Slashdot Mirror
Facebook Users Complain of New Ad-Based Tracking
Tech.Luver noted a story about facebook users complaining over ads where their shopping habits are shared with their friends as if they are endorsing products. The neatest part is that you can opt out- if you click a box that disappears after 20 seconds... wait to long, and they assume you are totally fine with it.
CmdrTaco has bought a Swedish-made penis-enlargement pump!
Firehed - Unfortunately, thanks to medical breakthroughs, common sense is not as common as it once was.
Not true; the FaceBook provides a secondary method of opting out, just like you can control lots of privacy tweaks already. There's a nice new option for "External Websites: You can edit your privacy settings for external websites sending stories to your profile." (this is not to say there aren't privacy problems with Facebook in general)
I guess actually looking before writing a news article would have been just too hard.
Personally, I think it's a fair trade. What do you expect when you put all your personal information in to a web-site that is free to use? They have to make money some how and the easiest way to do that is to sell your information on to other people or come to agreements with other companies to find ways to market to you.
If you don't like that then don't use Facebook!
If you want your own soap box under your own rules then get your own site. You can even run these out of your own house now provided you're with a civilised ISP.
Simon
What happens when someone shops at an adult store and there are minors on their friends list...?
Facebook > Privacy > External Web Sites
Any site that has attempted to send something to your profile via the Beacon can be revoked and the stories deleted.
Hardly a week goes by without Facebook users whining about something.
If only they would harness that energy and complain about something really important. There's a lot of bad things happening in the World where their incessant and perpetual vociferousness could help invoke real social change.
If they don't like Facebook, there are MANY Web-2.0-social-networkized alternatives. They should just go use them instead (and quietly). I feel really sorry for the guys who started Facebook sometimes, they have a really tough crowd to deal with.
( off-topic, but w(hy)tf does one need to log in to see that url ( http://www.facebook.com/privacy.php ) ? Is facebook that much of an elitist "you're with us or you're against us / a loser"-clique that even such documents are behind a 'members only' login? geezus )
Anyway... what you describe is third party websites sending stories to your profile. As I understand it, the whole hubbub is about advertisers using data -from- your profile and all of the data relating to it (such as purchases). For example: "blowdart [your picture here] rated Miss Congeniality 4.5/5 - buy now and save $2.50!"
Even if there is a simple opt-out in the general privacy settings, if one hasn't needed it before it's a rude shock to find it suddenly is needed. Sharing information in aggregate is one thing, being used as a product endorser is quite another.
This is yet another illustration that people want opt-in so they can decide and marketers want opt-out so people can get stuck with crap they don't want. That the individual opt-out disappears after a short time shows the real attitude: We don't even want you to have that option, really. Just like the spammers who try to claim that proper verified opt-in is "double" as if it made more work for their victims.
The only real surprise in all this is that people don't set the opt-out as a matter of course when they sign up for the service. Of course, they have to know about it to set it. Not having, nor desiring, a Facebook account I don't know if it's made plain right up front or if a person has to go searching for the controls. And then hope the settings stick. Some places (*cough*LiveJournal*cough*) "forget" settings from time to time.
I don't subscribe to RMS's GNUtopian vision.
Personally, I would be more upset about the Microstatus feature they're testing right now... at least you CAN opt out of the ad one...
The world's only surviving livewriter.
Call me back when there's a button to stop black people looking at my profile.
Adblock Plus and Adblock Plus: Element Hiding Helper will take care of those text ads or any element on a website you want to hide. I had already been using ABP but found the Element Hiding Helper just to get rid of those damned things.
Mod parent up. This is the crux of the problem.
As nice as the privacy page is (ha), the best way to block Facebook Beacon for those of us using Firefox is described here: http://www.ideashower.com/blog/block-facebook-beacon/
As my lecturer said (in a Data Protection Act lecture in Britain*): "the biggest threat to the data protection is not criminals but american companies". It seems your protection laws are remarkably slack.
*That's BritainEnglandUKEurope to my friends over the pond
-1 not first post
I guess I'm just too impulsive to ever put off my longing - right now, I'm feeling an indeferrable longing for a proofreader at Slashdot!
Like most social networking sites on the internet, facebook started sucking as soon as it became popular.
and it's actually illegal in some countries.
