According to the MediaPost Daily Online Examiner blog:
"Chalk up another privacy fiasco for Facebook. Turns out that Top Friends had a glitch that allowed any users who downloaded the application to see information like the birthdays and gender of any other Top Friends users."
Facebook suspended the application after CNet journalists reported the problem. Who's fault is it: Facebook's or the application developer's? As expected, Facebook blames the application developer. A quality, customer-focused service would screen or test developers' applications before making them "live." The more important point:
"Facebook was specifically warned that this type of data breach could occur. Last month, Canadian advocates filed a privacy complaint that specifically highlighted the privacy risks posed by third-party applications. The complaint criticized Facebook for setting up an installation system that requires users to give developers permission to access their personal data by default. A pre-checked box says that users will allow the application to “Know who I am and access my information.” Users who uncheck that box can’t install the application... While there is a way to opt out of sharing information with developers, users can only do so from a separate privacy page on the site, according to the Canadian complaint."
Several I've Been Mugged posts have covered issues about Facebook's privacy and data security lapses. Hence, I don't have a Facebook account. However, everyone at my new job has a Facebook account, so there is considerable pressure on me to sign up. I'm giving it some thought... perhaps a Facebook page about the service's data security issues with a link to I've been Mugged.