When the Wall Street Journal pointed out the privacy breaches of certain Facebook game companies a few weeks ago, LOLapps was among those named because its apps had been suspended the night prior. Now it appears both they and a handful of other developers are faced with a six month block from communication channels, which can be described as posts on Facebook walls and invitations to friends.
Anyone who has played a Facebook game knows that this is a primary source of advertising for these games. Unless you read game blogs dedicated to social network gaming, and I doubt most Facebook users who play these games do, you most likely get invitations from a friend who wants some help, or see something that piques your interest when it shows up in your news feed.
Mike Vernal, of Facebook, wrote a post examining and explaining this move, from which I found this paragraph intriguing:
As we examined the circumstances of inadvertent UID transfers, we discovered some instances where a data broker was paying developers for UIDs. While we determined that no private user data was sold and confirmed that transfer of these UIDs did not give access to any private data, this violation of our policy is something we take seriously. As such, we are taking action against these developers by instituting a 6-month full moratorium on their access to Facebook communication channels, and we will require these developers to submit their data practices to an audit in the future to confirm that they are in compliance with our policies. This impacts fewer than a dozen, mostly small developers, none of which are in the top 10 applications on Facebook Platform.
The last paragraph is perhaps key to my confusion about this issue. One of the developers implicated during this examination was Zynga, who is by no means a small developer, and surely has a top 10 application on Facebook. Their mention of facing anything similar is absent. As of now, this could be due to any number of reasons: Facebook is not providing direct details on the subject matter, Zynga is too much of a cash cow for Facebook to try such, or Zynga may have only been sharing private data, but not actively selling it, of which LOLapps has been accused.
According to the Gamasutra report on the topic, which they found from Inside Facebook, they have verified the following developers facing this punishment: LOLapps, My Friend Web, Mappdev, and My Top Fans.
The caveat being that LOLapps's recently released Ravenwood Fair is exempt from such a communications block. While no definitive answer is apparent, it may well be because the game launched after the privacy breach issue was found, therefore being an app exempt from complicity (though the company itself still is).
Rapleaf, the data broker seemingly most implicated, has agreed to delete all their information, as well as not using Facebook for its data gathering in the future.
While Facebook's post seems to be worried about user data privacy, and strikes all the right chords, the lack of full disclosure still leaves me with a fairly substantial amount of doubt.