Here’s the email I sent to Consumerist about the situation. I decided to post it here on Skepchick in case anyone else was thinking of giving Facebook their cell phone number:

Facebook just published my cell phone number on my profile without my permission. To give an idea of how much that sucks, know that I have 2,200 “friends”, since I have a high-traffic web site and a popular podcast, so I add (pretty much) everyone who says they’re a fan. For that reason, I’ve always kept my private information off the site, except for a catch-all email address.

What happened: Today, I noticed that my Facebook status was not being updated with my Twitter updates (they’ve been linked for many months now). I logged on to Facebook to update my status manually, but was stopped by a Captcha request. The pop-up explained that this was to stop potential spammers, and that if I wanted to avoid future Captcha requests, I could verify my account so Facebook would know I’m a real person.

That seemed fair enough, and I’ve gone through similar steps on other sites with no problem. I clicked on the “more info” link, read everything to be confident my information would remain private, doublechecked to make sure it was actually Facebook asking for the info, and then went ahead and entered my number. I got the text, entered it, and “verified” my account. At no time did I manually change my profile information.

A few hours later, I received a message on Facebook asking if that was really my number on my profile. That’s when I saw that my number had been made public, and an update had been sent to all my Facebook friends saying that I had entered my phone number.

I’ve no idea who got the number before I deleted it. I’ll be changing my number soon in order to avoid prank calls and crazy stalkers and well-meaning fans, which is going to be a huge pain. Mostly I’m just shaken and upset that the site would do such a stupid thing with personal information, and am now weighing my options about shutting down my profile, which would be a shame since I find it so helpful to keep in touch with both friends and fans.

I thought that since Consumerist started the ToS uproar, you may be interested in this, and I’d be interested to known if anyone else has had this happen to them. One of my Twitter followers just posted that his Facebook friend feed is suddenly full of notices from friends adding their cell phones – how many of them know their numbers are public?

Thanks for your great site. I’ll let you know if I get a response from Facebook (my email is below).

Rebecca Watson

+++

And my letter to [email protected]:

Your system just published my cell phone number without my permission. I was asked to “verify” my account to avoid entering a Captcha every time I update my status, and two hours later someone messaged me to tell me that my cell phone number is freely available on my profile page.

Your FAQ says;

Will my phone number be displayed in my profile?

Your number is only shown if you entered the number in your profile contact info. From the Contact tab of the Edit My Profile page, you can determine what contact information is displayed on your profile and who is permitted to see this information.

Please explain how this happened.

Rebecca Watson

+++

Here’s sort of what the screen looks like (similar text but in my case it was in a pop-up window. This is a screenshot I took after removing my phone number from their system. If anyone has an actual shot of what the pop-up looks like, I’d love to see it). Notice the lack of warning that your number is about to be publicized.

So, yeah. Don’t trust Facebook, I guess. Surprise.

Rebecca Watson

Rebecca Watson

Rebecca leads a team of skeptical female activists at Skepchick.org and appears on the weekly Skeptics' Guide to the Universe podcast. She travels around the world delivering entertaining talks on science, atheism, feminism, and skepticism. There is currently an asteroid orbiting the sun with her name on it. You can follow her every fascinating move on Twitter or on Google+.

Previous post

Afternoon Inquisition 2.19

Next post

Darwinian Playlist Winner

29 Comments

  1. Avatar of Truenorth
    February 19, 2009 at 8:01 pm —

    That is totally wrong Rebecca, I received a text from FB because I hadn’t been using my phone to update them and it came with a link that I had to follow if I wanted to keep it active, I’m glad I thought twice about that.

    I hope nobody harasses you, seriously, and you are right to change your phone number, because you can’t be too careful in a situation like this.

  2. Avatar of geek goddess
    February 19, 2009 at 8:06 pm —

    That sucks. I just checked, and my number isn’t listed in my profile. If I see anything weird, I’ll send a letter to the, as well.

  3. Avatar of Kimbo Jones
    February 19, 2009 at 8:09 pm —

    Note to self…

    Gah that is major suck. What is going on with them these days? They are being unusually careless.

