I think that's a little different. It sounds like neoprint.php is an internal Facebook tool for looking up data on Facebook users. So improper usage of it is a privacy problem for users. It's something misbehaving employees might run against celbrities, exes, etc. (e.g. https://www.gawkerarchives.com/5637234/gcreep-google-enginee... )

Otoh nmap isn't a privacy problem for users of Facebook (or any other tech company).

Yea totally agree. Mainly just wanted to shoehorn in my own story about stern emails at FB! Also I think running nmap on your own development machine is totally legitimate. Lots of reasons you might want to do it.