Facebook Most-Used Words Quiz Causing 'Privacy Nightmares'

What is the price for knowing your most-used words on Facebookare? Your entire Facebook life, it seems.

If you’ve seen posts about the My Most Used Words quiz on Facebook, you might have been enticed to find out what words occur most frequently in your status updates and see those very words as a “word cloud.” But the app that does the counting is a "privacy nightmare," according to Paul Bischoff of consumer tech website Comparitech — and it’s not the only app creating privacy issues on Facebook.

Over 16 million Facebook users reportedly signed up for the app in just a few days after launch, and all these users are laying their private data on the table for Vonvon.me, the company that developed the app, to see.

So that you can use the app, you need to grant permission by authenticating via Facebook for Vonvon.me to access your basic info such as name, profile photo, age, gender and birthday. The app also requests access to the complete list of your Facebook friends, all of your timeline posts, as well as all your photos and those that you’re tagged in. Apparently, it also needs your educational information, hometown and location information, Liked items, IP address and device information.

The app technically requires only your public profile and timeline posts. You can modify the permissions you grant to the app before you start playing the quiz, but how many users review the permissions dialog before clicking the OK button?

Privacy policy issues

Bischoff’s breakdown of Vonvon’s privacy policy revealed several worrisome loopholes. Even if you decide to stop using the app, you can't take back the non-personally identifying information you have already divulged by signing up for the app.

Another issue concerns where your information is stored: anywhere Vonvon likes, which may include locations not covered by strict privacy regulations or that have a loose regard for online privacy.

The app’s privacy policy allows Vonvon to profit from your data, but it won’t share your data unless you assent or have been notified about it. Since such notice can apparently be done through the privacy policy itself, you have practically given your assent just by using the app — at least, according to Bischoff’s interpretation. Worse than that, Vonvon washes its conscience clean of whatever happens to your information once it's been shared or sold.

Vonvon’s CEO replies

In response to Bischoff’s allegations, Vonvon CEO Jonghwa Kim explained that your school and hometown information is used by the “What do people talk behind my back?” quiz to identify friends who are close to you rather than pick random friends from a friends list that could contain hundreds or thousands of users. The information is not stored in Vonvon databases, according to Jonghwa.

Jonghwa justified the app’s rather extensive list of permission requests by saying that the data are used to “produce the most engaging and customized result” as the company develops entertaining quizzes. He strongly emphasized that user data are not saved but used only for content production.

Jonghwa likewise denied selling personal information. “[We] have nothing to sell. Period,” he wrote to Comparitech. Differentiating between personal information and non-identifying information, Jonghwa also suggested that collection of the latter data type is a common practice among companies.

Jonghwa condemned as “far-fetched” Bischoff’s allegation of sending personal information to “countries without strong privacy laws.” The CEO insisted that privacy clauses about storing data in servers in any location are standard clauses in the age of cloud computing. Moreover, Jonghwa stressed that Vonvon discloses personal information only when the law demands it. Jonghwa pointed out Bischoff’s omission of portions in the privacy policy that mention such details. Jonghwa, however, admitted that Vonvon’s privacy policy a few months ago did include a clause about sharing personal information to “trusted business partners,” but the company has since removed it.

Keeping your personal info private

Bischoff — as does Techlicious — believes that avoiding quizzes requiring Facebook authentication is a reliable way to protect the privacy of your Facebook data. If you really want to authenticate a Facebook app, double-check its terms and policies and always review its permission requests. Steer clear of apps or developers you don’t trust. It might even be a wise move to review the list of apps that you’ve previously authenticated. Just click on the padlock icon on the top-right corner of Facebook’s web version, then click on “See more settings” to open the settings page. Click on “Apps” from the left sidebar to see your authenticated apps and remove whatever app that you don’t recognize.

For more ideas on how to protect your privacy on Facebook, see our comprehensive guide.

[Image credit: Security concept: magnifying optical glass with Opened Padlock icon via Shutterstock ]

Privacy, News, Computers and Software, Software & Games, Computer Safety & Support, Blog, Facebook