So you think you’re ready to integrate Facebook data? Not so fast!
If you’ve been following the mini-series on integrating Facebook data, welcome back. If not, then I recommend you take a moment and bring yourself up to speed:
- Value of Integrating Facebook Data For Customer Analysis
- Facebook as a Data Source
- Extracting Facebook Data with SSIS
In this next post, I want to discuss a few additional considerations to take into account before embarking on your Facebook data integration mission.
Got an App?
This topic came up briefly in an earlier post, but it definitely warrants further discussion. The type of Facebook data that will arguably have the biggest impact/improvement on your customer analysis (likes, interests, relationships, status, subscriptions, etc) requires explicit permissions granted by users to apps. So you need an app!
More specifically, permissions are granted to Apps by Users via access tokens which can then be used by the app to make Graph API calls on behalf of the user. Access tokens are generated during a process referred to as the “login flow“. When a user logs into your app, they are prompted with a list of permissions that your app is requesting…if the user agrees, an access token is generated giving your app the requested permissions.
Note: it is important to only request the permissions you need in order to minimize the list. Users who value privacy may be deterred from using your app (and thus preventing you access to your data) if they see your app is request a ton of permissions to their data.
Have you read Facebook storage and usage policies?
That’s right – Facebook has a pretty explicit set of rules and guidelines as to how you can use their data. Below is a copy of section II (as of 12/24/2012) where I’ve highlighted a few lines that I feel capture the essence of these policies…TLDR at the bottom 😉
II. Storing and Using Data You Receive From Us
- You will only request the data you need to operate your application.
- You may cache data you receive through use of the Facebook API in order to improve your application’s user experience, but you should try to keep the data up to date. This permission does not give you any rights to such data.
- Subject to certain restrictions, including on use and transfer, users give you their basic account information when they connect with your application. For all other data obtained through use of the Facebook API, you must obtain explicit consent from the user who provided the data to us before using it for any purpose other than displaying it back to the user on your application.
- You will not directly or indirectly transfer any data you receive from us, including user data or Facebook User IDs, to (or use such data in connection with) any ad network, ad exchange, data broker, or other advertising or monetization related toolset, even if a user consents to such transfer or use. By indirectly we mean you cannot, for example, transfer data to a third party who then transfers the data to an ad network. By any data we mean all data obtained through use of the Facebook Platform (API, Social Plugins, etc.), including aggregate, anonymous or derivative data.
- You will not use Facebook User IDs for any purpose outside your application (e.g., your infrastructure, code, or services necessary to build and run your application). Facebook User IDs may be used with external services that you use to build and run your application, such as a web infrastructure service or a distributed computing platform, but only if those services are necessary to running your application and the service has a contractual obligation with you to keep Facebook User IDs confidential.
- If you need an anonymous unique identifier to share outside your application with third parties such as content partners, advertisers, or ad networks, you must use our mechanism. You must never share this anonymous unique identifier with a data broker, information broker, or any other service that we may define as such under our sole discretion.
- You will not sell or purchase any data obtained from us by anyone. If you are acquired by or merge with a third party, you can continue to use user data within your application, but you cannot transfer data outside your application.
- If you stop using Platform or we disable your application, you must delete all information about a user you have received from us unless: (a) it is basic account information; or (b) you have received explicit consent from the user to retain their data.
- You cannot use a user’s friend list outside of your application, even if a user consents to such use, but you can use connections between users who have both connected to your application.
- You will delete all data you receive from us concerning a user if the user asks you to do so, and will provide an easily accessible mechanism for users to make such a request. We may require you to delete data you receive from the Facebook API if you violate our terms.
- You will not include data you receive from us concerning a user in any advertising creative, even if a user consents to such use.
- You must not give your secret key and access tokens to another party, unless that party is an agent acting on your behalf as an operator of your application. You are responsible for all activities that occur under your account identifiers.
TL;DR; be honest with the user and DON’T COMPETE WITH OUR ADVERTISING EFFORTS!!!
- be clear to the user on what data you are extracting, and how you intend to use it
- don’t give the data to or use the data in a way that helps competing advertising networks
- don’t buy or sell facebook data
- make it easy for the user to request deletion of their data from your app/system
- don’t use facebook data in ad-creative (*cough* instagram *cough*)
There has been some confusion in the past as to whether Facebook data can be stored on disk and for how long. At one point in time, there was a 24 hour storage policy…but that policy restriction has since been removed. Now, Facebook data can be stored indefinitely…
Did I mention you need an app? Good…glad that’s clear.