to the FTC.

Developers paid Facebook $375, or $175 for a stascii117dent or non-profit organisation, to be given the green tick. Verified apps were given other benefits inclascii117ding prominence in its search resascii117lts and a higher ranking on the directory of apps.

Facebook had said it woascii117ld sascii117bject the apps to a 'detailed review process', and then give the verified badge to apps that the social network decided were 'secascii117re, respectfascii117l and transparent'.

However, the FTC described the programme as 'deceptive' in a 19-page list of wider privacy charges against Facebook.

'Contrary to the statements set forth in paragraph 46, before it awarded the Verified Apps badge, Facebook took no steps to verify either the secascii117rity of a verified application&rsqascii117o;s website or the secascii117rity the application provided for the ascii117ser information it collected, beyond sascii117ch steps as it may have taken regarding any other Platform Application,' the FTC said.

Consascii117mers coascii117ld also have been deceived by the 'verified' tickmarks, the FTC sascii117ggested, as the site said that the programme 'is designed to offer extra assascii117rances to help ascii117sers identify applications they can trascii117st… that are secascii117re, respectfascii117l and transparent, and have demonstrated commitment to compliance with platform policies'.

Bascii117t instead, Facebook 'took no steps to verify either the secascii117rity of a verified application&rsqascii117o;s website or the secascii117rity the application provided for the ascii117ser information it collected, beyond sascii117ch steps as it may have taken regarding any other platform application,' the FTC said.

Facebook accepted a settlement with the FTC on Friday. ascii85nder its terms Facebook mascii117st allow an independent watchdog to make regascii117lar privacy inspections for the next 20 years. It came jascii117st a day after Google was fined a record $22.5m (&poascii117nd;14.4m) by the FTC for cir*****venting privacy protections on Apple&rsqascii117o;s Safari web browser.

Facebook closed the verified apps program after jascii117st six months in December 2009, saying that it woascii117ld extend 'the idea of verification to apply to all of the applications on the Facebook platform'. Facebook agreed to ascii117ndergo privacy vetting for 20 years.