PCMagazine: Recently, a Wall Street Journal article revealed that Facebook apps were transmitting user information to ad networks, and that in turn prompted a couple of members of Congress to send letters to the company. In response, Facebook has a new plan to protect user privacy. The social networking giant will roll out optional user ID encryption over the next couple of weeks, and will encrypt all IDs sometime in the near future.
"The proposal builds on our recent support for a parameter called signed request which is inspired by our discussions in the OAuth community," Facebook's Mike Vernal wrote in a blog post. "We will start encrypting this parameter as well, using the application's secret key, so that only the application will be able to read this information. This will prevent the accidental disclosure of this information via HTTP headers."