Facebook and your privacy
Months after geeks who hate walled gardens hailed Facebook as the great exception, Facebook announces that it is wholesaling our privacy to any turdball with a dirty nickel to spend. So what else is new? And what do we do about it?
In a titled-for-SEO-rather-than-readers article, “Do Facebook users care about “privacy issues?” What about Doubleclick?,” Eric Eldon defends Facebook’s violation of its users’ privacy on the grounds that not many users have protested.
Some may not have protested because the petition against Facebook’s Beacon advertising feature is hosted by Moveon.org, an organization half of America considers a tool of the Antichrist. Many more may not have protested because they don’t know Facebook is violating their privacy. In a prove-nothing survey, no Facebook user I talked to yesterday was aware of the Facebook privacy concerns.
The New York Times explains what Moveon and members of the Facebook group, Facebook: Stop invading my privacy!, are protesting:
MoveOn is objecting to a new advertising technique that Facebook announced a few weeks ago that posts members’ purchases and activities on other websites in their Facebook profiles. Users can choose not to have the information posted from individual sites, or “opt out,” whereas with most Facebook applications associated with external sites, users must proactively choose to participate, or “opt in.” With the Beacon feature, if a user does not specifically decline participation, his or her Facebook friends will get a “news feed” notice about the purchase.
Back to Eldon. The interesting tidbit in his titled-for-SEO article is the suggestion that MoveOn is protesting the wrong thing, and that the problem goes well beyond Facebook:
Facebook uses the cookie it requires for logging into its site to track what you do on other sites, from what we can tell. These cookies are unique identifiers—code sent to each user’s computer from Facebook, and tracked by Facebook when they visit web pages.
In other words, Facebook tracks what you do when you are on websites other than Facebook, and shares that information with its advertisers and your Facebook friends. Hmm, who else does that sound like?
Google’s Doubleclick and Microsoft’s Atlas ad networks also use cookies to track user actions, and this is a long-standing issue for online privacy advocates. In fact, the U.S. Senate is looking into Doubleclick’s privacy issues now. We have not heard MoveOn comment on cookie tracking as it relates to Beacon or any other company that uses cookies to track users.
Spurious “no comment” jibes aside, Eldon has a point. Even if you feel smug for never having joined Facebook, unless you anonymize all your web browsing sessions, refuse to use or accept cookies, turn off images (in case one of them is a “tracker GIF”), and go into the woods with Ted Nugent and a crossbow, Big Advertising already has your number. It knows where you live, where you shop, and how much porn you download.
But that DoubleClick sins doesn’t excuse Facebook from betraying its members’ trusts.
(And yet, what else should we have expected? Did we really think Facebook’s investors just wanted us to have fun? Did we believe if there was a way to make a dirty dollar, they would scorn it on ethical grounds? This isn’t the Well, people.)
Stipulate that we like using Facebook but that we don’t wish to be denuded for the enrichment of goblins. Beyond joining the group and signing the petition, what do we do?
Tags: facebook, privacy, advertising, web advertising, doubleclick, socialnetworking
We delete our Facebook accounts, which are really never deleted. That’s another story we should talk about.
Possible options:
1) Strike. Stop using facebook for a day.
2) Rally. The web being what it is we don’t often think of physical rallys
3) Blog like the wind.
Maybe I’m radical or something but I prefer just to not use Facebook.
One of the things I’ve never liked about the walled-gardens (vs. having my own site out in the wild) is that I have to cede control over my stuff to somebody else. Once I do that, I might as well know the landlord could do something that isn’t cool with me.
I think freedom and doing your own thing rather than running through somebody else’s filter is a big part of what makes the www worth bothering with. Maybe it’s messier that way but I don’t mind.
Here is a Facebook/DARPA conspiracy theory.
Social Networking = Total Information Awareness?
Heh I think that Beacon thing sounds like quite a good idea.
