Slashdot Mirror

← Back to Stories (view on slashdot.org)

Logged In or Out, Facebook Is Watching You

Posted by timothy on from the damn-addictive-scrabulous-and-cute-iris-chang dept.

kaos07 links to this ZDNet story, according to which "Researchers at software vendor CA have discovered that social networking site Facebook is able to track the buying habits of its users on affiliated third-party sites even when they are logged out of their account or have opted out of its controversial 'Beacon' tracking service. Responding to privacy concerns, Facebook has since moved to reassure users that it only tracks and publishes data about their purchases if they are both logged in to Facebook and have opted-in to having this information listed on their profile. But in 'extremely disconcerting' findings that directly contradict these assurances, researchers at CA's Security Advisory service have found that data about these transactions are sent to Facebook regardless of a user's actions."

34 of 336 comments (clear)

  1. Well by Anonymous Coward · · Score: 5, Insightful

    Only if you have a Facebook account.

    1. Re:Well by wattrlz · · Score: 4, Insightful

      Facebook uses an email address as your login, but I'm guessing they probably have some sort of cookie thing set up as well.

    2. Re:Well by Anonymous Coward · · Score: 1, Insightful

      Well, not really offtopic, that was an accident on my part. But anyway, expectation of privacy in just about any online service these days is naive, alas. Particularly at a site like Facebook, they are bound to look at the huge amount of personalized information about users as a company resource to be exploited for maximal profit.

    3. Re:Well by Anonymous Coward · · Score: 2, Insightful

      And now they have one more of your email addresses. The web contracts a bit more... ;)

    4. Re:Well by vux984 · · Score: 2, Insightful

      There is nothing to prevent them from recording ALL transactions reported to them by their affiliates and either associating them with you when you do create an account OR even if you never create an Facebook account attempting to maintain a dossier of transactions which Facebook believes are likely to have been made by the same person. This is why one should never provide accurate information concerning one's identity online unless it is absolutely necessary. If you are not feeling creative then you can always use Fake Name Generator to create a throw away identity.

      1) Facebook is tracking your buying habits, obviously when dealing with vendors you have to provide a reasonably real identity... they need a real address, creditcard, etc in which to bill you and send you your goods. So you can't really lie there, even if you wanted to.

      2) Lieing to facebook about your idenity is against the facebook eula and terms of service. Granted its something a lot of people do and get away with doing of course, but nonetheless it amounts to fraudulently using facebook's service.

      In my opinion if you do not wish to agree to and submit to facebooks terms of service, you should not use facebooks services. It really is that simple.

      If more people stood up for their rights and refused to click through agreements they don't agree with, service providers would change their agreements to something customers could actually stomach.

      Same goes for DRM.

    5. Re:Well by RackinFrackin · · Score: 2, Insightful

      "Only if you have a Facebook account."

      That's not insightful. It's obvious.

    6. Re:Well by vux984 · · Score: 2, Insightful

      The real address can be either a mail drop or an address controlled by a private trust.

      It all depends upon how much you value your privacy and how much you are able and willing to spend to protect it, but there are ways.

      Sure, you could also just not buy anything online, and show up in person wearing sunglasses, a veil, gloves, and cash... that's not really the point here though.

      Well cry me a river, why should people give a crap about their terms of service?

      Only a complete idiot would use a service without understanding what the terms and consequences were.

      The worst they can do is ban your throwaway account.

      Why create one in the first place? If you don't agree with the way they operate why deal with them at all?

      In general, I do what I please until somebody pushes back because that is how the real world works.

      Why wait until they push back? Push first. Refuse to use the services of a company you don't agree with.

      Some people and certain relationships are important to and others are not and I treat them accordingly.

      "Respect for ourselves guides our morals; respect for others guides our manners."
      ~Laurence Sterne

      I have far too much self respect to lie just to get a silly facebook account.

      If facebook wants my patronage and membership, they can come to the table with terms I'll agree to. Otherwise they can go fuck themselves. They need us far more than we need them.

  2. Shocked by Romancer · · Score: 5, Insightful

    I'm shocked that you're shocked. Or even expect me to be mildly surprised that this is happening.

    The only difference is that this is supposed to be a larger company and therefore better than the millions of smaller opt out pipe dreams out there?

    --


    ) Human Kind Vs Human Creation
    ) It'd be interesting to see how many humans would survive to serve us.
    1. Re:Shocked by ivan256 · · Score: 5, Insightful

      I'm constantly amazed about how people will post private information in a public place (thus making it public information), and then complain about how they are being robbed of their privacy.

