Slashdot Mirror

← Back to Stories (view on slashdot.org)

Facebook, Others Giving User Private Data To Advertisers

Posted by kdawson on from the naked-we-stand dept.

superapecommando sends along a Wall Street Journal report that indicates that Facebook's privacy troubles may be just beginning. "Facebook, MySpace, and several other social networking sites have been sending data to advertising companies that could be used to find consumers' names and other personal details, despite promises they don't share such information without consent. The practice, which most of the companies defended, sends user names or ID numbers tied to personal profiles being viewed when users click on ads. After questions were raised by The Wall Street Journal, Facebook and MySpace moved to make changes. By Thursday morning Facebook had rewritten some of the offending computer code. ... Several large advertising companies ... including Google Inc.'s DoubleClick and Yahoo Inc.'s Right Media, said they were unaware of the data being sent to them from the social networking sites, and said they haven't made use of it. ... The sites may have been breaching their own privacy policies as well as industry standards. ... Those policies have been put forward by advertising and Internet companies in arguments against the need for government regulation."

50 of 154 comments (clear)

  1. Oh Shit by joepress99 · · Score: 5, Funny

    Guess the Journal forgot Rupert also owns MySpace.

  2. Unused by Thanshin · · Score: 5, Funny

    they were unaware of the data being sent to them from the social-networking sites, and said they haven't made use of it

    Ahh, they didn't use it. Then it's all right.

    Nothing to see here.

    I wonder if TPB could use the same defense. "Wait what? You can SEE the downloaded movies? Whoa!"

    1. Re:Unused by Anonymous Coward · · Score: 2, Insightful

      the article in now way says that the data not being used absolves Facebook, they're saying that to some degree, if true, it absolves DoubleClick and RightMedia, who can hardly be blamed for being sent data they were unaware of and didn't ask for.

    2. Re:Unused by commodore64_love · · Score: 5, Insightful

      Ha! Funnny.

      I honestly don't care if advertisers learn that I like collecting old computers and other hobbies. I'm more concerned about the info leaking to people with REAL power over me. Like a prospective employer (hmmm, he is pro-gun - don't wanna hire him), or the US government (this guy sold Final Fantasy 7 for $150 and didn't pay taxes).

      --
      "I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
    3. Re:Unused by sopssa · · Score: 3, Interesting

      While I've "closed" my Facebook (seriously, why there isn't a true close account option?) for privacy reasons, lets look at it on technical terms. It's a problem with the referrer field being sent by browsers, nothing intentional on Facebook's part. If you have referrer sending disabled you aren't affected by this.

      It's a bad combination of browsers sending referrer, Facebook using real names for everything and Facebook not providing enough privacy options to hide your profile, and Facebook not using https or iframing the ad box (in that case referrer would just show something like http://www.facebook.com/ads/ ).

      I guess those ad networks don't actually have something that gets the personal info for clicks, but it's a possibility and I bet the referrer is saved, at least in logs and statistics.

      Of course, majority of people don't care so business will continue as usual.

    4. Re:Unused by FreakyGreenLeaky · · Score: 3, Insightful

      Similar to Google's "accidental" sniffing of public wifi -- they didn't use it, so that makes it all right.

      Bloody criminals.

    5. Re:Unused by alphax45 · · Score: 2, Informative

      There is a true "close" option: http://www.wikihow.com/Permanently-Delete-a-Facebook-Account

      --
      K Man
    6. Re:Unused by JerkBoB · · Score: 3, Informative

      While I've "closed" my Facebook (seriously, why there isn't a true close account option?)

      https://ssl.facebook.com/help/contact.php?show_form=delete_account

      --
      A host is a host from coast to coast...
      Unless it's down, or slow, or fails to POST!
    7. Re:Unused by Anonymous Coward · · Score: 4, Insightful

      Don't you get it? You can't trust *anyone* with too much information. People say they don't care if marketers know all about them, but if it is allowed to get to the point that advertisers have complete profiles on people for marketing purposes (and things like facebook are very near to making that possible) then what stops them from sharing that info with the government, or selling it to employers checking on an employees private life, etc, etc. Do you think the advertisers would turn down the extra money? Do you think they would decline to do it because it's unethical? We're you born yesterday??