Facebook users expect ‘apps’ to post notifications about their actions to their ‘mini-feed’ and thus the ‘news-feeds’ of other users (because the news feed selectively aggregates mostly from your friends’ mini-feeds). If an advertisement behaves like an app, then this is behaviour most people would not be unhappy with.
You can decline to let an app post anything to your mini feed on an app-by-app basis.
I see no issue for those who know how to use Facebook properly, and in my opinion they make this easy enough.
I come and go from facebook. The privacy issues were a concern for me when I first left (or deactivated my account) a few months ago. Maybe a facebook user strike would do something…
If there’s a strike, I’m in!
Power to the people and all that!
When I began using Facebook a few months back I pretty much assumed (who reads Terms of Service documents?) that everything I do on the network is fair game for Facebooks’s team of people responsible for milking cash out of their users. Okay. Having them monitor and make use of outside web use is just cold, though. Sure, Google does it and that is unsettling. But Google makes no claim to be (or appearance of) a separate system apart from the rest of the web. Facebook does.
Also wondering about something I’ve recently been looking at - as mentioned on by a colleague here - that Facebook claims complete copyright control over all user-supplied material… photos, video, writing, etc. I’m not familiar enough with the Terms of Service of similar networks to know if this is unusual.
One of the problems that people have with this program is that you can’t just opt out of it. You can opt out of it on a site-by-site basis, apparently, but can’t just say “not interested.”
That said, you are given two chances to avoid getting this stuff posted to your profile, one at the merchant’s site and one when you log in to Facebook.
Personally I’m not too concerned because I don’t buy much online, and would just say “no” at purchase time if I so desired. But I can understand the concerns of an “opt-out in a slow and painful manner” system versus an “opt-out” or “opt-in” system.
The best bet is for everyone to block beacon.facebook.com if they’re at all concerned. If you’re not running a browser that can do site blocking, google for how to edit your hosts file.
BTW news feed and mini feed are two separate entities; if you remove something from your mini feed, it remains on your friends’ news feeds. An application’s privacy setting will have controls for both items separately.
There is nothing that can be done for non-tech-savy people. They are happy enough to bang in their hotmail log-in details for some random application with not a concern in the world. So something as subtle as this they will neither understand nor care about.
However, I’d love a firefox extension that only allowed cookies to talk to the origin site, and also that deleted the cookies set by a site as soon as the tab was closed. Might help a little.
Microsoft did invest 250+ million into this little Facebook Web 2.0 venture. What did you expect — a business model that was not capable of a ROI regardless of how FUBAR that model may be?
Web 2.0 is one big experiment that will probably [justifiably] be characterized, in a few years, as a failed experiment with much too little thought applied by its promoters and developers.
Time to start using Safari’s porn mode.
One could also complain directly to the companies that have signed up for Beacon. Facebook’s press release mentions eBay, Fandango, CollegeHumor, Busted Tees, iWon, Citysearch, Pronto.com, echomusic, AllPosters.com, Blockbuster, Bluefly.com, CBS Interactive (CBSSports.com & Dotspotter), ExpoTV, Gamefly, Hotwire, Joost, Kiva, Kongregate, LiveJournal, Live Nation, Mercantila, National Basketball Association, NYTimes.com, Overstock.com, (RED), Redlight, SeamlessWeb, Sony Online Entertainment LLC, Sony Pictures, STA Travel, The Knot, TripAdvisor, Travel Ticker, TypePad, viagogo, Vox, Yelp, WeddingChannel.com and Zappos.com.
Some tips for savvy browser users (i.e. anyone reading this site):
Block Facebook Beacon tells about blocking Beacon in Firefox. And a Facebook Privacy group member wrote:
Blocking the stuff in Firefox or Safari is like having a raft. It doesn’t stop Katrina from wrecking everything, but at least you don’t drown.
If you want to block Facebook’s beacon on Safari you can install either PithHelmet or SafariBlock.
Jeff, have you heard of anything that could work with Opera (for the benefit of those that use it)?