  4. Avatar of jsg
    February 19, 2009 at 8:20 pm —

    I haven’t listed any phone or snail mail address in my profile. — Course I don’t text from my cell phone either.

    Actually I blocked all text messages from my phone after I started getting porno spam SMS messages from one of the companies that does downloadable ring tones.

  5. Avatar of Cygore
    February 19, 2009 at 8:31 pm —

    Facebook has never asked for my phone number. Are you sure this was Facebook that was asking for your number?

  6. Avatar of Rebecca Watson
    February 19, 2009 at 8:36 pm —

    @Cygore: Yes.

  7. Avatar of Steve D
    February 19, 2009 at 8:40 pm —

    What probably happened is this:
    1. existing feature: entering your phone number causes it to show in your profile
    2. new feature: use your phone number to verify your account
    3. new feature stores phone number in same place as existing feature
    4. unintended consequence: using new feature triggers existing feature

    I’m sure Facebook will come out with a plausible explanation but the most likely cause is this: They pushed the new feature through without adequate regression testing.

  8. Avatar of Gold
    February 19, 2009 at 9:01 pm —

    The ToS and privacy policy were the reasons I’ve never created an account with facebook. I’ll be very interested in knowing how you go about deleting your account. As I understood things FB _never_ delete anything. They’ll update details, allow posts to be edited or removed; but the original copies of the data are retained.

  9. Avatar of James Fox
    February 19, 2009 at 9:12 pm —

    @Rebecca: Sorry about the irritation.

    Having never had a phone number associated with my Facebook account I was wondering if your situation was due to your cell phone being used with Flicker ?

  10. Avatar of familyman
    February 19, 2009 at 9:39 pm —

    Facebook “platform applications” bother me. I don’t like the idea that I am giving access to third-party developers by using their silly tool. What developers? How are they using my information?

    I think facebook could do a better job protecting privacy. Disclose who is getting my information, what information they are getting, and how the information will be used.

    According to the Terms of Use:

    The Facebook Platform is a set of APIs and services provided by Facebook that enable third-party developers (“Platform Developers”) to create websites and applications that retrieve data made available by Facebook and its users and/or that retrieve authorized data from third-party sites for use on the Facebook Site (“Platform Applications”)

  11. Avatar of Plittle
    February 19, 2009 at 10:15 pm —

    I have never “downloaded” any “applications” from Facebook. I don’t poke anyone. I don’t superpoke anyone. I don’t play scrabbulous, or whatever the hell it is. I maintain a profile for the express purpose of searching out old school chums, and that’s it. As far as I’m concerned, Facebook is one monster demographics collection agency. Ever wonder where their income stream comes from? It certainly isn’t from a few little ads here and there on their pages. They sell your personal information – and every single thing they do is designed to get you to part with more and more of your personal information.

  12. Avatar of Vene
    February 19, 2009 at 10:36 pm —

    I am so glad I deleted my FB account.

  13. Avatar of Vene
    February 19, 2009 at 10:37 pm —

    Also, obligatory joke about violating Rebecca.

  14. Avatar of Cola Johnson
    February 19, 2009 at 10:49 pm —

    Thanks for the heads up. I don’t have a lot of “friends” on Facebook, but there are some people I’d rather didn’t have access that information.

    I also don’t download any of those silly applications. I did a few times, early on, but they seemed so pointless and they were always bugging me about sending crap to more people. Pretty much the only thing I do with my account anymore is use the button on Failblog to post their stuff. Especially stuff I think might upset my family.

  15. Avatar of covertvector
    February 19, 2009 at 11:51 pm —

    @Vene:
    Why is this funny? Or worth joking about?

  16. Avatar of eddie
    February 20, 2009 at 2:41 am —

    Simple solution, Rebecca.

    Just don’t be so damned popular and no one will care.

    See how easy that was?

  17. Avatar of moopet
    February 20, 2009 at 3:19 am —

    Coincidentally, my phone number appeared on my facebook page yesterday. It could be that it was always in the account and I never noticed, because I’m not exactly a facebook power user. But, yesterday evening, I noticed someone else’s number on their profile, and I was very surprised to see mine available to all my contacts. That’s new, I think. Not being an international jetsetter, I don’t particularly care from that point of view, but I do care that it seems to have been explicitly published without warning me.

