Facebook Buys Data From Third-Party Brokers To Fill In User Profiles

An anonymous reader quotes a report from International Business Times: According to a report from ProPublica, the world's largest social network knows far more about its users than just what they do online. What Facebook can't glean from a user's activity, it's getting from third-party data brokers. ProPublica found the social network is purchasing additional information including personal income, where a person eats out and how many credit cards they keep. That data all comes separate from the unique identifiers that Facebook generates for its users based on interests and online behavior. A separate investigation by ProPublica in which the publication asked users to report categories of interest Facebook assigned to them generated more than 52,000 attributes. The data Facebook pays for from other brokers to round out user profiles isn't disclosed by the company beyond a note that it gets information "from a few different sources." Those sources, according to ProPublica, come from commercial data brokers who have access to information about people that isn't linked directly to online behavior. The social network doesn't disclose those sources because the information isn't collected by Facebook and is publicly available. Facebook does provide a page in its help center that details how to get removed from the lists held by third-party data brokers. However, the process isn't particularly easy. In the case of the Oracle-owned Datalogix, users who want off the list have to send a written request and a copy of a government-issued identification in the mail to Oracle's chief privacy officer. Another data collecting service, Acxiom, requires users provide the last four digits of their social security number to see the information the company has gathered about them.

Re:I don't use Facebook

[Solandri]

You browse the web, right? Every website you visit with that little 'f' icon (hey look at the upper right corner of the slashdot page!) is running a little script courtesy of Facebook. The moment you load that page, Facebook knows you visited it. If you don't have a FB account, they don't know who you are (yet), but based on cookies, flash cookies, or other signatures unique to your browser and computer, they know that user 1348752983 (in their database) reads slashdot, and on Dec 30, 2016 @ 12:39 am made a post under the name "I'm New Around Here" (1154723).

Then one day your friend (who is on Facebook) sends you an email with a video invite to her birthday party. You click to play the video. The video is hosted by Facebook, and now based on your click-through, Facebook knows your email address. Based on their cookie stored in your browser, they now know that your email address is user 1348752983, and all the other info they've been collecting about you is now linked to your email address in their servers. Based on your email and other data they have, they deduce your name, cross-reference that to this info they're buying from other services. And now they know your full name, age, address, where you work, roughly how much you make, which high school you went to, who you're dating,

They know all this even though you don't have a Facebook account. Crap like this is why I started browsing everything in incognito/private mode, in addition to the half dozen script, cookie, and tracker blockers I run. I'm not really a private person (the government has my fingerprints and iris scans thanks to the Nexus program I had to join to work crossing the border every day). I just do this because of the principle of the thing - if you want to be gathering info like this about me, at least have the decency to ask for my permission first. Otherwise you're just a digital stalker. And stalking should not be a legitimate business model.