When you open a new application on Facebook, you have to approve the app to access your information (by clicking on the "Allow" button). If you don't, you cannot use the app, so it's essential that you approve the apps that you want to use.
However, if you approve application X today, Facebook will remember that approval forever! So, if you don't use some apps anymore, revoking access to them is a good idea. First, open Application Settings page of Facebook. Select "Granted Additional Permissions" from the Show dropdown list.
From the list of apps Facebook shows, here are some categories that are important:
- Offline access: Any app that has offline access to your information can access your profile, friends, etc. even when you are not using the app. Although it's not likely that an app would do it, technically it's possible for an app with such an access to periodically read your friends list and gather information without your knowledge. You don't have to open that app. You don't even have to open Facebook, for that matter. You might want to remove this access to all apps that you don't use anymore.
- Email: Apps that have this access can
spamemail you whenever they wish to. Remove the apps from which you don't want to receive emails.
In my case, Likeness app has offline access and the ability to post whatever it likes as my news update.
I don't really use Likeness app. So I revoked access by clicking the "x" near its name.
But why revoke access?
Is it because Facebook applications are evil and they might steal your data? No, at least I don't think they steal my data. Here are the reasons that motivate me to revoke permissions:
- People in the real world know only as much about me as they need to know. I like to keep it the same way with machines too. If I don't use a Facebook app, it shouldn't have access to my data.
- It may so happen that a Facebook app has a bug and that lets some evil people access other people's data. I don't want to be a victim when something like that happens.
- Minimizing the number of apps that has access to my data means I am minimizing the surface through which my information can leak. I'd like to keep it as small as possible.