So you think you’re ready to integrate Facebook data? Not so fast!

If you’ve been following the mini-series on integrating Facebook data, welcome back.  If not, then I recommend you take a moment and bring yourself up to speed:

In this next post, I want to discuss a few additional considerations to take into account before embarking on your Facebook data integration mission.

Got an App?

This topic came up briefly in an earlier post, but it definitely warrants further discussion.  The type of Facebook data that will arguably have the biggest impact/improvement on your customer analysis  (likes, interests, relationships, status, subscriptions, etc) requires explicit permissions granted by users to apps.  So you need an app!

More specifically, permissions are granted to Apps by Users via access tokens which can then be used by the app to make Graph API calls on behalf of the user.  Access tokens are generated during a process referred to as the “login flow“.  When a user logs into your app, they are prompted with a list of permissions that your app is requesting…if the user agrees, an access token is generated giving your app the requested permissions.

Note: it is important to only request the permissions you need in order to minimize the list.  Users who value privacy may be deterred from using your app (and thus preventing you access to your data) if they see your app is request a ton of permissions to their data.

The majority of permissions you might be interested in for Customer Analysis can be found here and here.

Have you read Facebook storage and usage policies?

That’s right – Facebook has a pretty explicit set of rules and guidelines as to how you can use their data.  Below is a copy of section II (as of 12/24/2012) where I’ve highlighted a few lines that I feel capture the essence of these policies…TLDR at the bottom 😉

II. Storing and Using Data You Receive From Us

  1. You will only request the data you need to operate your application.
  2. You may cache data you receive through use of the Facebook API in order to improve your application’s user experience, but you should try to keep the data up to date. This permission does not give you any rights to such data.
  3. You will have a privacy policy that tells users what user data you are going to use and how you will use, display, share, or transfer that data. In addition, you will include your privacy policy URL in the App Dashboard, and must also include a link to your app’s privacy policy in any app marketplace that provides you with the functionality to do so.
  4. Until you display a conspicuous link to your privacy policy in your app, any data accessed by your app (including basic account information) may only be used in the context of the user’s experience in that app. A user’s friends’ data can only be used in the context of the user’s experience on your application.
  5. Subject to certain restrictions, including on use and transfer, users give you their basic account information when they connect with your application. For all other data obtained through use of the Facebook API, you must obtain explicit consent from the user who provided the data to us before using it for any purpose other than displaying it back to the user on your application.
  6. You will not directly or indirectly transfer any data you receive from us, including user data or Facebook User IDs, to (or use such data in connection with) any ad network, ad exchange, data broker, or other advertising or monetization related toolset, even if a user consents to such transfer or use. By indirectly we mean you cannot, for example, transfer data to a third party who then transfers the data to an ad network. By any data we mean all data obtained through use of the Facebook Platform (API, Social Plugins, etc.), including aggregate, anonymous or derivative data.
  7. You will not use Facebook User IDs for any purpose outside your application (e.g., your infrastructure, code, or services necessary to build and run your application). Facebook User IDs may be used with external services that you use to build and run your application, such as a web infrastructure service or a distributed computing platform, but only if those services are necessary to running your application and the service has a contractual obligation with you to keep Facebook User IDs confidential.
  8. If you need an anonymous unique identifier to share outside your application with third parties such as content partners, advertisers, or ad networks, you must use our mechanism. You must never share this anonymous unique identifier with a data broker, information broker, or any other service that we may define as such under our sole discretion.
  9. You will not sell or purchase any data obtained from us by anyone. If you are acquired by or merge with a third party, you can continue to use user data within your application, but you cannot transfer data outside your application.
  10. If you stop using Platform or we disable your application, you must delete all information about a user you have received from us unless: (a) it is basic account information; or (b) you have received explicit consent from the user to retain their data.
  11. You cannot use a user’s friend list outside of your application, even if a user consents to such use, but you can use connections between users who have both connected to your application.
  12. You will delete all data you receive from us concerning a user if the user asks you to do so, and will provide an easily accessible mechanism for users to make such a request. We may require you to delete data you receive from the Facebook API if you violate our terms.
  13. You will not include data you receive from us concerning a user in any advertising creative, even if a user consents to such use.
  14. You must not give your secret key and access tokens to another party, unless that party is an agent acting on your behalf as an operator of your application. You are responsible for all activities that occur under your account identifiers.

TL;DR;  be honest with the user and DON’T COMPETE WITH OUR ADVERTISING EFFORTS!!!

  • be clear to the user on what data you are extracting, and how you intend to use it
  • don’t give the data to or use the data in a way that helps competing advertising networks
  • don’t buy or sell facebook data
  • make it easy for the user to request deletion of their data from your app/system
  • don’t use facebook data in ad-creative (*cough* instagram *cough*)

Anything else?

There has been some confusion in the past as to whether Facebook data can be stored on disk and for how long.  At one point in time, there was a 24 hour storage policy…but that policy restriction has since been removed. Now, Facebook data can be stored indefinitely…

Click to Enlarge
Click to Enlarge

Did I mention you need an app?  Good…glad that’s clear.

3 replies on “So you think you’re ready to integrate Facebook data? Not so fast!”

Thanks for a nice blog post.

Helped me in the right direction of what I need to learn in order to work with facebook data.

I am however a bit in doubt about how to interpret the phrase “You will not sell or purchase any data obtained from us by anyone.”, as stated in the paragraph nine in the storage policy of facebook.

I have recently discovered that a program like Nvivo and the nCapture app, allows you to download facebook data in a format ready for analysis. Seems a bit strange that one is not able to do analysis based on these data and then sell the analysis… Your thoughts?


The way I interpret paragraph 9 is this: facebook wants the data be tightly coupled with the app because the app is what was granted access to the data (not the corporate entity that owns the app). so this paragraph is preventing the data from being considered as a product/asset separate from the application.

Ex. say you have an app that collects FB-data from users (who grant your app access to their data). the app becomes popular and the number of users grows substantially. this paragraph prevents another company from stepping in and buying the data – both directly ($5k for a data dump?) and indirectly (buying out your entire company and therefore acquiring the data).

Based on a quick google search, nCapture appears to be a screen-scraping app…so I’m not sure what the ramifications are since it isn’t acquiring the data via the graph API. If you’re concerned about the legality, I’d suggest reaching out to FB developer support.


Hi Bill.

Thanks for the reply.

I intend to use facebook data only for analytical purposes, not designing apps. Maybe in the end i will sell the analytical results i am able to produce but it is not the primary aim.

Do you have any opinion or experience on this kind of use of facebook data?



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s