[cliffchang]

I think you may misunderstand what signing in with Facebook does.

1) It could, potentially, provide some value to you as a user. Quora gets to suggest people to follow for you based on your Facebook friends, so your experience on there is seeded with relevant information.

2) Nothing you do on the site you signed in with is published to your Facebook profile, without your explicit consent on a dialog box.

[raganwald]

Nothing you do on the site you signed in with is published to your Facebook profile, without your explicit consent on a dialog box

The trouble with this statement is that some users (myself included) don't believe (a) this is true even when they say it's true, or (b) that if it's true today it will still be true tomorrow.

Such paranoid users are worried that FB will make a privacy policy change that turns the privacy off "as a benefit to users," and the opt-out checkbox will be buried seven links deep. I try to use FB's controls to make my FB stuff fairly private, but I still operate on the assumption that one day FB will break my assumptions about what is or isn't shared.

The recent "Places" launch confirmed it for me. If I hadn't read someone else's blog post, I wouldn't have known that simply refusing to opt into places wasn't enough, I also had to explicitly block friends from checking me into locations.

[dzlobin]

I don't mean to personally call you out but this mindset is entirely flawed for this argument. If you're so worried about keeping your private things private, don't put anything you're not completely fine with being public on facebook. According to your logic they don't owe you any real promise of privacy, right?

[raganwald]

I don't know what they owe me, but I do know what I do and do not trust them to do. And on that basis I decide what I will and will not share with them.

Which brings us full-circle back tot the point of the post:

When a third-party application uses FB as its authentication mechanism, it gives the appearance of asking its users to trust FB with everything they do on that application.

So yeah, I don't put anything on FB that I can't handle becoming public some day. That doesn't mean I want it to be public, but I wouldn't knowingly put something private on there.

And that extends to third-party apps using FB for anything at all. I can't ever imagine using a linked-in kind of application that uses FB authentication. I'm not going to put certain business contacts and my business relationship with them where FB might be able to scrape the data.

I'm not dating, but if I did I wouldn't use a service that used FB for authentication. Or a personal money management application.

And my message to third party apps using FB for authentication is to take this into account. I won't say "don't," you know your market, maybe they don't care. But at least have your eyes open to people who might think twice if whatever you're managing for them might be sensitive.

[ahi]

It may not be published (2), but facebook certainly tracks and stores the information.