Facebook Developers

This is very interesing and confusing at the same time..

So from what I have read.. A site implemeting FC cannot pull user details from facebook and save it as as part of their own profile on that user.

So if a user signs up to a www.externalsite.com, then uses FC to tie up the profiles.. www.externalsite.com cant fetch the user's birthday and store it in the local www.externalsite.com profile for that user?

Am i correct here?


If this is the case, Digg does seem to be breaking the rules here..

e.g.
I noticed that Digg save s a history of your profile pics.. change your profile pic on facebook and the new one becomes your Digg profile pic and the old one gets stored under 'Photos'.


I dont have an issue with this as I choose to tie up my account together and can see the benefits, but I want to do the same thing for my current work site which is a major media site in Australia and I want to make sure I follow the privacy rules of FB.


Tnk for starting this thread.

I would love to get an answer to my question.

TechCrunch is another interesting example. I added a comment to a TechCrunch story using my Faebook ID. I then deactivated the TechCrunch aplication, and sure enough, the comment actualy disappeared from their site -- the whole thing, not just my identifying data. But then I re-authorized the application and the comment re-appeared! The implication is that TechCrunch had retained my data even after de-authorization and only hidden it from view.

Personally, I believe the FB's ToS should allow us to use the data we get from the API (eg, first/last name) as the default values for opt-in forms, and once properly opted-in, to retain that data. I don't think we should be able to spam a FB member's friends without explicit permission to do so.

I deeply apologize for any misunderstanding, i sincerily don't have the intention to start a flame.
I didn't want to criticize Digg or Facebook policy, i don't mind at all about what they do and how Digg uses Facebook connect. If Digg is authorized to have a "special access" to Apis i don't care. I'm just interested about MY integration and i just want to understand how to get the best integration without braking rules. I have only one question, it is not about Digg but it is about MY integration with facebook Connect:
Can you please tell me if:
1)We are authorized to replicate the same behaviour.
2)We are NOT authorized to replicate the same behaviour.

Simply create a profile on Digg and then go to:
http://digg.com/users/yourusername
You will see that this page (after weeks) is public and show to the world your facebook private picture.

Digg is violating policy, i just would like to know if they have a written permission(if so it means that i cannot replicate the same behaviour).

I don't have the intention to start a flame but i understand that there is no way that you will give an answer to me, so i will give the answer by myself:
- Digg is violating policy but we (other developers) are not allowed to replicate the same behaviour. I will not replicate the Digg behaviour.

Thanks for the reports everyone; we are working on this with Digg and will update with what we find.

Hi I also noticed that Digg stores the profile picture from my facebook account.

So what should i do for my external website to have the same effects?

Do i need to have a checkbox or anything that asks the permission of the user first?

what if the user subsequently updates her facebook profile pic?

what code should i use to grab the profile pic and then store it to my database?

please advise. thanks.