Whenever you hear about third-party Facebook apps making the news in a privacy-related context, it’s usually not good. But that’s not really the case with Facebook’s latest viral app, which has all the elements of a perfect data heist but is surprisingly safe to use.
You’ve probably seen Vonvon’s Most Used Words popup more than once in your Facebook timeline: It’s an app that mines through the stuff you’ve posted on Facebook and then gives you a graphical representation of the words you’ve used most inside Facebook.
To do that, the developer needs access to a bunch of your data – otherwise it can’t return any results. But Vonvon apparently decided to take a lot more than it really needs, even though it’s not doing anything with it for the time being. It’s not even collecting it.
According to Time, Vonvon’s app needed access to your name, profile picture, age, sex, birthday and any other public info. Furthermore, the app required access to entire friend lists, all timeline posts, all photos and photos the user is tagged in, education history, hometown and current city, likes and IP address. Yikes! All that just so it can tell you what your most used words inside Facebook are?
The quiz app quickly went viral, with 17.5 million users having given it permission to access all that data in just five days. However, in the two days after media started inquiring about Vonvon’s decision to access so much user data, fewer than 300,000 people have tried it.
Yet Vonvon says it isn’t collecting that personal data and it’s not selling any data to other companies.
Vonvon president David Hahn says that it simply wants access to all that data so that future apps created by the company will work seamlessly, as existing users would not have to constantly agree to new apps accessing certain parts of their Facebook history and activity. That explanation sounds plausible, but it’s not necessarily reassuring.
Of course, there’s always the chance that Vonvon does collect data, or plans to do it in the future. And the same thing might be valid for any other Facebook app that would show a similar behavior. “Without looking at every single line of the code, you can’t be 100% sure,” EFF’s Jeremy Gillula said. “There’s certainly no easy way for users to be sure.”
Vonvon is a startup that launched in March that engaged more than 200 million users with its viral content. So the company is likely more interested for the time being in establishing trust with a growing community of users rather than having to deal with an online privacy fiasco.
“We are dedicated to create fun, engaging, and innovative contents while respecting our users’ privacy, and we hope our users will trust us in our efforts to creating a fun and safe platform for everyone to use,” Hahn said.
To show it wants to protect user privacy, Vonvon updated Most Used Words to request only access to public information that’s available on Facebook, including friends list and timeline data.