[slig]

By logging with fb, your app will have at least my user id and email. Any data breach on your side and all the "anonymous" posts are not so anonymous anymore.

[olenhad]

We can assure you from our side, that the way the app is structured, no part aside from login, uses facebook's user ids. We've tried to be very strict about that.

[synor]

How do you filter my "own" posts without correlating my Facebook id with a post-author id?

[olenhad]

All user associated data uses our own user ids, not facebook's ids. That includes post author ids.

[synor]

Your system seems to be able to correlate the FB id and user id on login to filter my own posts and aggregate my friends postings.

Am I wrong to assume that this ability might enable de-anonymization of postings after a server compromise?

[darora]

No, you're correct in that assumption.

In case of a complete server breach, that would indeed allow for de-anonymization of posts.