A viral Facebook quiz that helps determine people’s most-used words requires a large number of permissions during the sign-up process.
Created by a company called Vonvon.me, the quiz (which we won’t link to here) asks that you sign up to complete it by entering in your Facebook login credentials. According to the company’s website, over 17 million people have already agreed and taken the quiz.
Once you log in, you are required to hand over several bits of personal information about yourself. Those include the following:
- Profile picture
- Current city
- Educational history
- IP address and other information relating to their device
You are also granting the company permission to store your information on servers all over the world, including in locations where your data might not be adequately protected.
Perhaps most alarmingly, although Vonvon says that it will not share personal information with third-party companies unless you give it permission to do so, this clause does come with a caveat:
That doesn’t appear to be stopping some in the media from promoting the quiz, inviting readers to try it out for themselves.
Since Comparitech first broke the story about this quiz, labeling it a “privacy nightmare”, Jonghwa Kim, CEO of Vonvon, has issued a statement in which he explains that his company stores personal information only “to generate your results” and “for entertainment purposes.”
As for selling data to third-parties, Kim flat out denies what he calls a “misleading accusation”:
“As we do not store any personal information, we have nothing to sell. Period,” Kim explains.
As we all know, this is not the first Facebook app that has demanded excessive permissions from its users.
Indeed, as noted in the LA Times by Claire Gartland, who serves as consumer protection counsel at the Electronic Privacy Information Center, “there are countless apps just like this that collect just as much information.”
That being said, it might be worth our time to review what we have linked to our social media accounts now and then.
To tweak the bits of information to which your Facebook apps have access, click on the lock icon on Facebook’s top right corner. Next go to “See More Settings”, followed by the “Logged in with Facebook” list under the Apps section. You can then click “x” to remove apps you don’t trust or recognize.
In the long term, it might be a wise decision to also stop filling out those stupid Facebook quizzes altogether.
If you are on Facebook, and want to be kept updated with news about security and privacy risks, and tips on how to protect yourself online, join the Graham Cluley Security News Facebook page.