      Of course it also amazes me how popular these social networking sites are with adults. It's understandable that kids and teenagers want to climb a social ladder of sorts, since it is human nature to attempt to achieve more than your peers, and there is little available in the environments we provide to kids other than social hierarchy to climb... But when you grow up, generally people move on to trying to get ahead in other types of accomplishments. It seems things like MySpace and Facebook have extended High School into adulthood. When you place that much value on your social network, perhaps it shouldn't be too surprising that people are willing to give up their privacy to maintain it.

    2. Re:Shocked by D+Ninja · · Score: 2, Insightful

      Ahhh...but, don't you know? High School Never Ends.

    3. Re:Shocked by SatanicPuppy · · Score: 4, Insightful

      All you whippersnappers, I swear...Look me up by my real name, and you get nothing, nada, nihil, zip, because I made a very conscious decision to separate my online identity from my regular identity. Keeps me from having to be too careful.

      Make the decision, and separate yourself from your online identity. You can always claim it later if you want to, but you can disclaim it as well

      --
      ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
    4. Re:Shocked by unformed · · Score: 4, Insightful

      A number of reasons:

      1) I don't get spammed by email. I don't have to send everybody my new email when it gets changed.
      2) It's far, far, far easier to get in touch with people you've long fallen out of touch with.
      3) Adults are just as much social whores as kids are. We (as a race, excepting geeks) ARE a social creature, and we like talking and socializing with others, in whatever way possible.

    5. Re:Shocked by xaxa · · Score: 4, Insightful

      All you whippersnappers, I swear...Look me up by my real name, and you get nothing, nada, nihil, zip, because I made a very conscious decision to separate my online identity from my regular identity.

      That won't help when someone else tags a photo (or whatever) with your real name.

    6. Re:Shocked by deraj123 · · Score: 5, Insightful

      There's a difference between "party on the weekends" and a photo history of you making a lot of poor decisions. Think, pictures of inappropriate jokes, pictures of you not just drunk, but completely obliterated, pictures of you breaking the law, etc.

      If I'm hiring somebody, I don't care if they go out drinking on the weekends (in fact, I might be concerned if they didn't occasionally), but I would probably think twice if presented with evidence of them making repeated, poor, destructive decisions.

      Decision making is a trait that translates over to work.

    7. Re:Shocked by Slashdot+Suxxors · · Score: 4, Insightful

      I have my cell phone on my Facebook. But it's not like anyone can pull up my profile and check. If they're not my "friend" then they can't see it. If I get random friend requests from people, they don't get accepted. It's simple.

    8. Re:Shocked by ivan256 · · Score: 4, Insightful

      I don't really agree that the video games extending into adulthood thing is part of the same trend. After all, adults have always had their games. The technology has simply advanced from dice and cards and balls and sticks to also include electronics. The existence of gaming as a source of entertainment throughout the duration of adult life, though, is nothing new.

      It seems to me that video gaming is replacing pinochle and golf, more than it is turning adults into over-aged kids.

      It is valuable throughout your life to learn how to relax and have a good time (as long as it's balanced with your responsibilities). That's completely different from basing your self worth on popularity instead of achievements.

    9. Re:Shocked by philspear · · Score: 5, Insightful

      Right, because that couldn't have possibly been humor.

      Hell, the fact that she was applying for a job should have clued you off that it was a lie.

      Not for nothing, but applying to jobs is annoying, and while we all must do it, that doesn't make it any easier. It's tedious paperwork, waiting, not getting paid, and half the time those of you who are hiring don't have the courtesy to let us know we're not getting the job. If you decided not to hire her based on something as trivial as that and that alone, you're an asshole.

    10. Re:Shocked by ivan256 · · Score: 4, Insightful

      Your first paragraph describes the dream, and the second describes the reality.

      My comment simply offered a possible explanation as to why people see the dream instead of the reality.

      What is so fulfilling to you about performing your correspondence out in public over one of the many, more private and less exploited methods? I have yet to hear anybody answer that question with something that doesn't boil down to "everybody else is doing it". Hence the high school comment.

    11. Re:Shocked by The+Yuckinator · · Score: 2, Insightful

      Getting sloshed "every day" is definitely an issue and most of the 12 steppers you'll find in an AA meeting used to live that life. Good for them trying to get away from their weakness.

      If I have a few too many on my birthday, New Year's Eve or just on holiday, then end up crosseyed (& painless) and pass out at 8pm - I am not a drunk. I've simply had too much to drink on that particular occasion.

      Now, if I do that every night in my own home for no other reason than "I'm old enough and can drink whatever I want" then we can talk about me having a problem. Suggesting I've got an alcohol problem from one night of overindulging is ridiculous.

      "Only drunks with a real problem get sloshed" - that's a pretty broad stroke of the brush. Couldn't disagree more.

    12. Re:Shocked by Gewalt · · Score: 2, Insightful

      No, but during my stint in the military, I did get to serve as a counselor for a while. As you can see from my troll moderations, there's quite a bit of denial taking place here. They will learn soon enough.

