As I have mentioned before, Facebook put images, rather than text, of email addresses in Facebook profiles. They suggest this is a privacy-enhancing measure, but given that it’s fairly easy for someone with nefarious intent to circumvent it, it’s quite clearly done to encourage your average person to use mechanisms within Facebook to communicate, rather than normal email. Chris Finke wrote the Image-to-Email extension to turn the images back into HTML clickable links.
Now, Facebook have sent him a cease-and-desist regarding Facebook Image-to-Email (and another extension of his). According to Chris, their stance is that both extensions violated the section of the TOS which says “you shall not use automated scripts to collect information from or otherwise interact with the Service or the Site”.
For Image-to-Email, at least, this is wrong in two ways:
1) The extension doesn’t violate the section of the TOS they claim it does
2) The extension is not a threat to user privacy
1) This extension cannot count as an “automated script”, unless a web browser counts as an “automated script”. A web browser takes the HTML that Facebook sends to a user and, instead of displaying it as plain text, renders it in a different way which is more visually pleasing and easier to read and interact with. Facebook Image-to-Email takes an image Facebook sends to a user and, instead of displaying it as an image, renders it in a different way which is also easier to interact with. Both tools do exactly the same job; you cannot prohibit one without prohibiting the other.
Image-to-Email doesn’t follow links, walk your social graph or any of the other things that might cause it to be labelled “automated”.
2) Facebook Image-to-Email saves people having to retype email addresses in order to email their Facebook friends. This cannot be a threat to privacy because any email address I could use it on, I could already see. There is no way I can use it to access email addresses I don’t already have access to.
Facebook should come clean and admit their real reason for threatening Chris (“We will be forced to become more formal… Hopefully you won’t choose that path”) is to maintain platform lock-in.