Facebook, Others Giving User Private Data To Advertisers

superapecommando sends along a Wall Street Journal report that indicates that Facebook's privacy troubles may be just beginning. "Facebook, MySpace, and several other social networking sites have been sending data to advertising companies that could be used to find consumers' names and other personal details, despite promises they don't share such information without consent. The practice, which most of the companies defended, sends user names or ID numbers tied to personal profiles being viewed when users click on ads. After questions were raised by The Wall Street Journal, Facebook and MySpace moved to make changes. By Thursday morning Facebook had rewritten some of the offending computer code. ... Several large advertising companies ... including Google Inc.'s DoubleClick and Yahoo Inc.'s Right Media, said they were unaware of the data being sent to them from the social networking sites, and said they haven't made use of it. ... The sites may have been breaching their own privacy policies as well as industry standards. ... Those policies have been put forward by advertising and Internet companies in arguments against the need for government regulation."

Cue

[Anonymous Coward]

Cue the "privacy is dead" asshats, who for some reason are determined to purge the natural human desire for privacy that has existed since the dawn of human evolution.

Honestly

[bsharp8256]

Is anyone surprised by this?

surprise, surprise

[Tom]

Is anyone surprised? As soon as companies grow so big that consumers can not easily vote with their wallet anymore, or their offers are non-monetary for the end-user (who is the product, instead of the consumer), there's no reason they would take privacy seriously. I'm pretty sure the bad PR is the only reason they worry about it at all.

In advertisement, all commercial participants conspire against the consumer.

I'm not a friend of government (especially our current one here in Germany, a bunch of monkies could do a better job) - but I don't see which other organisation could regulate these commercial big players anymore. Certainly not the consumers, who despite Internet and all theoretical options of banding together simply have 1000 other things in their lives to worry about, so finding a sufficiently large group of people who care about this particular thing enough to make a difference is as hard as ever.

Oh, REALLY?

[Millennium]

If this is true, then Facebook is committing fraud. Shut them down.

Re:surprise, surprise

[AnonymousClown]

I think most people don't even think about it or don't think they have anything to hide - until their identity gets stolen or they get fired for a post on their Facebook page.

Unfortunately, throughout the Western World, we have worried so much about government trampling our rights that we completely ignored the private sector.

To head off the "well, just don't do business with them!" posts, I'd like to point out that Facebook stated in their policies that they wouldn't do this and secondly that every service, whether it's cell phones or internet sites, has a little statement buried in their terms that states they can change the terms anytime they want.

I really hope Facebook gets sued over this a loses and a precedent is set over internet website policies - in the consumer's favor.

Re:Unused

[Anonymous Coward]

the article in now way says that the data not being used absolves Facebook, they're saying that to some degree, if true, it absolves DoubleClick and RightMedia, who can hardly be blamed for being sent data they were unaware of and didn't ask for.

Hanlon's razor?

[mcgrew]

Some people use it as an out; "Oh, I'm sorry, I didn't know!"

Never attribute to malice that which can be explained by incompetance? Yes, that applies, unless it crosses "never attribute to incompetence that which can be explained by greedy self-interest". That's the razor that applies here; if your "mistake" benefits you, only a fool will believe it's a mistake.

Mr. Brin, I love your search engine, but please change your lying motto.

Re:Unused

[commodore64_love]

Ha! Funnny.

I honestly don't care if advertisers learn that I like collecting old computers and other hobbies. I'm more concerned about the info leaking to people with REAL power over me. Like a prospective employer (hmmm, he is pro-gun - don't wanna hire him), or the US government (this guy sold Final Fantasy 7 for $150 and didn't pay taxes).

Re:Cue

[Anonymous Coward]

Some people learn in momentary bursts of insight. They LOVE the Barbary Coast attitude of the Internet because is it's like manhandling a pinball machine. They don't always like the lack of law and order but it seems that they only do something about it when they get a tilt penalty. All in all, this is a pretty White discussion.

