Does Facebook Connect Create Risk for Organizational Web Sites?


In May, Facebook Developers announced the arrival of Facebook Connect, calling it "the next iteration of Facebook Platform that allows users to 'connect' their Facebook identity, friends and privacy to any site." CNBC headlines proclaimed, "Facebook Grows Up," noting that the social networking site wasn't just for college students anymore.


Facebook Connect apparently allows Facebook users take their friends, their privacy settings, their photos and other account information with them when they log into third-party Web sites, which is great as long as those third-party sites are also social networking sites that are user controlled. It creates an extended network -- all the more useful for getting messages out and reaching a wider audience.


What happens, though, when a Facebook user wants to bring his or her Facebook friends to a non-profit's site -- like a church network or a university alumni network site -- where the organization itself wants to maintain control of the content that comes in and goes out? Where the organization wants to maintain its member information and databases as proprietary? Should they be wary of Facebook Connect?


Celect CEO Tony Roth thinks so. Celect provides online communities and networking for sorority and fraternity organizations, university alumni associations and faith-based communities. He told me Monday that he sees Facebook Connect "as a potential danger zone for the organizational clients" that Celect serves. He explained:

Our primary client base is not the individual member users; rather it is the organizations themselves. And that comes with a lot of things.... [including] a protectionism clause that says we're not going to allow data share or information flow without authorization from the organization itself....But if a member [using a Facebook Connect application} is controlling the dynamic privacy aspects of how they share, what they share, when they share and where they share, then how does that organizational Web site really -- without bolstering its own screening and maybe even creating another layer of verification -- how does it protect itself?


Roth says he hasn't been able to get an answer yet, but he'll keep asking until he does.