Anyway, back to the blog post. Did Facebook ever hear of a thing called an “opt-in” system? Apparently not. Oh well, if this hits the mainstream media, I hope they’ll enjoy the foot-in-mouth, egg on the face with an extra side of crowk they’ll be eating, because they’ll get a lot of it.
(Another reason why I tell people it’s better to get people to opt-in rather than just assume it’s ok to do whatever they want with people.)
So do they know about all those private requests I sent to Faruk Ates for butt sex? Damnit!
And to think I thought I was being a jerk swearing off community sites all together. I gave facebook a chance for the sake of the dwws community and wham they take advantage of our trust.
Bastards. I’m all for protesting but to be honest far too many people don’t care that they lose their privacy. They are the 98% that don’t care what’s in the patriot act. Screw privacy and freedom, give me cool services and keep me safe any day.
Yeah, this one really doesn’t come as a big surprise - personal data is such big business/income - and Facebook are about making money (just like almost everyone else). They’ve had to be very subtle about how they get the data, and Facebook definitely encourages a false sense of security from the outset, but it was only going to be a matter of time before third-parties with enough cash could start tapping in to the personal data (potential) goldmine. Wait, does that sound too cynical?
Bottom line is: if you don’t want the world to know about something, don’t put it down on anything…the Web, the computer, even a bit of paper. The moment data is available - there’s always some sort of way to retrieve it.
Certainly, once Facebook users become more aware that their personal data is at risk of exploitation (or already being distributed) then it will likely cause a surge of mistrust, some users might already leave the site altogether! One of the things Facebook is counting on though - is that the site, the personal groups formed and discussions that occur on it, are sufficiently important to the common user’s web browsing habits that they really can’t leave (see MySpace - how many millions of users are all sat on there, know exactly how crap it is, but can’t leave because all of their buddies are on their too?) This is what Facebook is counting on too.
Simply: Public awareness of the level of (any) data misuse by Facebook is what needs to be addressed first…and then see how people react to the privacy options available to them - will they close their accounts? Probably not.
Dustin: You know it! Hahaha
Has anyone thought that a lot of Facebook users aren’t protesting because they don’t care? Maybe they should, but they don’t? The 70’s gave us the “Mee Generation” and this one is the “Look At Me” generation.
Remember, a lot of the millions of members of facebook are kids who post videos and party pictures online, kids who put TMI (too much information) in their profiles, kids looking for attention from their peers and strangers alike. This exposure of their shopping habits, for many of them, is just another element of the lowering of personal boundaries that blogging and social networking have wrought.
There seems to be an assumption that if Facebook users knew about this, they’d be outraged, thus a lack of outrage = ignorance. But maybe their lack of outrage isn’t due to ignorance. Perhaps they’re not outraged because they’re coming from a point of view where this isn’t outrageous.
- Greg
@greg, excellent point!
Does anybody actually have or use those dumb social networking accounts like facebook, myspace or the twitter/magnolia masturbation? Aren’t these geocities-type internet fads dead already? Good for farcebook or facesoot or whatever they call themselves in silly “web 2.0″ of the moment. Let’s get back to web standards and posting stuff about design/markup/creation that matters more than 5 minutes from now.
Isn’t that part of the definition of a child?
Social networks know their demographics and how the service appeals to kids. Parental responsibility aside, where is the owner/developer responsibility?
Does anyone know whether or not Beacon/Facebook is in compliance with COPPA [Child Online Privacy Protection Act]? They couldn’t be that foolish not to be in compliance. Or could they?
While the issue of being tracked by cookies and how that information is shared is an important one, Beacon, from a technology standpoint, is a separate issue entirely. It is not possible to reliably do what Facebook/Beacon is doing with cookies alone.
Even more importantly, it’s not possible to do what Facebook/Beacon is doing without the cooperation of the merchant website.
There’s a good technical write up over here, but I’ll quote the most important bit.
So, if this upsets you, in addition to the polite email you’ve certainly sent to Facebook, a polite email sent to the Merchant in question is also in order.
