Your private Facebook statuses aren’t as private as you thought—when it comes to Storify.
A vulnerability in the popular online content-curation platform allows individuals to pull and publish statuses from any Facebook account or group regardless of privacy setting.
The first to notice the loophole was Julie Pippet, a communications and public relations professional who stumbled into the privacy breach by accident. Using the Storify extension for the Google Chrome browser, which helpfully adds a Storify button to Facebook and other social Web pages, Pippet was able to add a friend’s Facebook status about Superstorm Sandy into her public Storify feed.
“I felt so terrible about what happened that I started digging and checking,” Pippert told AGBeat, “and I figured out that although anything can be copied, screen-captured, or otherwise shared, anyone who installs the Storify app can do it with one click, even if it is marked or otherwise set to be private.”
The Daily Dot confirmed Pippet’s assertion by taking a comment left in a private Facebook group and Storifying it using the Chrome extension. But when we tried to do the same using the Storify Web page, it didn’t work. And when we tried to Storify a private tweet, that failed too.
As far as we can tell, the privacy loophole only works with Facebook statuses and only works with the Chrome extension.
For its part, the social network giant equates this to someone taking a screenshot of Facebook updates and publishing it elsewhere.
“The behavior appears to result from Storify users utilizing a browser extension that essentially cuts and pastes content available to that user to the Storify site,” a company spokesperson told us. “This is not a result of the Storify application for Facebook.”
Even if this was intentional on Storify’s part, it should give Facebook users a reason to take time to truly understand their privacy settings on the social network. These can be confusing at times, as evidenced by a recent incident where Randi Zuckerberg, sister of the site’s founder, had a “private” picture go viral on Twitter.
Photo via Darwin Bell/Flickr