So (yet again) I must ask

[Jawnn]

Why would I want to use Facebook at all if I value my privacy? And a follow up which is probably more to the point, with all the shit Facebook has pulled, why are you bitching about it if you're still a user?

Google

[jvkjvk]

Somehow, I don't buy it, and it makes me sad that Google has gone this far down the path of Corporatism.

Now, they lie to us to our faces. I find it impossible to believe that Google did not know what was in the strings being sent to it.

Google is trying to tell us that they are so incompetent that they did not realize what all that information in the strings that were sent to it actually signified.

Right.

Either their hiring practices scrape the bottom of the barrel (which we know is not true), or they knew exactly what information was in all those strings, since that's their job. Collecting and analyzing information (of which those URLs are a subset).

Oh, I know. Since we are in a free market economy you can just not use Google at all! And any site that has adwords, or google analytics, or youtube, or refuse email of anyone that sends you email from a gmail address, or...

If enough people do this, we can show Google the error their ways. /sarcasm

Re:I'm shocked! SHOCKED!

[$RANDOMLUSER]

Yeah, I get that. Meanwhile, the user pages have already been spidered, so it's just a case of attaching one to the other.

Re:Unused

[FreakyGreenLeaky]

Similar to Google's "accidental" sniffing of public wifi -- they didn't use it, so that makes it all right.

Bloody criminals.

Re:Cue

[dyingtolive]

I don't believe privacy exists really anymore, but I wouldn't say that privacy is dead, it's more like it was just given away freely and irrevocably without a second thought as to the long term ramifications. I refused to use facebook for the longest time, but I've personally given up. My friends use it and it's their primary means of communication, above and beyond simpler and "better" things such as email. I just try to keep as much actual honest information about myself off there as possible and keep my head down to limit damage as much as possible. The moment someone comes up with an alternative solution that I can talk even the laziest person into migrating to, let me know. Until then, I'm living with the subpar solution for lack of a better.

Also, "privacy is dead" is the bumper sticker slogan those people go by. I've never heard anyone outside of corporations and governments (hard to tell the difference anymore) saying that it is. They're not determined to purge the world of privacy, but merely to illustrate to people just how privacy-free it's become.

With regard to the "news" itself, color me completely unsurprised.

Re:I'm shocked! SHOCKED!

[Anonymous Coward]

It seems to show more incompetence than malicious intent,...

Facebook? The hottest thing on the Internet since the 90s and has the choice of the best of the best of the best web developers - made a mistake like that?

Are you kidding me? Have you ever even looked at Facebook? From a purely technical point of view, it's a half-assed slapped together with duct tape piece of shit. It's only technical merit is that it's not nearly as horrifyingly amateur as MySpace.

Facebook may be "all the rage", but the best of the best work for Google and Microsoft, not Facebook.

Re:surprise, surprise

[Tom]

conspire != conspiracy

In the literal meaning of the word, all the participants - the website you're visiting, the ad agency, the ad network, their customers - all work together against you. There's no reason to be dramatic, but it's a simple fact that they are all trying to coerce/convince/manipulate/whateveryouwanttocallit to split with some of your money into their direction, which then feeds them all.

Re:I'm shocked! SHOCKED!

[PopeRatzo]

Unless the advertisers thought to scrape referrer URLs for usernames, they didn't get shit.

And we all know that advertisers would never do anything as underhanded as mine information from a data stream, because that would be wrong.

"Unaware" Bullshit

[Anonymous Coward]

> Google Inc.'s DoubleClick and Yahoo Inc.'s Right Media, said they were unaware of the data being sent to them from the social-networking sites, and said they haven't made use of it.

Yeah, right.

If you look closely at Google/Yahoo advertising tags - they are proactively trying to catch (via Javascript) and log (in GET parameters to their server) current URL to which their ads are served. Unless you fake referer AND use NoScript extension, you're giving them this data. And I have a strong diesbelief that they do not store this data.

Yahoo and Google are logging huge part of your Web browsing history this way.