Getting back to my original point, this has zero to do with cookies, and everything to do with
1. Merchant sites sharing information with Facebook
2. Facebook publishing this information
3. Both there things happening happening without your explicit opt-in (except for the standard, draconian, “we can beat you senseless you with a plunger and you have to smile” TOS agreements
Don’t get me wrong, the third-party cookies and ad tracking is worth considering, but conflating the two issues is going to make this seem like less of a big-deal.
In the larger context, this is the real danger of internet bubbles and stock-market pipe dreams. This money doesn’t come out of thin air, at some point investors want to see something back, and snake-oil salesmen are forced to adopt ROI techniques pioneered by shady internet markers, which lessens the the value and vibrancy our entire medium.
Real value, not just dollars and cents.
Or, 80s sitcom style; Web 2.0? More like Web Two-Faced point oh … (is this thing on?)
Items of interest ‘Fire Isiah’ Chant Breaks Out During Knicks’ Front-Office MeetingFacebook and your privacyFireworks Developer Center: Updated Google owns us? CLA looming around the php world again Entire Blogosphere Stunned By Blogger’s Special Weekend Post The Two Types of Programmers [audio] Neurotic Asshole Finds Success In New York City
Items of interest ‘Fire Isiah’ Chant Breaks Out During Knicks’ Front-Office MeetingFacebook and your privacyFireworks Developer Center: Updated Google owns us? CLA looming around the php world again Entire Blogosphere Stunned By Blogger’s Special Weekend Post The Two Types of Programmers [audio] Neurotic Asshole Finds Success In New York City
@Alan, your comment is more useful than my post. Thanks!
All,
Next week we (the VRM “gang”) will meet during the IIW 2007 in Mountain View.
The idea of VRM “school” is a 180 degree turn on the relationship between vendor and buyer.
Today the vendor is in control of the relationship with the buyer, They are keeping the buyers data for themselves, while this data is actually owned by the buyer.
The VRM line of thinking, is to hand back the control over their data to the buyer/consumer.
In my blog ichoosr.com/blog I will keep you updated on the progress.
But do not despair, we are working on it … ;)
Cheers
Bart
What do you do? Ahem… stop using it. Or maybe people are so addicted to (one of hundreds of thousands) social networking sites that they can’t do without?
I’m a misanthrope, so i’m safe.
Jeffrey Zeldman Presents : Facebook and your privacy
careers of Shawn Kemp, Magic Johnson, Scottie Pippen, Michael Jordan, Antawn Jamison and Vince Carter. Looking at the time, it appears I should get some actual work where you do things done. Also read an intersetting article on Zeldman.com entitled “Facebook and your privacy“. I seem to have missed this. I missed the whole Facebook thing completely. I already have enough diversions without spending my day in front of the computer (wait - I should quantify / qualify that statement properly with parenthesis as
Jeffrey Zeldman Presents : Facebook and your privacy
What do we do? How about start listening to the people who are just a little skeptic (me included).
Facebook is a) based in the US and b) not getting any money for their service from users. The former is relevant because companies aren’t forced to a lot of customer privacy. And they have to start making money eventually — now, how do you do that with millions of detailed profiles at hand?
So please don’t complain if people keep saying “I told you so!”
The solution in Opera is to navigate to Facebook, right-click on some empty space, choose “Block Content”, “Details”, “Add”, type in “http://*.facebook.com/beacon/*” and then “Close”, “Done”. Opera has had this content blocking functionality in its UI since version 9.0 and before that through manual editing of filter.ini since version 6.02.
Thanks, Asbjørn!
looks like there has been some progress
http://www.guardian.co.uk/technology/2007/nov/30/facebook.beacon
More than progress! I marked these in Ma.gnolia earlier today:
Thanks to all who joined the group or wrote to Facebook and its advertisers.