    8. Re:Unused by Archangel+Michael · · Score: 3, Insightful

      "Similar to Google's "accidental" sniffing of public wifi -- they didn't use it, so that makes it all right."

      I don't get this one. WHY is it wrong? Didn't we /.ers love the stories of wardriving years ago, when people posted the location of open WiFis so we could leach off them?

      Look, if you don't want Google Doing it, because they are "BIG CORP", then don't do it yourself. There is no difference between the idea of wardriving individually, and Google doing, except for scale.

      I don't have a problem with Google Wardriving. NONE.

      Also, Internet is NOT secure. There is no privacy on the internet. NONE. Everything that makes the internet useful to you, is a way to make it easier to track you.

      What you put up on the internet is there for everyone else to see, forever. Even if it "delete" it, it probably lives somewhere on some server or another.

      We might as well get used to this paradigm and either not do anything on the internet, or just learn to be careful knowing the whole time that we can't be careful enough.

      I'm not all that concerned with what is on my facebook, as it is all public info anyways. And I don't fear stalkers, they should fear me. ;)

      --
      Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
    9. Re:Unused by Requiem18th · · Score: 3, Informative

      They'll find out when the gun sites you visit tell facebook, remember the bacon fiasco? One must be careful it doesn't happen again, mainly by complaining about it.

      --
      But... the future refused to change.
  3. Cue by Anonymous Coward · · Score: 3, Insightful

    Cue the "privacy is dead" asshats, who for some reason are determined to purge the natural human desire for privacy that has existed since the dawn of human evolution.

    1. Re:Cue by sakdoctor · · Score: 3, Interesting

      Yes I never understood those asshats. It's like a false "monochotomy".
      I don't have a facebook account, and I don't have any idiot farmville playing friends, that would violate my privacy. Therefore I have opted out of facebook. Hey, that wasn't hard.

      Oh and I'm using the friend 1.0 definition, ie: people I know with mutual trust, as opposed to the friend 2.0 definition of linked social networking profiles who have poked and bitten each other in the last 6 months.

    2. Re:Cue by dyingtolive · · Score: 2, Insightful

      I don't believe privacy exists really anymore, but I wouldn't say that privacy is dead, it's more like it was just given away freely and irrevocably without a second thought as to the long term ramifications. I refused to use facebook for the longest time, but I've personally given up. My friends use it and it's their primary means of communication, above and beyond simpler and "better" things such as email. I just try to keep as much actual honest information about myself off there as possible and keep my head down to limit damage as much as possible. The moment someone comes up with an alternative solution that I can talk even the laziest person into migrating to, let me know. Until then, I'm living with the subpar solution for lack of a better.

      Also, "privacy is dead" is the bumper sticker slogan those people go by. I've never heard anyone outside of corporations and governments (hard to tell the difference anymore) saying that it is. They're not determined to purge the world of privacy, but merely to illustrate to people just how privacy-free it's become.

      With regard to the "news" itself, color me completely unsurprised.

      --
      Support the EFF and Creative Commons. The war is coming, and they're supporting you...
    3. Re:Cue by tpstigers · · Score: 4, Insightful

      Don't be stupid. Privacy isn't dead. It just that privacy is - and has always been - up to the individual. The issue we keep running into here is that people expect someone else to protect their privacy. If you want real privacy, it's up to you to secure it and maintain it.

    4. Re:Cue by Abcd1234 · · Score: 4, Insightful

      I don't have a facebook account, and I don't have any idiot farmville playing friends

      Are you sure? For all you know, right now, a friend or relative of yours is posting pictures of you on Facebook, and there's absolutely nothing you can do about it. It's a brave new world.

    5. Re:Cue by Abcd1234 · · Score: 5, Informative

      Yes I'm sure

      No. That's impossible.