      --
      Modding Trolls +1 inciteful since 1999
    13. Re:Shocked by Mia'cova · · Score: 2, Insightful

      You can send messages to multiple people. Hell, you can send messages to up to 5000 (groups) last I checked. You can send mass emails to people attending an event (not those who opt out), etc. It's handy. Do I want all those group/event organizers to have my actual email address? No, not really. I'd much rather they send mail through a proxy and have facebook send me an email with the contents of the message (not just a notification). I think you're just trying to come up for reasons why it's a bad idea. It's not.

    14. Re:Shocked by Abcd1234 · · Score: 2, Insightful

      So, what is that ideal picture? Personally, I've met programmers and math types that are all over the map, personality-wise. And, frankly, I would consider avoiding the overly bookish, socially inept types, given that one's job as a programmer is, above all things, to communicate with others and to, you know, socially interact with them.

    15. Re:Shocked by syousef · · Score: 3, Insightful

      Of course it also amazes me how popular these social networking sites are with adults.

      It doesn't amaze me at all. When your work means you're out of the house 9-12 hrs/day 5-6 days a week (and that's considered good hours in IT), then you come home to chores etc. when do you find the time to catch up with old high school friends? My experience has been that I've become more and more isolated as I've gone from my mid teens to my mid 30s and my spare time has decreased. I have more acquaintances than close friends that i hang with. My social time's spent mostly with family. Still, if I do get spare time and it's not at the same time as my friends, I can write them an email. Sure I could keep track of everyone using simple email, but it's nice to see pictures of what people I haven't had time to catch up with in person for a long time are up to.

      What I don't understand is all the crappy games on facebook. You've been bitten by a vampire? What swearword are you? Someone's given you a freaking virtual fish? Who cares? The novelty of that wore off in 5 minutes. THAT is the side I see as childish.

      --
      These posts express my own personal views, not those of my employer
    16. Re:Shocked by Abcd1234 · · Score: 1, Insightful

      Habitual drinkers do NOT get sloshed.

      I can only assume you meant "recreational"... and yes... believe it or not, sometimes, they do. Your continually stating this as fact doesn't make it true.

      Those people are called drunks.

      No, drinking to excess is *not* sufficient to define an alcoholic. Necessary, yes. Sufficient, no. And the AMA, and so the rest of clinical psychology, agrees with me.

      Go ask your own HR department if they would hire someone who drinks to impairment on purpose.

      Umm... my company has a yearly party where many drink to excess. On the company dime. So no, they don't care about someone who drinks to impairment, on purpose, occasionally. And thank god for that, because I could never work for an organization as prudish and close-minded as the one you evidently work for.

      That said, they do care if you have a drinking habit that interferes with your work or life. But guess what... *that* is part of the definition of an alcoholic, as is reflected in the AMA definition which you so conveniently just ignored.

    17. Re:Shocked by Jason+Earl · · Score: 2, Insightful

      If you are so drunk that your friends are inspired to take pictures of you, then it is likely that you have a drinking problem. Even if you don't have a drinking problem, you can't hardly blame potential employers for being concerned that you *may* have a drinking problem.

      The reality is that employers often are dealing with very little hard information about a candidate, and hiring the wrong person can be a very expensive mistake. A Picture of you holding a beer while hanging out with friends is not a big deal. Heck, even several such pictures are not likely to be held against you. Pictures where you are clearly drunk, on the other hand, are likely to get you passed over for the job.

    18. Re:Shocked by WDot · · Score: 3, Insightful

      An applicant you mean? I don't know if I'd like to work for an employer who can't spell.

      http://www.thefreedictionary.com/Applicate

      See how silly that is? It's an honest mistake, and here I am condemning you for it. I'm even suggesting that you can't spell AT ALL, even though you only made one mistake in the whole post. I'm making sweeping generalizations about your literacy based on a post on the Internet.

      If you cut out applicants based on whether they have a squeaky clean Internet Posting Record, you are making a rather arbitrary (and poor) choice. You are also wasting your time on Myspace when you SHOULD be reading those resumes we spend hours on.

  3. Re:Built-in by Ollabelle · · Score: 2, Insightful

    So in Soviet Russia, the government would simply contact Facebook to watch you for them, or they would contact the telephone company.... oh, wait....

    --
    Ibid.
  4. Re:I don't understand... by wattrlz · · Score: 2, Insightful

    Hey, the moment /. starts getting flooded with eye-candy coeds ( and helping track down long-lost non-geeky friends, but it's 99% the coeds) I'm sure facebook will go out of business, but until then, they're pretty much the big dog of social networking.