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
This is the first I've heard of the Element Hiding Helper and I'm very intrigued. My sanity has been rescued by Adblock Plus, and I'm very greatful for how it works. However, this really seems like a escalation in the war on ads, and I have mixed feelings about it. I always justify using Adblock like this: "If they wanted me to see their ads, they'd use text and not garish gifs or flash." But if we find a way to block text ads that's as easy as Ab+, won't this force the advertisers to fight back? Won't Google, for example, be forced to really turn evil? And is that really in the general interest?
It was for precisely this reason that I recently quit Facebook. I was a member of it mainly for contacting people in college, but I've since graduated, and have found myself spending less and less time using it. Meanwhile, its infringements on my privacy have grown more and more.
The first whiff of displeasure I got when using Facebook was when people could tag me in photos without my permission and have them display on my profile. Understandably, there's lots of pictures one would probably not want the world to see, especially during a job search. I did eventually find the option to disable this "feature", but it was many months afterwards. Similarly, I expect there's a way to disable this privacy-infringing commercial thing, but the simple fact is, it's turned on by default for users, and you have to actively figure out how to disable it.
That's not how this kind of stuff should work. It should be opt-in, not opt-out. Am I supposed to babysit my Facebook account into the indefinite future, disabling each new feature as it comes out, hopefully in time to prevent revealing information that I didn't want revealed? No thanks. I'll just quit Facebook. I did, and you should too. The more people who put up with this kind of crap, the more emboldened they will be to keep doing it.
Cyde Weys Musings - Scrutinizing the inscrutable
Adblock only blocks the ads that you see. This new Facebook feature works by letting other websites post information about you to your profile so your friends can see it. Therefore, blocking the ads with Adblock does not help here.
To prevent websites from being able to update your Facebook profile, install the BlockSite extension, and block this URL: http://*facebook.com/beacon/*
Credit for the above information goes to this blog.
python>>> q="'";s='q="%c";s=%c%s%c;print s%%(q,q,s,q)';print s%(q,q,s,q)
Hey, phonetic editing!
If it *sounds* right, it *must* be right!
Nice!
I forgot to say that blocking the same URL with Adblock achieves the same results. The feature works by letting websites post updates to the URL http://www.facebook.com/beacon/beacon.js.php. So if you block this URL with Adblock (or another extension), websites won't be able to update your profile.
python>>> q="'";s='q="%c";s=%c%s%c;print s%%(q,q,s,q)';print s%(q,q,s,q)
I think that lecture needs a little bit updating to incorporate recent events..
Insert
If you look at it more closely you can't opt out of the service generally. Every time a new site tries sending stuff to your news feed you have to go back to the Facebook privacy page and opt out of that particular site.
Aside from AdBlock, you can do the following to effectively de-activate this service:
1. Get Firefox
2. Download and Install the BlockSite plugin for Firefox.
3. After restarting Firefox select 'Add-ons' from the Tools menu.
4. Click the 'Options' button on the BlockSite extension
5. Click the 'Add' button
6. Enter http://facebook.com/beacon/* into the input box
7. Click 'OK'
8. Click 'OK' again and you are good to go.
I use Privoxy on my network. Presumably it could be configured to do a lot of the same things, although I've never really dug that far into it.
The higher the technology, the sharper that two-edged sword.
Does the ABP element hider block elements before they load like ABP does?
Is that you cannot actually delete all of the information in your profile with ease. You can deactivate your account, but all of your information is still on their servers and will load right back up if you log in again. To actually delete your profile you have to delete EVERY SINGLE THING from it. That's right, every post on your wall, every picture, you have to individually delete each of them. Fun times.
Currently, Facebook possesses an *unknown* tactical advantage in opposition to Google's *unknown* willingness to commit strategic resources and influence. But once Facebook's advantage is quantifiable, I suspect that Google will guesstimate and commit enough resources to win the battle. The odds are good that Facebook's growth rate of change will hit an inflection point in the next few months. These user complaints are a direct result of Facebook trying to push a tactical advantage for strategic gain.
http://www.realmeme.com/roller/page/realmeme?entry=social_networking_meme
Once Facebook hits an inflection point, its scope of influence is bounded, i.e. predictable.
Facebook needs to change the game to increase their chances of winning.
At this point, I give them a 50/50 chance.
There's power in coalitions (see IBM's strategy with Eclipse, Sun's strategy with Java & JCP).