      Are you vetting every photo any of your friends or family has every taken? Monitoring their online activies? Are you vetting all photos taken by other people at, say, social events (weddings, etc)? Are you vetting their online activities? No? Then you can *never* be sure if someone isn't posting information about you, somewhere. Well, unless you just hide in a basement with no friends or family to speak of, in which case privacy is the least of your problems.

  4. Double click by Anonymous Coward · · Score: 2, Informative

    How quaint. The domain every geek has blocked since 1996.

    With all this facebook detritus littering the web, are there some facebook domains and subdomains that need to be blocked, because they are being used for tracking?

    1. Re:Double click by Sockatume · · Score: 3, Informative

      The sharing only happens when you actually click on an ad, because it's an issue with referral URLs.

      --
      No kidding!!! What do you say at this point?
  5. The real news to me... by orthancstone · · Score: 3, Funny

    People still click on ads?

    1. Re:The real news to me... by Bigbutt · · Score: 2, Funny

      Of course. Otherwise how would they get malware installed?

      I have been having fun clicking the 'x' on the Facebook ads to remove them. "Why are you deleting this ad? x Uninteresting"

      Yep, they're all uninteresting. :)

      [John]

      --
      Shit better not happen!
  6. surprise, surprise by Tom · · Score: 5, Insightful

    Is anyone surprised? As soon as companies grow so big that consumers can not easily vote with their wallet anymore, or their offers are non-monetary for the end-user (who is the product, instead of the consumer), there's no reason they would take privacy seriously. I'm pretty sure the bad PR is the only reason they worry about it at all.

    In advertisement, all commercial participants conspire against the consumer.

    I'm not a friend of government (especially our current one here in Germany, a bunch of monkies could do a better job) - but I don't see which other organisation could regulate these commercial big players anymore. Certainly not the consumers, who despite Internet and all theoretical options of banding together simply have 1000 other things in their lives to worry about, so finding a sufficiently large group of people who care about this particular thing enough to make a difference is as hard as ever.

    --
    Assorted stuff I do sometimes: Lemuria.org
    1. Re:surprise, surprise by CFBMoo1 · · Score: 2, Informative

      I didn't vote with a wallet per say but I did vote with an account delete on Facebook a few days ago. Assuming of course they honor my request.

      How to do it if your curious:
      http://www.wikihow.com/Permanently-Delete-a-Facebook-Account

      --
      ~~ Behold the flying cow with a rail gun! ~~
    2. Re:surprise, surprise by AnonymousClown · · Score: 5, Insightful
      I think most people don't even think about it or don't think they have anything to hide - until their identity gets stolen or they get fired for a post on their Facebook page.

      Unfortunately, throughout the Western World, we have worried so much about government trampling our rights that we completely ignored the private sector.

      To head off the "well, just don't do business with them!" posts, I'd like to point out that Facebook stated in their policies that they wouldn't do this and secondly that every service, whether it's cell phones or internet sites, has a little statement buried in their terms that states they can change the terms anytime they want.

      I really hope Facebook gets sued over this a loses and a precedent is set over internet website policies - in the consumer's favor.

      --
      RIP America

      July 4, 1776 - September 11, 2001

    3. Re:surprise, surprise by sakdoctor · · Score: 2, Funny

      You missed the boat. There was a time when deleting your account would, more or less, delete your account.
      Now days it doesn't.

      Today you should disband and pollute your data over a matter of months, and delete your account.
      Then change your name, sex, nationality, and fake your own death.
      Then finally change your name, sex, and nationality again.

    4. Re:surprise, surprise by rtb61 · · Score: 2, Interesting

      There are better alternatives. First alternative work hard at undermining the popularity of the social networking site that hhad all you data, mined all your associations and monitored all your clicks. Do a good enough job and the revenue drops squeezing down hard on the costs of hoarding all that private data, eventually shutting them down, of course all that data then gets sold at the bankruptcy auction forcing you to repeat the exercise until companies decide all that privacy invasion ain't really all that profitable.

