How many apps have you installed on Facebook? More importantly, how many of them could post something in your name right now, without your knowledge? Chances are, it's more than half of them.
[More from Mashable: Coca-Cola Is First Retail Brand to Pass 50 Million Facebook Fans]
Privacy protection company Secure.me analyzed some 500,000 Facebook apps, and shared the results exclusively with Mashable. The biggest takeaways: 63% of those apps ask for the ability to post on your behalf -- and 69% of them can grab your email address.
”It has become second nature to connect various apps like Instagram, SocialCam, AngryBirds, CityVille, and Spotify to your Facebook ID," says Secure.me founder Christian Sigl. "You just click ‘agree’ without even really knowing what you are agreeing to. What you don’t realize is that social apps linked to your Facebook profile can pretty much track your and your friends' whole life.
[More from Mashable: College Football Teams Struggle to Share Defeat on Facebook]
"It doesn’t matter what your privacy settings are, the apps still get this information.”
What the app makers could do with that information beggars belief. Not only could they effectively hack your Timeline and sell your email address to any unscrupulous buyer -- they're also potentially well on the way to stealing your identity. Some 30% of those apps know their users' birthdates, which would in theory allow them to uncover their social security numbers.
The permission puts your friends at risk, too. According to Secure.me, 21% of apps -- 1 in every 5 -- can access the personal data of the user's friends including friends‘ birthdays, education and work history. Some 12% of the apps can grab your location information at will.
Of course, few of us are concerned about the big name apps -- the Instagrams, the Spotifys. These are companies that have won our trust. But big-name apps make up just a small portion of the 500,000 total. What do you really know about the maker of that personality test or music quiz you just posted to your Timeline?
Part of the problem, as Sigl suggests, is the fact that there's no granularity here. You can't decide which permissions the app really needs, and which go beyond its remit. You can't give an app limited permission for a day or a week. And you can't impose your privacy settings as overarching rules that apps may never break. App permissions, right now, are one-size-fits-all.
How many Facebook apps have you given permissions to? Let us know in the comments.
This story originally published on Mashable here.