If I owned Facebook, I'd redo the Facebook API by combining some of the ideas of OpenSocial, then build a coalition along the lines of the Java Community Process to manage it, abdicating 49% of the power and responsibility to other companies. If Facebook does that now, they can leverage their current development community and possibly force Google's hand. If they wait, the true extent of their power will eventually be revealed and challenged.
Really, if you HAVE to use Facebook, then why put all this personal info on it? I put a crapload of false stuff, including a fake name, location et cetera. My friends still can reach me and I can still reach them AND most privacy issues are null.
Just put baloney on there and stop worrying so much. They can only sell what info you give them.
Ok, Facebook do appear to have been doing something very stupid here, but let's get a list of all the vendors involved. Can we not have a list of all the vendors (Amazon and the like) who are happy to release your private sales information to a third party without your express permission?
I think it would be very important to promote a list of online retailers who it's NOT safe to shop with. Ignore the fact that Facebook are showing the information where they shouldn't be, the retailers who are offering the information out in the first place are the ones to really be angry with.
And if it isn't in cooperation, and there's some kind of stealth applet in the browser (as it sounds like there might be) listening in on third-party site traffic then that sounds like either a browser security hole (which should be patched) or some kind of malware that should be removed from systems.
Unless, this is just some overblown incident of user stupidity where they are telling facebook more than they should be. I haven't seen the thing in action myself.
Jolyon
Please read my Canon EOS tech blog at http://www.everyothershot.com
reality is a threat.
"The fight for freedom has only just begun." - Geert Wilders
...that requires your REAL FUCKING NAME about privacy issues?
Hilarious.
Place dee peenoos poomp oon doo peenoos ahnd vapeedly poomp dee handool oop oont doown.
I use Firefox exclusively with NoScript installed. I clicked on the link, and... What the hell am I doing on this completely different site? And why is it trying to run JavaScript at me? Further, why is it trying to run a cross-site script from Facebook?
It was at this point that I began to suspect that the pages Facebook is presenting me are not, in fact, always generated by Facebook's servers, but instead can be cobbled together from any number of sites and servers located anywhere, and that these sites all exchange data transparently with Facebook.
I haven't read their developer's pages or their API specification, so I'm only guessing here. Does anyone know if this is in fact true?
Because if it is -- to borrow one of Jon Stewart's terms -- then it's an absolute catastrofuck of a design, and everyone but everyone should run screaming from Facebook as fast as they can.
Schwab
Editor, A1-AAA AmeriCaptions
You kids are all a bunch of whiney bitches. Facebook is a free site, like every other free site (myspace, digg, etc), they have no real business model, or purpose, other than to push ads in your face - that's it, that's all it is, if you think the site exists for any other purpose, you really don't get it, and you are just the kind of mindless visitors they want so they can get rich off you. The fact is, your the one who has no life, and choose to waist time online with a handful of online friends instead of going out and doing real things with real people in the real world, so the site which enables you to have this pathetic lifestyle can do whatever they dam well please to whatever information you have voluntarily fed them, get over it!
...that requires your REAL FUCKING NAME about privacy issues?
What does one have to do with the other?
The government has oodles of files that require my "REAL FUCKING NAME", and I expect them not to whore that information around with marketing sleaze. My Dentist requires my "REAL FUCKING NAME", and I expect him not to whore the information he has on me around. Hell, even my car insurance requires my "REAL FUCKING NAME", and I expect them to keep their information private too. Why suddenly, does having to give a website ones real name equate to some sort of tacit agreement to bend over and take it in the ass when it comes to privacy?
Thanks for this tip. As much as I HATE the concept of Facebook (and publicizing anyting but the vaguest info about yourself on the internet in general), it looks like I'm going to have to join eventually if I want to be at all socially involved with my fellow students now that I've returned to school.
This story was giving me irritated twitches as I read it, and I was just about to ask if there was anything that I could do to protect myself.
If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").
As someone who actually has used Facebook...
Many weeks have gone by since the last 'privacy' issue with Facebook. Sure, there are the news stories that mention "social networking sites like Facebook" whenever some news outlet uses online predation to boost ratings, but these have nothing to do with Facebook's privacy policies.
The last 'call to arms' so-to-speak was when Facebook introduced feed. Facebook members were already revealing the information in feed and were primarily upset out of their own ignorance. Facebook implemented some controls to keep things out of feed, but that information is still available if anyone wants to bother and look (or use a script to look for them). Facebook didn't fail in terms of privacy. They failed in terms of user perceptions, but not in terms of actual privacy.
