Facebook Ads Could 'Out' Gay Users

← Back to Stories (view on slashdot.org)

Facebook Ads Could 'Out' Gay Users

Posted by timothy on Friday October 22, 2010 @10:50AM from the i'll-out-gay-you dept.

itwbennett writes "Researchers at Microsoft Research India and the Max Planck Institute for Software Systems in Germany have written a paper showing that a users may be inadvertently revealing their sexual preference to advertisers. 'One example was an advertisement for a nursing program at a medical college in Florida, which was only shown to gay men. The researchers said that persons seeing the ad would not know that it had been exclusively aimed at them solely based on their sexuality, nor would they realize that clicking on the ad would reveal to the advertiser, by implication, their sexual preference in addition to other information they might expect to be sent, such as their IP (Internet Protocol) address.' For its part, Facebook 'downplayed the study, saying that the site does not pass any personally identifiable information back to an advertiser.'"

25 of 196 comments (clear)

Rule number 1 by Capt.DrumkenBum · 2010-10-22 10:54 · Score: 5, Insightful

Never put anything on Facebook that you would not tell your parents and your boss.

--
If I were God, wouldn't I protect my churches from acts of me?
1. Re:Rule number 1 by Anonymous Coward · 2010-10-22 11:00 · Score: 5, Insightful
  
  Rule number 2: Clicking an ad sends information you didn't know was on your facebook to your parents and your boss.
2. Re:Rule number 1 by rainmouse · 2010-10-22 11:07 · Score: 4, Insightful
  
  Never put anything on Facebook that you would not tell your parents and your boss.
  Being fired for content on my facebook account about my private life is just a labour saving service. It saves me the hassle of having of having to research if I'm working for snooping, big brother dickheads and then quitting.
3. Re:Rule number 1 by Dunbal · 2010-10-22 11:13 · Score: 4, Funny
  
  Clicking an ad turns you gay, according to TFA.
  
  --
  Seven puppies were harmed during the making of this post.
4. Re:Rule number 1 by Anonymous Coward · 2010-10-22 12:06 · Score: 4, Insightful
  
  Never put anything on Facebook that you would not tell your parents and your boss.
  Being fired for content on my facebook account about my private life is just a labour saving service. It saves me the hassle of having of having to research if I'm working for snooping, big brother dickheads and then quitting.
  So do you work for a place that drug tests? Because drug tests are not like a breathalyzer. A breathalyzer tests whether you are drunk right now and therefore would be completely appropriate for a workplace. It does not test whether you've had alcohol in the last 1-4 weeks without distinguishing whether you did so on your own time or your employer's time.
  
  Drug tests, on the other hand, make no attempt to distinguish your employer's paid time from your own private time away from work. The employer's only legitimate concern is whether you are sober while you're on the job. What you do in your private time is between yourself and the state. Yet it lets them be snooping, big brother dickheads and monitor your private time too. Like Facebook, it's a way for them to find out "oh no, you did something we don't approve of, so now we're going to punish you for that." They stupidly do this no matter how productive you are as a worker and even though you, as a professional, maintain a clear separation between your private life and your working life.
  
  Employment is becoming more and more like running for public office. It is increasingly ruling out all except for two classes of people: the goody two-shoes who never broke a rule in their life because they worship authority with no regard for its legitimacy, and the dangerously deceptive who are very good at living double lives and covering up their tracks. This is not good for society. Some of the wisest and best among us made mistakes and did things they were not proud of before they saw the error of their ways and became better people. The trend now is for every little thing, including victimless crimes, to become a permanent stigma that forever closes doors in your life.
  
  One other related topic. Why is there even such a thing as an arrest record? I can understand a conviction record, but an arrest record? Really? What kind of fascist wet dream is that? Fascists just love thought processes like "well, he must have been doing SOMETHING wrong even though the state with its overwhelming resources couldn't come up with evidence of that" as though the police are omniscient and never make mistakes, as though false accusations are never made. Really fascists love any reason to turn someone else into a second-class citizen, especially if that person has done them no harm and has no ill intent.
  
