Facebook Apps do collect your email ids and recently, a Mozilla blogger blogged about his experience of buying a million Facebook email addresses for only $5.
And surprisingly, most of these were real email ids.
There are sites (like this one) that sells not just Facebook App data but also Twitter active users (collected from Twitter apps):
“The information in this list has been collected through our Facebook apps and consists only of active Facebook users, mostly from the US, Canada, UK and Europe. There are users from other countries as well but they are almost exclusively English speaking as well, as all the apps we provide are written in English and to use them properly one needs to read the instructions. The list is checked and validated once a month so you won’t get a list full of invalid or duplicate email addresses. Whether you are offering a Facebook, Twitter, social media related or otherwise a general product or service, this list has a great potential for you. Finally, the list is in a zipped excel format split into 12 sheets, each sheet containing roughly 100,000 email addresses with name, last name and facebook profile information separated with comma.”
These apps essentially harvest email addresses and sell them in the open market. And it’s not just one site, but there are several such sites that are selling anywhere between 1,00,000 – 4,00,000 Facebook profile details in the open market.
Scary? Well, yes. But then, privacy on the web is highly oxymoronic and you might just have to control your urge to start using each and every app (and allow full permission to the account).
What about Facebook/Twitter? Will they ever crackdown on such practices? It’s actually very hard to, unless they build a proxy messaging service on top of user email id.