I suggest actually opening a Facebook account and taking a look at how the privacy options actually work. Facebook has really outdone every other social networking site (and lots of other types of sites, too) in terms of privacy. Anyone really concerned about privacy on Facebook should have no problem spending the little time it takes to work the controls - they are easy enough for anyone to use.
well the old addage is scilence is compliance
I just created a new account with a throwaway email account to see. No, it doesn't obviously give you a method to opt out.
,,|,, and left. Oh well.
On this point: I don't have a facebook account either. A couple of friends sent me invites some time ago and I signed in with (yet another) throwaway email account to have a look. At the point where it demanded my birthday I thought
You have a sick, twisted mind. Please subscribe me to your newsletter.
Burn!!
I agree. If someone says they don't have an email address, they are probably lying. Doesn't facebook require that you give them your email address when you sign up?
Write your own Choose Your Own Adventure. http://www.freegameengines.org/gamebook-engine/
Facebooks' policy is, and has always been, "It's better to ask forgiveness, than permission" with regards to policy.
Who cares about this? What's important is the long-term trend. Computers are networked. They are growing in power and complexity at an exponential rate. The algorithms for data processing and pattern-recognition software are being worked out at lightning speed.
Computers are sharing information. And, once leaked, it's basically impossible to contain it. And once leaked, this information is available for an indeterminate period of time - forever?
Why forever? Since storage capacity is growing exponentially, the need to purge old data is dropping exponentially, too. I have, on DVD, a hard disk image of my entire computer at around 1999. It's about 1 GB of data, and was a real hassle to get together back when I made it. But now, I've got a copy in a folder in my home directory on my Laptop, which has 160 GB HDD. It's not enough space for me to care - my disk usage is floating around 75% now, including my entire MP3 collection. (which dwarfs my old HDD)
I'm probably going to keep that old disk image, along with its ancient copy of freecell.exe forever. Not because I care at all about freecell.exe, but because the cost of actually deleting that file is far greater than the cost of keeping it around.
And so it is with leaked, marginally valuable information - the cost of leaving it "hanging around" is lower than the cost of identifying exactly what it is and deleting it. So this leaked information tends to "stick around" forever, and we have pattern recognition, AI, and search algorithms improving rapidly, which dramatically reduces the cost of identifying and reprocessing this marginal information. The end result is a human/machine meta-creature, a sort of swarm-like social animal like ants but with a common, shared intellect, lots like the GAIA from (you guessed it!) Asimov's Foundation series!
Asimov was a visionary in more ways than one...
Guess I'm rambling. I'll stop now.
I have no problem with your religion until you decide it's reason to deprive others of the truth.
Welcome to the new social norm in the world. The "sheeple" are mad because someone is trying to profit from the mindless social jabber on these megasites. Plus Microsoft is trying to recoup the loss from the google fakeout. :) Gee, looks like Microsoft, who is now processing the ads on the site is doing quite well..I still say they need to lace an ad in the queue with a flawed WGA validator and go RIAA on these people. OH..sorry, your Windows is pirated, pay us 3000$ and we'll look the other way. :)
We skip steps 1-3 and go straight to 4. Profit. :) $ocialnetworking...ain't it grand? :) In other news, Nigerian spammers are offshoring work to India...
Remember, it's not paranoia if they really ARE out to get you...
Is there anything out there that sandboxes each site you visit with regards to cookies? That would probably solve this and any related privacy issues cleanly and easily.
Your mind is clear / The things that you fear / Will fade with how much you / Believe what you hear
Yes, I agree. The mural graduates and the charcoal graduates are generally still good. Shoot - even the plain old oil and watercolor graduates are good. But I too have noticed how the collage graduates have dropped in quality. It used to be that professional collages were of the utmost quality, with many different types of print media glued to a backing surface to make a single piece of art -- not just silly ransom note-type concoctions, mind you, but serious art. And this was obviously because the collage graduate was high-quality. It only makes sense. But since the collage graduate quality has dropped off, the collages suffer. A lot of them are now nothing more than Creative Memories scrapbookers. A real disgrace, those collage graduates are.
It all makes sense, if you're willing to just sit down and think about it for a short time.
Please don't use "umm" or "err" or "erm".
Firefox has an option to only send cookies to the originating site, but, because in this case third-party sites use JavaScript from Facebook's servers, the cookie can still be read. As you say, it would be nice if browsers could block this kind of stuff.