  What REALLY amuses me is the sheer irony of those who would enforce their Puritannical beliefs on others at every opportunity because the person did something that offends their "Christian values" while forgetting that anyone who has ever actually read the words of Christ knows that Jesus's main teachings were forgiveness and non-judgement. It's not only Christians who do this, of course. There are many secular fascists. It's just extra ironic when people who call themselves Christian display such hypocrisy to cover up their authoritarian eagerness to condemn.
Which part of this is "inadvertent"? by bhartman34 · 2010-10-22 10:56 · Score: 5, Insightful

The ads were served to males who declared themselves to be interested in other males, and females who declared themselves to be interested in other females.
Exactly where is the problem here? The users are outing themselves. Shouldn't this be filed under, "...and water is wet"?
1. Re:Which part of this is "inadvertent"? by bhartman34 · 2010-10-22 11:05 · Score: 3, Insightful
  
  If it's on your Facebook status, and you don't have it covered with restrictive privacy settings, you de facto do want the world to know.
  I'm all for privacy being respected, but if you put something out there, and don't take the proper precautions that it be hidden if you want it to be, it's on you, not on Facebook. They can't make it much easier to control who sees what. The kind of concerns being raised here were valid maybe a year ago.
2. Re:Which part of this is "inadvertent"? by hedwards · 2010-10-22 11:13 · Score: 3, Insightful
  
  I'm not aware of anybody being raped for liking red cars. Being raped for being gay, definitely happens. Because clearly gay men are just confused, it couldn't possibly be for other reasons.
  
  Which is really your point. Given the degree amount amount of homophobic bigotry and violence, I'm not really sure that FB should be facilitating anything like this. Plus, is there really a legitimate reason to be advertising things which aren't gay specific to only gays? I mean I can understand targeting gay bars to gay men, but nursing school?
3. Re:Which part of this is "inadvertent"? by Monkeedude1212 · 2010-10-22 11:25 · Score: 3, Interesting
  
  It's not even an issue with privacy settings though. I just read this part of the summary and went, "uhh, well yeah, duh!"
  
  The researchers said that persons seeing the ad would not know that it had been exclusively aimed at them solely based on their sexuality, nor would they realize that clicking on the ad would reveal to the advertiser, by implication, their sexual preference in addition to other information they might expect to be sent, such as their IP (Internet Protocol) address.
  So essentially, if you had been on any site, and you clicked on the advertisement from any website, your IP address would get sent so that you can be redirected from the adserver to the website. (This is how they know the Ads are working, if it was a direct link to the website, the adserver wouldn't be the proper referer). So now the adserver has your IP and will use BY IMPLICATION your sexual preferences. Seriously, this doesn't even DEAL with Facebook.
  So the question is whether the ad is being shown to them based on their information - whether Facebook is giving up the information in the first place. Now thats a big doozy. It hasn't been proven, but its highly suspected. I would normally think that Adservers are catering to me based on my IP, but I've had other people use my computer and its shocking how the ads immediately cater to them after starting a facebook session.
  Then there's this juicy nugget.
  
  For its part, Facebook 'downplayed the study, saying that the site does not pass any personally identifiable information back to an advertiser
  Emphasis mine. Well - no, it's not sending it BACK to the adserver, the adserver hasn't made a request yet. Facebook says to itself "I need to load a page. There's going to be an advertisement here. Hey advertising server, here's who is lookin'" and the Adserver serves up the correct ads.
  Devil's in the details, right?
4. Re:Which part of this is "inadvertent"? by bhartman34 · 2010-10-22 11:44 · Score: 4, Insightful
  
