"In most cases, developers did not intend to pass this information, but did so because of the technical details of how browsers work," Facebook engineer Mike Vernal said in a blog post.
"We are talking with our key partners and the broader Web community about possible solutions."
Vernal argued that press reports had exaggerated the implications of the situation and that getting user identification (UID) information did not provide access to private data without express permission.
"Nevertheless, we are committed to ensuring that even the inadvertent passing of UIDs is prevented and all applications are in compliance with our policy," Vernal said.
"We take strong measures to enforce this policy, including suspending and disabling applications that violate it."
The blog post came amid a flood of news stories triggered by a Wall Street Journal report that its investigation had found that the issue affects tens of millions of Facebook application users, including people who set their profiles to be completely private.
The practice breaks Facebook's rules and renews questions about its ability to keep secure identifiable information about the activities of its members.
"Our policy is very clear about protecting user data, ensuring that no one can access private user information without explicit user consent," Vernal said.
"Further, developers cannot disclose user information to ad networks and data brokers."
The Journal said applications were providing access to Facebook members' names and, in some cases, their friends' names, to companies that build detailed databases on people in order to track them online.
All of the 10 most popular applications on Facebook were transmitting unique user ID numbers to outside companies, it said. They include Zynga's FarmVille, with 59 million users, Texas HoldEm Poker and FrontierVille.
The Journal said several applications became unavailable to Facebook users after the newspaper informed the Palo Alto, California-based social network that they were transmitting personal information.
"We have taken immediate action to disable all applications that violate our terms," a Facebook spokesman said.
Facebook told the Journal it is taking steps to "dramatically limit" the exposure of users' personal information.
"Our technical systems have always been complemented by strong policy enforcement, and we will continue to rely on both to keep people in control of their information," a Facebook official said.
The Journal said the applications it reviewed were sending Facebook ID numbers to at least 25 advertising and data firms, several of which build profiles of Internet users by tracking their online activities.
Facebook specifically prohibits applications makers from transferring data about users to outside advertising and data companies, even if a user agrees.
Facebook is the world's most popular social network with around 500 million users, but it has been dogged by complaints about privacy protection.
Randi Zuckerberg, the sister of co-founder Mark Zuckerberg, told reporters at a forum in Dubai on Sunday that privacy was the company's top concern and it would continue to give people more controls.
COMMENTS (1)
Comments are moderated and generally will be posted if they are on-topic and not abusive.
For more information, please see our Comments FAQ