May 17th, 2008 | Published in Google Code
We figured you might be tracking the conversations about Google Friend Connect and Facebook. We want to help you understand a bit more about how it works on the Friend Connect side with respect to users' information.
People find the relationships they've built on social networks really valuable, and they want the option of bringing those friends with them elsewhere on the web. Google Friend Connect is designed to keep users fully in control of their information at all times. Users choose what social networks to link to their Friend Connect account. (They can just as easily unlink them.) We never handle passwords from other sites, we never store social graph data from other sites, and we never pass users' social network IDs to Friend Connected sites or applications.
The only user information that we pass from a social networking site to third-party applications is the user's public photo, and even that is under user control.
That's the high-level view. But what about the details? Here is more information on exactly how Friend Connect interacts with third-party social networks and applications.
- Google Friend Connect puts users in control over whether they're connected to their data on Facebook.
- Google Friend Connect only reads a small amount of user data from Facebook, and does so using Facebook's public APIs. We read the Facebook numeric id, friendly name, and public photo URLs of the user and their friends. We read no other information.
- The only user information that we pass from Facebook to third-party applications is the URL of the user's public photo.
- Google Friend Connect does not permanently store any user data retrieved from Facebook.
We behave like any other caller of the Facebook API. (See the Facebook developer api documentation for details.) When a user links their Facebook account with Google Friend Connect they must consent to this on Facebook itself. Here is the set of screens a user goes through:
First, the user must click "Link in Facebook friends":
Next a user sees this screen. This screen is from Facebook (notice the URL of the page shows
The user is then asked for their Facebook username and password on Facebook. (Note that Google Friend Connect does not have access to the user's Facebook username and password.) If the user logs in successfully, Facebook returns a session key to Google Friend Connect, and the user sees this screen:
This screen also comes from Facebook. On this screen the user is asked to consent to allowing Google Friend Connect to access some of their personal information. The user can choose to allow this access or not.
The user can easily unlink their Facebook account from Friend Connect. This can be accomplished in two ways:
From the Friend Connect settings dialog:
And from within Facebook's own Applications Privacy screen:
2) Google Friend Connect only reads a small amount of user data from Facebook, and does so using Facebook's public APIs. We read the Facebook numeric id, friendly name, and public photo URLs of the user and their friends. We read no other information.
If a user decides to link their Facebook account to Google Friend Connect, we ask Facebook for a small amount of user information. Here's an example of what might be returned:
Example data retrieved from Facebook (NOT passed to third-party apps):
This data is made up of the following fields:
- A Facebook user ID (e.g.
500013789) that is used when Google Friend Connect communicates with Facebook. The unique ID is a number assigned by Facebook -- it is NOT the user's username or their phone number. The unique ID contains no personal information.
- A session-key (e.g.
31415926535) which is a unique number provided by Facebook, that Facebook uses to track and control what data is exposed to Google Friend Connect for the logged-in user.
- The user's friendly name as they entered it in Facebook (e.g. "Peter Chane"). This is typically a first and last name.
- A URL to the user's public Facebook picture (e.g.
http://profile.ak.facebook.com/profile5/1038/101/s500013789_4207.jpg). If the user set their picture to be private on Facebook then Google Friend Connect does not receive the picture. Again the picture used by Google Friend Connect is public and is easily viewed by anyone on the web.
- A list of Facebook user IDs for each of the user's friends on Facebook. For each friend, Google Friend Connect retrieves the friend's Facebook picture-URL and name.
Applications that run on Friend Connect sites (e.g. the iLike application that runs on www.ingridmichaelson.com) have access to a subset of the information that is requested by Friend Connect from social networks such as Facebook. Applications are passed the following data from Friend Connect:
- Your Google Friend Connect ID. This is a number. It is not a name, and it is not your ID from Facebook or any other social network.
- Your nickname that you entered in Friend Connect. (NOT your friendly name from Facebook or any other social network.)
- The URL to your public photo from Facebook or another social network. And only if you've chosen to make that photo public on the social network. (Note that Facebook includes the user's Facebook ID in the URL of their profile photo. We intend to obfuscate this URL in a future release of Friend Connect.)
- The Google Friend Connect IDs (and Friend Connect nicknames, and photo URLs from linked social networks) of any of your friends who are also members of this site. (Not all of your social network friends. Not their social network IDs.)
4) Google Friend Connect does not permanently store any user data retrieved from Facebook.
Google Friend Connect purges all of the data it receives from Facebook frequently. The Facebook terms state that application developers should do this every 24 hours; we do it more often (currently every 30 minutes) because we don't want to store this data any longer than we absolutely need it.
Thanks for your interest in Friend Connect!
Peter, Sami, Mussie