Rumors are circulating that Facebook may be working on a Facebook-branded mobile phone. Facebook has denied that it is “building” a mobile phone, but that is a semi-semantic denial that still leaves ample room for partnering with a manufacturer to market such a smartphone. If the reports are true, privacy advocates may soon have a lot more to worry about than simple Facebook status updates and Facebook Places check-ins.
The security and privacy concerns cut both ways. On the one hand, a smartphone with a Facebook logo emblazoned on it would broadcast to the world that the owner has a Facebook account, and would ostensibly provide easy access to that account. A lost or stolen Facebook phone would be a simple click or two away from a compromised Facebook account, enabling an attacker to exploit the social network in phishing scams or other attacks.
The larger concern, at least for privacy advocate organizations that already rail against perceived breaches of privacy with the Facebook site itself, would be how much access Facebook has to information from the phone and what it does with it. Facebook is second only to Google when it comes to Big Brother type fears of having every move tracked and monitored or personal information potentially sold or used to deliver targeted marketing.
Any such fears are probably exaggerated, though. First of all, despite claiming membership in excess of half a billion users, the odds that a Facebook-branded smartphone would really take off are fairly slim. The smartphone market is already crowded with RIM, Apple, Google, Nokia, Microsoft, and Palm all vying for a piece of the pie, and a Facebook phone most likely wouldn’t catch significant market share.
Facebook could design a Facebook-branded phone using an existing mobile OS rather than competing on that level. If that is the case, the success of a Facebook smartphone might depend largely on the mobile OS it uses, the hardware it runs on, and the carrier or carriers that it is available from. Perhaps with Facebook’s close relationship with Microsoft, a Facebook smartphone would run Windows Phone 7.
The size of the Facebook audience, and ubiquitous availability of apps, and Web-based access from smartphones and other mobile devices, mean that odds are good that any smartphone–whether Facebook-branded or not–poses a similar risk. Realistically an attacker can already gain easy access to a user’s Facebook account from virtually any smartphone or tablet.
Similarly, with millions of status updates per day, and millions of users embracing Facebook Places for location-based check-in, Facebook already has access to more information than it needs on users. Facebook members voluntarily share enough data that Facebook doesn’t really need to go out of its way to develop a Facebook-branded smartphone just to infiltrate deeper into user’s lives.
Facebook should learn from the Google Nexus One and Microsoft Kin and stick to building apps for existing smartphones and tablets rather than putting its brand on a specific device. If a Facebook smartphone does appear, you can bet that privacy advocates will take issue with it.