      Second alternative, seek changes to the law, force stricter privacy requirements, what information companies can keep on private individuals, stricter protections for minors, deletion of information requirements, data correction requirements, data mining restrictions and, random privacy audits with criminal penalties for invasions of privacy.

      I personally prefer the regulation and prosecution route, although I can protect my privacy as much as I choose to, I am still concerned about the current younger generation getting caught out with long term psycho analysis, known marketing vulnerabilities, known subconscious triggers and permanent limitations upon future career opportunities.

      --
      Chaos - everything, everywhere, everywhen
    5. Re:surprise, surprise by Tom · · Score: 2, Insightful

      conspire != conspiracy

      In the literal meaning of the word, all the participants - the website you're visiting, the ad agency, the ad network, their customers - all work together against you. There's no reason to be dramatic, but it's a simple fact that they are all trying to coerce/convince/manipulate/whateveryouwanttocallit to split with some of your money into their direction, which then feeds them all.

      --
      Assorted stuff I do sometimes: Lemuria.org
  7. I'm shocked! SHOCKED! by $RANDOMLUSER · · Score: 5, Interesting
    I'm not shocked by the breach of posted privacy policies, but by:

    Several large advertising companies... including Google Inc.'s DoubleClick and Yahoo Inc.'s Right Media, said they were unaware of the data being sent to them from the social-networking sites, and said they haven't made use of it

    So Facebook and MySpace were just doing this out of the goodness of their hearts, not making any extra money from Google & Yahoo?

    --
    No folly is more costly than the folly of intolerant idealism. - Winston Churchill
    1. Re:I'm shocked! SHOCKED! by Sockatume · · Score: 2, Funny

      If you RTFA, they were doing it by simple technical accident. Unless the advertisers thought to scrape referrer URLs for usernames, they didn't get shit.

      --
      No kidding!!! What do you say at this point?
    2. Re:I'm shocked! SHOCKED! by $RANDOMLUSER · · Score: 2, Insightful

      Yeah, I get that. Meanwhile, the user pages have already been spidered, so it's just a case of attaching one to the other.

      --
      No folly is more costly than the folly of intolerant idealism. - Winston Churchill
    3. Re:I'm shocked! SHOCKED! by PopeRatzo · · Score: 2, Insightful

      Unless the advertisers thought to scrape referrer URLs for usernames, they didn't get shit.

      And we all know that advertisers would never do anything as underhanded as mine information from a data stream, because that would be wrong.

      --
      You are welcome on my lawn.
  8. Topical.. by Zerak-Tul · · Score: 5, Funny

    http://xkcd.com/743/

    1. Re:Topical.. by Andorin · · Score: 2, Insightful

      Except ... that comic is compare two unrelating things like if doing one would have affected the other, which it wouldn't.

      You're missing the point. Beardy McNerdy is the sort of guy who reads Slashdot and worries about these sorts of things: open standards in the case of the .doc part, and 3vil social networking sites abusing their power and position. Sticky non Techie, on the other hand, is your average condescending person who sees all of it as pointless and just wants to read about the new iPhone release. The comparison is between two forms of 3vil perpetrated by a corporation: the former is Microsoft's strategy of locking users into their products by disallowing open standards, and the latter is Facebook's recent big privacy fuck-ups. (Could also be argued that Facebook employs vendor lock-in by keeping their platform closed and not allowing others to facilitate communication through it. Yes, this doesn't apply to IM, so I refer to profiles/groups/everything else.)

      In both cases, Beardy McNerdy is your average geek, trying to warn others about the perils of big corporations in the online and personal computer worlds. The irony is that in one case, Sticky non Techie is fine with the 3vil, but in the other, he's actually running to Beardy McNerdy with the news, alarmed.

      People don't give a shit about nerd turf wars over document formats, what they have WORKS for them and everyone else

      Except when people get macro viruses from .doc files.

