Facebook is embroiled in a new privacy row after it began selling access to users in order to bolster its profits.
The social networking site is allowing companies to trawl through its 900m users looking for email addresses and phone numbers so it can better target adverts.
The changes mean that if you hand over any details when you buy something – as many consumers do – that company can now track you down on Facebook.
The measures appear to be a cynical attempt to sidestep restrictions imposed on Facebook by US regulators due to earlier botched privacy changes.
They have already sparked calls for an official investigation by campaigners who claim that the public have not been properly notified.
The new measures, which have been in effect for weeks, will affect consumers who have handed over personal data when they buy something, which is the majority of people given the rise of Internet shopping
Retailers will then be allowed to compare their own databases with the information on Facebook.
For example, an airline will now be able to target adverts at a consumer who had recently taken a flight to Barcelona.
A mobile phone company could also advertise upgrades to somebody who was nearing the end of their contract.
Another disturbing element is that the adverts could appear on a user’s computer even when they are not on Facebook.
The social networking site is also increasing its monitoring and will work with US-based company Datalogix to see what consumers are buying.
Facebook claimed that there are safeguards attached to the new measures.
Phone numbers and email addresses will be replaced by hash symbols so nobody actually knows who the person is, even if they can track their behaviour.
Users will also have to give permission but campaigners in the US have said that changing the settings is ‘confusing and ineffective’.
The Electronic Privacy Information Centre and the Centre for Digital Democracy have already asked watchdog the Federal Trade Commission to investigate the arrangement.
In a joint letter they said: ‘Facebook did not attempt to notify users of its decision to disclose user information
‘Neither Facebook’s Data Use Policy nor its Statement of Rights and Responsibilities adequately explains the specific types of information Facebook discloses, the manner in which the disclosure occurs, or the identities of the third parties receiving the information.’
Facebook is under pressure to improve on the £1.1bn it makes each year from advertising after its disastrous stock market floatation which saw its shares fall by more than half their value.
The serious violations included allowing other companies access to users’ personal information – even after they deleted their accounts.
Under the tough agreement – which applies Britain – Facebook agreed to independent periodic monitoring for the next 20 years to stop it from re-offending.
It also vowed to obtain users ‘express consent’ before making privacy changes.
Facebook privacy engineer Joey Tyson said: ‘As we pursue our goal of making the world more open and connected, we have designed our service to show ads that help people discover products that are interesting to them.
‘We also recognise that our users trust us to protect the information they share on Facebook.
‘Maintaining that trust is a top priority as we continue to grow.’