  I think you're misunderstanding something. You can make sexual preference private, or not. Hell, you don't even have to disclose your preference, if you don't want to. Now, if advertisers are somehow getting around people's privacy preferences, and accessing that information without it being public, that's certainly a Facebook problem, but I don't see anywhere in TFA where it says that.
  The only problem I see in the article is that advertisers aren't supposed to be using sensitive demographic information (sex, gender, presumably sexual preference) to do the targeting. But that's already a violation of Facebook's policies. Facebook should deal with that, I suppose, but even if they do nothing, users can still control what advertisers see. If sexual preference is the kind of information you consider to be only your (or your friends') business, you should configure your profile appropriately. At best, the researchers are causing a tempest in a teapot. There's a fairly easy fix that anyone can implement, without Facebook having to do anything.
5. Re:Which part of this is "inadvertent"? by Nikker · 2010-10-22 12:27 · Score: 3, Interesting
  
  I have to admit I'm curious, why would someone rape another man because he has sex with other men? Do heterosexual male rapists avoid lesbians on principal and moral or did I miss something?
  
  --
  A loop, by its nature, continues. If that didn't make sense, start reading this sentence again.
6. Re:Which part of this is "inadvertent"? by causality · 2010-10-22 12:32 · Score: 4, Insightful
  
  but I can definitely see paranoid people not liking this (and I'm not saying they are wrong in feeling this way, just that I'm not quite as paranoid).
  I really don't know what has happened in the last several years. The desire that people not know information that is none of their business is suddenly described as "paranoid", a term for a medical disorder. This is absolutely bass-ackwards. In fact, it's downright pathological and a great example of Newspeak. It so clearly serves those who wish to deny privacy that it's bordering on the miraculous that most people don't notice. Really, only large masses of people could be so stupid/blind/oblivious/whatever you want to call it.
  
  I say we turn the tables. Let's stop using words like "paranoid" to describe people who want random strangers to leave them alone. Instead, let's choose a word that's the inverse of "paranoid" to describe the asshats who intrude into the lives of others and then claim that data as their own to use as they please. I tentatively suggest "Orwellian" but am open to suggestion. Maybe Panopticonians would work, except that fewer than six syllables would be a plus.
  
  --
  It is a miracle that curiosity survives formal education. - Einstein
7. Re:Which part of this is "inadvertent"? by Runaway1956 · 2010-10-22 13:48 · Score: 4, Insightful
  
  "Just because it's on your Facebook status, doesn't mean you want the whole world to know." Wait. (looks ^ at address bar) It says yro.slahsdot.org up there. Damn, I thought maybe it was portal.twilight.zone or some such. DAMMIT man! Have you been paying attention, or not? EVERYTHING ON FACEBOOK is accessibly by anyone with the will to snoop. It doesn't even require much skill - just the will to snoop. One more time: if it's on the intartubez, it ain't private. Go to the blackboard, and write that one thousand times for the class, please.
  
  --
  "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
If they didn't know by Dayofswords · 2010-10-22 10:59 · Score: 4, Insightful

[...]such as their IP (Internet Protocol) address.
If you don't know what IP stands for in 'IP address' then you're on the wrong site.

--
Someday we'll hit the human carrying capacity. And the band will just play on.
This just in... by Nethemas+the+Great · 2010-10-22 11:01 · Score: 3, Insightful

Facebook makes money by data mining its users.

--
Two of my imaginary friends reproduced once ... with negative results.
Re:IP by TaoPhoenix · 2010-10-22 11:07 · Score: 3, Interesting

The MAFIAA is furiously trying to make "IP" mean "Intellectual Property" in the public mindshare. The ugly thing is when you smash both acronyms into the same sentence you get Halloween Horror.
"I recorded that this IP is stealing my IP and demand he be sued into bankruptcy".