  5. Re:How Dare They by plasmacutter · · Score: 5, Insightful

    Way to one-sidedly misrepresent wholesale privacy violation as innocent altruism.

    Apparently the telecom domestic spying scandal has not reached your part of the world?

    In these times, companies have as much or more assets and power available to them than many of the world's nations, and allowing the wholesale gathering of information on individuals by private firms under the red herring of "private property" will lead to the exact same kind of oppression as allowing the government to do it under the red herring of "national security".

    There are other ways to better serve me without having to identify me personally. Inventory tracking has been done successfully at the branch level for a century in its current form, and if they don't carry something, speaking to a manager will often get results.

    There is a difference between profiting from advertising, and profiteering from spying on me and selling that data to telemarketers, government agencies, and other shady organizations.

    --
    VLC FOR MAC IS DYING! IF YOU DEVELOP, PLEASE SAVE IT!!
  6. Re:How Dare They by novakyu · · Score: 4, Insightful

    This is almost as infuriating as Vons/Safeway and their "club card", tracking my purchases to try and "Better serve me".

    Well, turning the sarcasm detector off, change that to "Vons/Safeway and their 'club card' tracking my purchases and all other purchases with the credit card that has ever been used with the club card through special deals with the credit card company ...." and you will be closer.

    Facebook is welcome to track you on their own website (practically every website owner does this with log analysis) and even track your outgoing clicks with redirects, hidden or bare (even Google does this, and they are really tricky about it too, if you've noticed it on their search results). What they are not welcome to do is track you when you are not on their website through "special deals" with other websites. Such aggregation of data on you is a disaster waiting to happen.

  7. Old Article by Silent+Node · · Score: 2, Insightful

    The date on this article is 04 December 2007 05:22 PM, are we sure the concerns raised here weren't dealt with already? ...not that I'm a huge Facebook fan, but if I were to leave Facebook I would have to give up administration of the United Cabin Dwellers Federation. Although I hear leaving can be difficult...

    --
    "You can't win. You can't break even. You can't quit." -A. Ginsberg
  8. Re:Well What ROYALLY pissed me off earlier by davidsyes · · Score: 5, Insightful

    What might have royally pissed off others was that when facebook asked for the new member's valid email address, it implied or outright expected them to provide to the f/b interface the VALID PASSWORD OF THE VALID EMAIL ACCOUNT.

    This royally inFURIATED me. All they needed to say was Give us your valid email of choice, and reply within 5 minutes of receiving it and supply the code we give you, or you'll have to redo this and still try within 5 minutes to validate yourself.

    They had NO f*cking business structuring it in such a way that MILLIONS of users would blindly or hopelessly supply their gmail, yahoo, msn, and/or other passwords through a facebook conduit.

    Can you IMAGINE how much snooping could be done if facebook were compelled by law or court order to submit subscribtion/memberhship application logs to various agencies that don't want to actually leave traces of intel-snooping? All they have to do is notice whether or not the user is online or not, then log in as them, quickly look at non-viewable things, then log out. Only if friends and bots are somehow tracking friends login/logout activity can anyone be tipped off that something might be amiss.

    Even without the conspiracy theory stuff, facebook should NEVER have culled or duped people into giving facebook their other account's passwords, nevermind the fact that there are other means by which other parties could steal or surreptitiously obtain a targeted user's password.

    I cannot remember what I did to foil that frackin' attempt, but I think I did foil it.

    --
    Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
  9. Re:Well What ROYALLY pissed me off earlier by davidsyes · · Score: 2, Insightful

    I am pretty sure that it was when I initially subscribed.

    But, I almost NEVER input my friends' REALL e-mail. FUCK THAT. It's just another lazy-assed, surreptitious harvesting opportunity. I search for my friends by name, or find them in other friend's profiles. If I cannot find a friend without their e-mail address, I give up. Or, I call them, tell them MY e-mail, and let them decide whether or not to tell me/add me, or put themselves on a social site.

    Way too many thoughtless/un-thinking people unmindfully add their contacts lists of people who might have been TRYING TO STAY OUT of the marketing mechanism.

    I wonder, though, if there is or will be a Do Not Harvest & Retain Me list, compelling facebook, myspace, et al to purge all public/blog/post references. That could really piss off some advert types who "just want that fucking contact info, no matter what"...

    --
    Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
  10. Re:Well What ROYALLY pissed me off earlier by severoon · · Score: 2, Insightful

    I used to think the same way. It doesn't matter, though...no matter what you or your friend's intentions, some idiot is going to tag a photo with your real name, address, email, etc on a public forum like Facebook. You don't even have to have an account there to be identified in the most public possible way. Just hope it's a photo of you at your best. It's a public life, and we did it to ourselves--didn't take a government or nothing to get us to install a two-way TV like in 1984.

    --
    but have you considered the following argument: shut up.