Facebook: A Bull In A Privacy China Shop

In the same way we liked to pick on Microsoft in the 90s, Facebook has become a popular punching bag. Defenders point to the positives. Through Facebook we can keep up with friends, share photos, and play games. For many of us, Facebook has become a digital version of the local hangout. But do you remember anyone from management following you after you left that corner booth?

Apparently it’s common knowledge among privacy groups, and it is spelled out in Facebook’s policies, but I was surprised to learn that “Facebook can essentially track you around the Web.” I bet the majority of Facebook users would be surprised as well. As long as you remain logged in to your Facebook account and then browse elsewhere on the web to a site that uses the Facebook “Like” button, Facebook can see where you go and what you do. Even more disturbing is that non-Facebook users can also be tracked.

Now that the number of “likes” a site receives factors into SEO ranking expect to see the distribution of the “Like” button on more and more websites. It’s one of the reasons you see it on the article pages here at ReveNews.

Nuts and Bolts of How “Like” Tracks

For those who are not familiar with the specifics of Facebook’s tracking, Arnold Roosendaal of Tilburg University recently published a rough draft of a paper that highlights three ways Facebook follows you around the web:

  • If you’re a Facebook user, when you visit sites that use the Facebook Like button, a cookie is placed on your computer even if you don’t click the Like button (clicking the Like button requires you supply your login information to process the request, thus connecting your “like” to your account). This browsing history is then associated with your user ID the next time you login to your account.
  • Non-Facebook users are also tracked by Facebook, but it appears this tracking happens through a site using both the Like button and the Facebook Connect service, which places a cookie on your computer. This cookie comes with a two-year expiration date. Once this cookie exists on your computer, browsing behavior goes back to Facebook’s servers each time you visit a site that includes Facebook content.
  • If a non-Facebook user opens a Facebook account there’s the potential for past browsing data to be associated with that user’s ID. When the new account is created, a cookie is issued with the user ID. This cookie then talks behind the scenes to the already existing cookies on your computer from your pre-Facebook days and the browsing data is synchronized with your user ID.

When asked, Facebook replied that it stored users’ web-surfing data via cookie for 90 days.

One suggested solution for consumers is to use AdBlock to keep Facebook from following you. The fact that a relatively simple solution exists helps, but the bigger question remains about what qualifies as legitimate tracking. We know that advertisers are salivating over the potential of Facebook’s user database. Tracking its users’ browsing habits adds another reference point and makes that user database all the more valuable.

More than a Privacy Concern

Like all companies that collect user data, only part of the concern relates to how they plan to use it. The other, and perhaps larger concern, is the security of that data. If Facebook and its fellow data collectors (like Google) want the benefit of the data, they’ll have to bear the closer scrutiny that comes with it.

Facebook has made very public privacy stumbles. The most recent one involves sharing contact information, likes addresses and phone numbers with developers. And yet, we keep going back for more. Over 500 million people around the world actively use Facebook. So where does that leave us?

  • Quit Facebook: The most extreme action, advocates of quitting Facebook make a compelling case for people to walk away from the popular site. There are alternatives like the open source Diaspora, but if all your friends are on Facebook, making the switch doesn’t look as appealing.
  • Limit how and when you use Facebook: After learning about the off-site tracking, I now make it a point to logout of Facebook and delete its cookies before I do any other browsing. I’m also selective about just how much information I put on Facebook. I take the old advice that I always heard about email: don’t put anything out there you wouldn’t mind seeing on the front page of the newspaper.

Despite Facebook’s assertions to the contrary, its actions continue to indicate that privacy is an ongoing cause for concern.

Bull in the China Shop

If Facebook continues to muck around and make a mess, for both users and businesses, it will become an even more attractive target for government investigation and regulation. I’m not a fan of regulation, but if basic ideas like protecting my data and not abusing access to my data cease to exist between customers and businesses, government involvement starts to look more attractive.

Tracking web browsing and building user databases is not inherently evil. I suspect most of us appreciate not getting slammed with only Viagra ads everywhere we go. There is value to targeted advertising. This point is one that the FTC seems to be missing with its latest push to implement “do not track” across the board.

I suspect that if most people are informed of when and how they’re being tracked that concerns about it would decrease. Paranoia about tracking is generated when we hear the stories about data being shared without consent or when it happens and we don’t expect it (like after leaving Facebook).

We also have to take responsibility for the companies we choose to support. If we’re seriously concerned about privacy and the way Facebook treats our data, how can we expect a real response to our concerns if we aren’t willing to walk away? In some respects, if we’re complacent and choose to continue supporting companies that do things we don’t like, then we bear some of the blame too.

About Britt Raybould

Britt Raybould has a passion for telling stories and she specializes in helping companies figure out how to tell their own stories. Through her firm, Write Bold, she shows companies how storytelling can define them, both to their customers and within their industry. When she remembers to, Britt blogs on her personal sites at bold-words.com and brittraybould.com. You can find Britt on Twitter @britter.

Twitter: britter

5 Responses to Facebook: A Bull In A Privacy China Shop

  1. Very, very interesting. If they track you so closely it should be disscused on a high level because it's not so pleasant to know that they know everything for your on-line life.

  2. Silverio says:

    Interesting article.Being a web designer though , i must object on the cookies part.Cookies are stored website-wise and browser wise.Firefoxes cookies wont work with IE and vice-versa.Also Msn websites cookies cant be accessed by the facebook engine.What happens is , when you visit a website , the cookies THAT website has stored on your computer are available to it for data feeding.
    What concerns us more , is , that a website owner can track your actual location even if you never submit it to a website .!

  3. […] and straight-forward. It either “is” or “is not”. And while it offers Facebook the ability to track users across the web, there is little depth or relevance to any given […]

  4. […] and straight-forward. It either “is” or “is not”. And while it offers Facebook the ability to track users across the web, there is little depth or relevance to any given […]

  5. You made some great points here! Also Silverio, thanks for further clarity. It is scary to know that a site (ie FB) can track your location without ever having submitted it.