I recently had an interesting experience with Facebook. I made an application that let a user search for another user’s public albums even if they weren’t on each other’s friends list. This application didn’t violate any clause of the TOS list at the time. The application made use of a design decision on Facebook’s part to allow world readable albums. When you would create an album on Facebook, you can set the privacy setting of the album. One of the choices (the one selected by default) is that the album would be world readable. I made use of the Facebook API (PHP, SQL for caching, FQL for speed, all that jazz) to create the application. I even made a slick interface that looked very facebook-ish. For lols I created a tutorial that centered around viewing Mark Zuckerberg’s photos. In the first couple days after the app had launched, I had gotten several hundred users and several 5-star reviews (all the reviews were 5-star).

I decided to submit the application to the Facebook public application directory (stupid me… I know) – which would make it visible to any user that is specifically looking for a super awesome application that lets them view the public albums of any user on Facebook. The application was submitted for approval and I waited. One day passed, then two – I thought that the approval process would only take one business day, since it just involves a person to add and try an application out. A couple days after submitting the application I noticed that I could no longer view Mark Zuckerberg’s photos. Not that I was stalking Mark Zuckerberg, but I like to run through things I make – daily – to make sure they aren’t broken. Viewing Mark Zuckerberg’s photos had become routine from a testing standpoint. Testing my app on other users showed that my application _still_ worked.

Doing a regex search in my apache logs showed that my application had been added (and removed) by _many_ ips in the Facebook subnet over 250 times. The regex count returned 255 (WHAT A ROUND NUMBER :D ). Each IP interacted with my application in some way, which suggests that it wasn’t a bot that kept on adding and removing my application. I got really excited because I thought that many employees of facebook saw my app, and in Mark Zuckerberg’s embarrassment, he changed the privacy setting of his albums (thought: MARK ZUCKERBERG HIMSELF SAW MY APP, WOW :D).

(photo from one of Mark Zuckerberg’s albums)

Today I tried my app, it barely returns any results on any search. All the searches I tried previously no longer work. Facebook hurriedly fixed a problem that didn’t exist… and it broke my app. What I mean by a problem that doesn’t exist is that I was taking advantage of a design decision Facebook made. Albums had a privacy setting that allowed everyone to view them. I could view what albums a user had using FQL, now I can’t (it still works for some people… but everyday I’m getting less and less results… so I assume Facebook is fixing each account sequentially or something.) The world readable attribute still exists and it’s still the default choice when creating a new album.

What bothers me most about this experience is not the hours I put in developing the app. Not that I shared this application publicly and won’t be able to use it privately. What bothers me most about this is that Facebook delayed the approval of my application for the public directory listing until it didn’t work. It’s their platform. They can change whatever functionality they want… send no notification to you…and if they break your app there’s nothing you can do about it.

Facebook did what they had to do to accomplish their goals (avoid embarassment, fix an initial design error, w/e.) I now view them as an evil company, but that’s just my opinion. Luckily, I cached (for optimization purposes) the albums IDs of Mark Zuckerberg’s albums :D.

ref:
[1] My application: http://apps.facebook.com/publicphotos/
[2] http://apps.facebook.com/publicphotos/album.php?a=17182073944
[3] http://apps.facebook.com/publicphotos/album.php?a=17181871868
[4] http://apps.facebook.com/publicphotos/album.php?a=17181903264
[5] http://apps.facebook.com/publicphotos/album.php?a=17181916415