      --
      That Anonymous Coward guy is pretty annoying. Can we have the government censor him or something?
  9. I noticed my old myspace appeared after years... by Anonymous Coward · · Score: 5, Interesting

    I often search for my name in a futile attempt to remove myself from the internet. I just checked the other day and noticed some person search company, intellius or something has aquired my myspace profile, pics of my friends etc. I have had myspace account closed for at least 3 years if not longer. When I attempted to figure out what was going on by logging into myspace I couldn't even get in... my account was closed. All I know is I'm giving my kids a helping hand when it comes to their first entrance onto the web. Bunch of information vampires out there.

  10. Referrer URL is the issue by Sockatume · · Score: 5, Informative

    My reading of the WSJ article is that the sites were (perhaps inevitably) passing a referrer URL along when the user clicked the ad. This URL is, naturally, one of the user's pages, and will explicitly or implicitly identify the user. The advertiser can then identify the user's page on the social networking site and retrieve any public information there. The WSJ makes it clear that the information is not passed on directly, which goes some way to explaining why the advertisers claim never to have used it.

    --
    No kidding!!! What do you say at this point?
    1. Re:Referrer URL is the issue by PopeRatzo · · Score: 2, Funny

      Meh, trusting the client's Referer is futile at best. Any self-respecting geek already uses spoofed Referer headers.

      We're not worried about geeks, because they are already using carefully created false identities which they have bought on the black market from Bulgarian ex-secret police. Plus, nobody wants their fucking data anyway.

      We're worried about regular humans who don't have a clue and put their lives on the internet because the biggest corporations in the world have told them that it's perfectly OK and "the thing to do".

      --
      You are welcome on my lawn.
    2. Re:Referrer URL is the issue by Sockatume · · Score: 2, Insightful

      I think it's time for us to decide whether the ability for a site to request its referrer is worth the potential privacy issues. Should it not be opt-in? It's not like a cookie, you don't explicitly elect to provide the site with the information in question.

      --
      No kidding!!! What do you say at this point?
  11. Oh, REALLY? by Millennium · · Score: 2, Insightful

    If this is true, then Facebook is committing fraud. Shut them down.

  12. Hanlon's razor? by mcgrew · · Score: 2, Insightful

    Some people use it as an out; "Oh, I'm sorry, I didn't know!"

    Never attribute to malice that which can be explained by incompetance? Yes, that applies, unless it crosses "never attribute to incompetence that which can be explained by greedy self-interest". That's the razor that applies here; if your "mistake" benefits you, only a fool will believe it's a mistake.

    Mr. Brin, I love your search engine, but please change your lying motto.

    --
    Free Martian Whores!
  13. So (yet again) I must ask by Jawnn · · Score: 2, Insightful

    Why would I want to use Facebook at all if I value my privacy? And a follow up which is probably more to the point, with all the shit Facebook has pulled, why are you bitching about it if you're still a user?

    1. Re:So (yet again) I must ask by Rob+the+Bold · · Score: 4, Insightful

      Why would I want to use Facebook at all if I value my privacy? And a follow up which is probably more to the point, with all the shit Facebook has pulled, why are you bitching about it if you're still a user?

      Maybe you do value your privacy with some (strangers, employers) more than with others (friends, family). I think that privacy, like intimacy is not a binary thing. There are people whose hand you wouldn't even shake, folks you would hug in public and people who've seen you naked, right? (I'm being rhetorical here, you don't need to answer that.)

      I take your point about facebook, though. They don't act trustworthy and do act too capriciously. Nevertheless, people would like to expose some of themselves, just not all of it and just not to everybody. Facebook happens to be extremely popular: many of your friends are there. Bitching about facebook's crap is actually quite reasonable. You'd like them to change to avoid the hassle of finding another alternative. They probably won't, given their history, but they certainly won't if no one says anything.

      --
      I am not a crackpot.
  14. Government Regulations by Anonymous Coward · · Score: 2, Interesting

    That final quote is clearly implying that this evidence is proof that we need government intervention. We should strenuously oppose this, and we need to be aware of the subtle messages to try to persuade us to change our minds. Don't give into the manipulation!