    It sucks that you need to change your number, but it’s a very good idea.

    Relatedly, and as a top tip, I use a greasemonkey script called unfuckfacebook to automatically hide and block any applications and application requests.

  18. Avatar of neverclear5
    February 20, 2009 at 5:39 am —

    I’m one of the people who commented on your facebook status. I noticed it pop up and thought ‘I’m not sure if strangers like myself should be privy to this sort of information?’ I didn’t write it down anyway, I like to do my stalking the traditional way, with trench coats, wide brimmed hats and newspapers with eye holes cut in.
    I wonder what percentage of newspaper sales is made up of those seeking covert snooping equipment? Damn, now that’s going to bother me all day.

  19. Avatar of Bjornar
    February 20, 2009 at 5:53 am —

    Keeping track of who I’m sharing what with on facebook is a hassle. On the other hand it’s fun. But at some point in the not too distant future I might have to ditch all the “friends” I have who shouldn’t have access to everything, since I don’t really trust facebook to keep stuff from those I think I’ve told it to keep it from.

    Oh, and apropos stalking: http://www.youtube.com/watch?v=XxwNIyJ2mDM

  20. Avatar of Steve D
    February 20, 2009 at 7:00 am —

    @eddie: Yeah, that’s always worked for me.

  21. Avatar of QuestionAuthority
    February 20, 2009 at 8:36 am —

    I’m sorry to hear that, Rebecca. That’s especially scary in your case, because of your high profile.

    I’ve been careful about FB, but it just goes to show that “careful” isn’t enough. If Rebecca can have this happen (a tech-savvy person), what about the less tech-savvy among us?

  22. Avatar of durnett
    February 20, 2009 at 9:30 am —

    This is the way the universe ends…
    This is the way the universe ends…
    …not with a bang, but with a piece of screwed up computer code.

  23. Avatar of Steve D
    February 20, 2009 at 9:36 am —

    @durnett: There are some who say that the universe is a piece of screwed up computer code.

  24. Avatar of marilove
    February 20, 2009 at 9:51 am —

    @Vene: Yeah that wasn’t funny.

  25. Avatar of taypro
    February 20, 2009 at 11:27 am —

    The same thing happened the other day when I used my boyfriends phone to verify the facebook account for one of my dogs.

    The price you have to pay for enabling your pets to network! sheesh!

    But I noticed it right away and deleted the number.

    And he hasn’t received any calls for my dog so far. That I know of…

  26. Avatar of durnett
    February 20, 2009 at 11:38 am —

    @Steve: There are some who say that the universe is a piece of screwed up computer code.

    That’s just silly. Everyone knows that we’re all a holographic projection from outside the edge of the universe .

  27. Avatar of CyberLizard
    February 20, 2009 at 12:01 pm —

    That’s very strange. I’ve activated my phone for fb mobile but my number is empty in my contact information. I’ll have to keep an eye on it.

  28. Avatar of jen729w
    February 22, 2009 at 3:36 am —

    One more reason I’m glad I cancelled my fb account about 4 months ago.

    It’s just too much. Information sharing is one thing, but when everybody seems to know everything that I do – often, it seems, before I do – then there’s a line to be drawn.

    I’ve been “dry” now for a while and apart from missing a few events (people assume everybody is on stalkerbook and don’t bother inviting you by any other means) I can honestly say I haven’t missed it a bit.

    The recent ToS event, plus this story, just makes me all the more glad I did what I did. Sorry for ya, Rebecca…

  29. Avatar of goldenchild
    February 22, 2009 at 7:55 pm —

    I also deleted my Facebook account over 7 months ago after reading their Terms and Conditions. I agree with Steve, this is a result of poor testing by facebook testing team (if they even have one).

    I can understand that you don’t want to remove your facebook account as its a great marketing/contact tool especially since its a good way to appear closer to your fans/friends, but I would recommend deleting it and not using it again. There are other ways your fans and personal contacts can stay in touch with you.

    I find it offensive that a lot of these social sites give just lip service to the uses privacy, this is yet another example of it.

Add Comment Register



Leave a reply