Links of the Week: November 30th Friday, November 30th, 2007 Presented in no particular order…Facebook and Your Privacy Jeffrey Zeldman on Facebook’s violation of its users’ privacy. What Makes a Great Design? Blue Flavor’s D. Keith Robinson on quality design. The Email Standards Project
Links of the Week: November 30th Friday, November 30th, 2007 Presented in no particular order…Facebook and Your Privacy Jeffrey Zeldman on Facebook’s violation of its users’ privacy. What Makes a Great Design? Blue Flavor’s D. Keith Robinson on quality design. The Email Standards Project
TidbitsFacebook and Your Privacy“Did we really think Facebook’s investors just wanted us to have fun? Did we believe if there was a way to make a dirty dollar, they would scorn it on ethical grounds? This isn’t ‘The Well,’
his frustration about how unsubscribing from email lists can take up to 10 days, whereas signing up can be instantaneous. And he’s right, that shouldn’t happen. (TB) Jeffrey Zeldman (and his commenters) have agood discussion goingabout Facebook Beacon, which is of course the official topic of the last week on the ‘net. Some good “opt out” options, too. (TB) On Thursday, Web Pages That Suck published an item that I just haven’t been able to get over. (
About three months ago, through one of Sibylle’s sons, I was introduced to Facebook. I am not the social network type, but it was interesting to be involved in something that was so popular. Unfortunately, as recent stories haveshown, Facebook is perhaps not the safest place to have a digital representation of oneself. Neither, as it turns out, is it the easiest place to exit. I spent roughly thirty minutes this morning unchecking or removing all the information I could. Some
Here’s another one for you - “Under pressure, Facebook Modifies Social Ads Program” at Adweek.
http://www.adweek.com/aw/national/article_display.jsp?vnu_content_id=1003679712
http://www.zeldman.com/…/facebook-privacy
No heat at $5,000/month A date with Sandra BernhardFacebook and your privacyGive HTML e-mail a chance Guestbook spam gambit of the week
So there’s been a lot of furore over Facebook’s Beacon technology and your privacy going to the dogs. (Of course, there are those who think the current generation ofonline users/kids don’t really careabout their privacy but I digress…) To enhance the reputation of Facebook as nothing more than lying bastards whose revenue model revolves around peddling your information to the highest bidders, we now find out that their
Facebook and your privacyAnd may I add a newsflash: Google is the net’s largets ad-provider. They are logging your searches, visits, calendars, spreadsheets, documents, IM chats, email and more. And selling ands based on that info.
’s also unclear whether Facebook plans to modify Beacon so it doesn’t track and report on the off-Facebook activities of logged-off users. You can find more about this topic on the good article “Facebook and your privacy” by Zeldman. You can block Beacon by foolowing the steps reported on wikiHow. ↑ Grab this Headline Animator global, control, facebook, beacon
Jeffrey Zeldman Presents : Facebook and your privacy
blog entry, they don’t make it vividly clear on how to set privacy settings (for less experienced users). C’mon Flickr, make your user’s happy and remind them about their privacy settings. Don’t beFacebooked.In other news, Microsoft made a significant move in acquiring Yahoo. Flickr-ers, time to revolt (again). [Links via Techmeme] [Image credit: Jason Sherwin]
I personally call it StalkBook…. I guess it says it all
het invullen van persoonlijke gegevens op een website? Bovendien wordt het “big brother” principe in deze genetwerkte samenleving steeds meer waarheid… Doordat onze profielen, foto’s, activiteiten, video’s, blogposts, commentaren, enzoverderallemaal aan elkaar gelinkt (kunnen) worden, verdwijnt elke schijn van een ‘afgeschermde levenssfeer’ of zelfs van een ‘afschermbare levenssfeer’. Neem daarbij nog het feit dat we meer en meer naar geconvergeerde toepassingen gaan : onze mobiele telefoon bevat ook ons adressenbestand,
[...] ook tegen IM op een social network en zeker op FaceBook! Je privacy stelt echt niets voor bij die mannen! IM is toch heel goed zoals het [...]
[...] Facebook and Your Privacy Jeffrey Zeldman on Facebook’s violation of its users’ privacy. [...]