Regardless of permissions, any application has guaranteed access to three pieces of publicly-available data about a Facebook user—their name
, their picture
, and their Facebook user ID
. To retrieve any information beyond that, the user in question has to either have made elements of their profile publicly-available, or our application has to have been authorized by that user, with the corresponding Extended Permissions allowing access to that information.
Note
Private and publicly-available data on Facebook
To see for yourself what it meant by publicly-available information, have a look at the explanation of privacy and publicly-available data on the Facebook.com website: http://www.facebook.com/privacy/explanation.php
The next step up from publicly-available data is Basic Profile Information, which is the baseline level of data access given to any application that a user has authorized. This is granted automatically as part of the initial authorization process, and we don't actually...