    In fact, this entire episode is strong and conclusive evidence that we do not need government regulations in this area. The private sector exposed the problem and the companies made the appropriate changes. This is how it should be done. If we don't like a product or service, then we should take our business elsewhere. Facebook is not a right. It is not an entitlement. It is a website, people, and you are free to go and use a different website if you choose. Perhaps if more people did, Facebook would clean up their act. We need to regulate the Internet not the government. I would rather keep the government as far from the Internet as possible for my own peace of mind. They have enough power to be corrupted without giving them more.

    How can putting a corrupt and greedy government in charge of regulating the Internet possibly be a good thing?

  15. Google by jvkjvk · · Score: 2, Insightful

    Somehow, I don't buy it, and it makes me sad that Google has gone this far down the path of Corporatism.

    Now, they lie to us to our faces. I find it impossible to believe that Google did not know what was in the strings being sent to it.

    Google is trying to tell us that they are so incompetent that they did not realize what all that information in the strings that were sent to it actually signified.

    Right.

    Either their hiring practices scrape the bottom of the barrel (which we know is not true), or they knew exactly what information was in all those strings, since that's their job. Collecting and analyzing information (of which those URLs are a subset).

    Oh, I know. Since we are in a free market economy you can just not use Google at all! And any site that has adwords, or google analytics, or youtube, or refuse email of anyone that sends you email from a gmail address, or...

    If enough people do this, we can show Google the error their ways. /sarcasm

  16. XMPP by sakdoctor · · Score: 3, Informative

    I don't believe privacy exists really anymore

    That is the same as "privacy is dead", making you one of the asshats that AC was talking about.

    Are your facebook friends so lazy that they wouldn't reply, if you sent them a good old fashioned email? I hope not, but just in case, there is a secret weapon.
    Federated XMPP. Your backdoor into facebook's walled garden, without actually having to give in and be their bitch.

  17. Join "Adblock Plus" fan page on Facebook by kyriosdelis · · Score: 2, Informative

    And let's see if advertisers will continue to be interested in your personal info after that... Hopefully sometime in the near future, when this or similar fan pages will grow large enough, advertisers will start excluding people that belong to them.

    --
    I don't mind dating a girl that has been with everybody, as long as she had a good shower afterwards.
  18. "Unaware" Bullshit by Anonymous Coward · · Score: 5, Insightful

    > Google Inc.'s DoubleClick and Yahoo Inc.'s Right Media, said they were unaware of the data being sent to them from the social-networking sites, and said they haven't made use of it.

    Yeah, right.

    If you look closely at Google/Yahoo advertising tags - they are proactively trying to catch (via Javascript) and log (in GET parameters to their server) current URL to which their ads are served. Unless you fake referer AND use NoScript extension, you're giving them this data. And I have a strong diesbelief that they do not store this data.

    Yahoo and Google are logging huge part of your Web browsing history this way.

    I guess they've coded it by accident?

  19. Re:If it's on Facebook.. by s.bots · · Score: 2, Interesting

    There's also the open source privacy scanner:

    http://www.reclaimprivacy.org/facebook

  20. Forget Advertisers, Dummy! by MarkvW · · Score: 2, Interesting

    Think politicians!

    People will soon be polled with questions that are specifically targeted to THEM!

    Voters will become infinitely more manipulable--to the politicians backed by rich people.

    Not pretty.

  21. News at 11 by Anonymous Coward · · Score: 2, Funny

    Social media sites that make money by selling the information you give them actually sell the information you give them...
    News at 11

  22. Re:you should not be surprised by this by Fritz+T.+Coyote · · Score: 2, Insightful

    Yes... and even if geeks and privacy fans manage to avoid being in the particular set of data, who cares... there are plenty of folks (one borne every minute) who have happily posted lots of stuff on FB, etc... It's a gold-mine of demographic data, only an idiot (or someone with ethics) would pass up the chance to use that data to Make Money Fast.

    Time to Update Barnum's Philosophy for the 21st Century: 'It is morally wrong to allow a sucker to keep their money or their privacy'

    --
    http://visualizecommonsense.com/