--
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
Re:soooo..... by Anonymous Coward · 2010-10-22 11:11 · Score: 5, Interesting

No, you don't understand. Facebook has a policy saying they won't disclose personal info, like what age you are.
Now, suppose an advertiser says "target this ad at people born in October of 1978" ... Facebook says "OK". So all of these people's birth months are revealed to the advertiser, in violation of the policy. Thru essentially costless micro-targeting, advertisers (or any attacker with $) can dig out whatever info they want. There's a simple and obvious way for an attacker to get a list of people based on a piece of information Facebook has said they're keeping private.
There is a big difference between someone clicking on an ad for, say, a gay-dating site -- when you click on an ad, you know you are implicitly signaling some level of interest in its content to the advertiser -- and clicking on an ad (*any* ad, it could be for a car or for dog food ... the content of the ad could have *nothing* to do with the audience targeting) that happens to be targeted based on a specific database query.
If a piece of information is promised to be kept private, private should not equal "disclosed to third parties who pay us."
Reminds me of Project Gaydar by Khopesh · 2010-10-22 11:11 · Score: 4, Informative

A year ago, some MIT undergrads wrote up a short piece called Project Gaydar which showcased how they were able to successfully identify gay men who were still in the closet.
Facebook might not expose this information directly (via the "sexual preferences" profile information), but your friends list is enough to extrapolate it. Since there's money in that kind of data and it is easily fetched via the Facebook API, it's being done.

--
Use my userscript to add story images to Slashdot. There's no going back.
Re:OK... by zerocool^ · 2010-10-22 11:15 · Score: 4, Informative

According to several of my (very out) gay friends, putting your sexuality on facebook tends to lend its self to a lot of random messages from people who want to meet up at truck stops.
No joke.

--
sig?
Does not pass any personally identifiable info... by Anonymous+Showered · 2010-10-22 11:48 · Score: 5, Interesting

Facebook DOES pass personally identifiable information, albeit inadvertently.
As a Facebook Ads user, I have tracked down people who have clicked my ads EASILY.
How?
Your unique Facebook user ID is passed through the refer string each and every time you click on an ad.
Simply copy down this ID and paste it in the USERID variable below.
http://www.facebook.com/profile.php?id=USERID
Tada.
Lesson learned from a previous incident by microbee · 2010-10-22 12:21 · Score: 5, Interesting

I sometimes hang out on a web forum, and they have a special forum where you could post anonymously - it's not really anonymous, as you still need to login and post, but the postings do not show your user id or IP addresses, so it appears totally anonymous, except to the web admins. So people post a lot of random crazy stuff there which would embarrass themselves if it had not been anonymous.
Then one day the forum upgraded their software, and due to a bug, all posts inside that anonymous forum suddenly showed all user IDs - including the old ones. That quickly turned into a sh*tstorm as people ran around screaming in panic with their underwear.
The lesson: do not post anything if you don't want others to find out it's you.
1. Re:Lesson learned from a previous incident by shutdown+-p+now · 2010-10-22 16:27 · Score: 3, Funny
  
  Then one day the forum upgraded their software, and due to a bug, all posts inside that anonymous forum suddenly showed all user IDs - including the old ones. That quickly turned into a sh*tstorm as people ran around screaming in panic with their underwear.
  Oh, to do that with Slashdot and watch the fun.
  Actually *checks the mental post history* um, never mind that.
Wait, what? by Arancaytar · 2010-10-22 12:38 · Score: 3, Interesting

Are male nurses required to be gay?
1. Re:Wait, what? by guyminuslife · 2010-10-22 13:18 · Score: 4, Insightful
  
  Yeah, exactly. This is why we have a national shortage of nurses. It's because straight men don't want to go into a profession where their job title is the same as the word for "have a baby suck milk form your boobs." On the other hand, there's no shortage of male "paramedics."
  
  --
  I don't believe in time. It's a grand conspiracy designed to sell watches.
2. Re:Wait, what? by guyminuslife · 2010-10-22 18:39 · Score: 3, Insightful
  
  I don't get the funny mod. I was being 100% serious. Nursing isn't a "manly" enough field, there's a social stigma (albeit, a shrinking one) attached to being a "male nurse," so many men who would otherwise be talented at it shy away; this has caused real shortages in healthcare.
  Ideally speaking, there should be more women in engineering as well, but fortunately for current engineers' supply/demand curve, there aren't.
  
  --
  I don't believe in time. It's a grand conspiracy designed to sell watches.