Open your phone and look at your contacts list. Seems normal, right? Scroll through a bit more and, if you have Facebook (News - Alert) installed, you might start to notice that it has conveniently placed contact information from your friend’s list on your phone. It’s a nice feature, but one with another side to it.

A recent data breach has revealed that Facebook is compiling what are being called “shadow profiles” that contain data about users not willingly given to the network. Facebook already uses your likes, interests and relationships to market products to you, even going so far as to follow your behavior outside of the social network. The breach was posted as a Friday press release in an obvious attempt at downplaying the significance of the event, but reporters busted the story over a month ago.  

Business Insider calls Facebook a “Giant spy machine” run by Mark Zuckerberg (News - Alert). They say that even though he was not the first to build it, he built the best mouse trap.

PRISM and Facebook

A personal statement from Zuckerberg’s Facebook page expressed outrage over allegations that Facebook was a part of PRISM. His statement mirrored one from Google (News - Alert), which asserted that Facebook does receive requests for data and reviews each request carefully before deciding whether to comply. A long-time advocate of transparency, in a gaffe Zuckerberg once argued that privacy was dead, his argument appears to be in support of government transparency.

Yet Facebook would be the ideal place to mine information from the public. Data is given willingly, even categorized manually so that others rarely need to review it. The community largely polices itself, reporting posts that are harmful and helping Facebook to keep tabs on potentially volatile situations. You can opt out of ads, but that won't stop Facebook from trying to personalize products based on your reviews. 

Your Facebook profile is already a factor in whether you can get a job, it seems that using it as a tool for government officials to screen you is merely a logical step.

How Data is Compiled

It was revealed in the past that Facebook has collected data about sites that you visit outside of the service, even if you are not logged in. Leaked information is collected all over the web on sites like Spokeo, but Facebook is using its tokens to identify sites you visit and interests you have. 

Reputation management services can protect some of that leaked profile data by requesting its removal or creating new data to fill its place or by using take down notices to have unauthorized data removed. This is data you can screen for, meaning you can search your name and actually see how your personal information is used and then attempt to manipulate that data if you aren't happy with what is available to the public. As evidenced in the Brand.com reviews of different reputation management tactics, these concepts even apply to teenagers in the social media minefield.

Now it is revealed that Facebook's mobile application might be crawling your personal contact list. When you install the application, you grant Facebook access to your phone numbers and contact lists where it can mine for contact information that it may or may not already have.

For you, this data is matched to profiles and your contacts become more personal. For Facebook, this data reaffirms existing relationships as real people and tells the story of your correspondence. They might not be reading your texts, but they can use data from your phone and your Facebook page to create a detailed picture of your relationships.

Outrage

Naturally, Facebook users want to know why data that they did not choose to share exists in the first place. Facebook’s response was to downplay the data collection as a method to personalize your social networking experience. Supposedly the data that was collected is shared only with friends that you are connected to, but the bottom line is that your connection to your friends is directly related to how much Facebook knows about you. Facebook even went so far as to send an e-mail to ZDNet clarifying that users who are currently expressing concern over this practice should have carefully reviewed its guidelines to better understand Facebook’s data collection policies. 

What we do know is that the data leak had been occurring for at least a year, and despite our best efforts, it seems that Facebook is slowly getting just a little bit more personal.