Facebook Throws Rotten Tomatoes at Movie Fans | WebProNews
Thanks. So facebook formally gives RT access to its cookies.
Not quite. A cookie for any domain (i.e. facebook.com) can only ever be sent to a webserver on that specific domain (i.e. facebook.com). You can't grant access to allow other sites to read cookies for your domain.
What happens is the little window where the facebook content appears is actually a separate frame that is part of the facebook.com website itself. So the facebook.com cookie is sent there, so it knows who you are and can serve up the personalised information.
The rest of the site you're browsing doesn't see the data from facebook (although it can get at it if it really wants) as it never sees it, the whole page only comes together on your browser.
You may think it works like this:-
You <----> Somesite <----> facebook
But it's not, you're talking to both the main site and facebook separately, i.e.
facebook <----> You <----> Somesite
It's not really a privacy problem at all.