I guess they've coded it by accident?

Re:Referrer URL is the issue

[Sockatume]

I think it's time for us to decide whether the ability for a site to request its referrer is worth the potential privacy issues. Should it not be opt-in? It's not like a cookie, you don't explicitly elect to provide the site with the information in question.

Re:Cue

[tpstigers]

Don't be stupid. Privacy isn't dead. It just that privacy is - and has always been - up to the individual. The issue we keep running into here is that people expect someone else to protect their privacy. If you want real privacy, it's up to you to secure it and maintain it.

It's called a SOCIAL SITE

[scottwilkins]

When are people going to get a clue and figure out the Facebook is a social web site, not a private web site? They think they can hide a black eye in the middle of a large party? If you don't want the World to see it, don't bring it to the party. DUH!

Re:So (yet again) I must ask

[Rob the Bold]

Why would I want to use Facebook at all if I value my privacy? And a follow up which is probably more to the point, with all the shit Facebook has pulled, why are you bitching about it if you're still a user?

Maybe you do value your privacy with some (strangers, employers) more than with others (friends, family). I think that privacy, like intimacy is not a binary thing. There are people whose hand you wouldn't even shake, folks you would hug in public and people who've seen you naked, right? (I'm being rhetorical here, you don't need to answer that.)

I take your point about facebook, though. They don't act trustworthy and do act too capriciously. Nevertheless, people would like to expose some of themselves, just not all of it and just not to everybody. Facebook happens to be extremely popular: many of your friends are there. Bitching about facebook's crap is actually quite reasonable. You'd like them to change to avoid the hassle of finding another alternative. They probably won't, given their history, but they certainly won't if no one says anything.

Re:Unused

[Anonymous Coward]

Don't you get it? You can't trust *anyone* with too much information. People say they don't care if marketers know all about them, but if it is allowed to get to the point that advertisers have complete profiles on people for marketing purposes (and things like facebook are very near to making that possible) then what stops them from sharing that info with the government, or selling it to employers checking on an employees private life, etc, etc. Do you think the advertisers would turn down the extra money? Do you think they would decline to do it because it's unethical? We're you born yesterday??

Re:Cue

[Abcd1234]

I don't have a facebook account, and I don't have any idiot farmville playing friends

Are you sure? For all you know, right now, a friend or relative of yours is posting pictures of you on Facebook, and there's absolutely nothing you can do about it. It's a brave new world.

Re:Unused

[Archangel Michael]

"Similar to Google's "accidental" sniffing of public wifi -- they didn't use it, so that makes it all right."

I don't get this one. WHY is it wrong? Didn't we /.ers love the stories of wardriving years ago, when people posted the location of open WiFis so we could leach off them?

Look, if you don't want Google Doing it, because they are "BIG CORP", then don't do it yourself. There is no difference between the idea of wardriving individually, and Google doing, except for scale.

I don't have a problem with Google Wardriving. NONE.

Also, Internet is NOT secure. There is no privacy on the internet. NONE. Everything that makes the internet useful to you, is a way to make it easier to track you.

What you put up on the internet is there for everyone else to see, forever. Even if it "delete" it, it probably lives somewhere on some server or another.

We might as well get used to this paradigm and either not do anything on the internet, or just learn to be careful knowing the whole time that we can't be careful enough.

I'm not all that concerned with what is on my facebook, as it is all public info anyways. And I don't fear stalkers, they should fear me. ;)

Re:Topical..

[Andorin]

Except ... that comic is compare two unrelating things like if doing one would have affected the other, which it wouldn't.

You're missing the point. Beardy McNerdy is the sort of guy who reads Slashdot and worries about these sorts of things: open standards in the case of the .doc part, and 3vil social networking sites abusing their power and position. Sticky non Techie, on the other hand, is your average condescending person who sees all of it as pointless and just wants to read about the new iPhone release. The comparison is between two forms of 3vil perpetrated by a corporation: the former is Microsoft's strategy of locking users into their products by disallowing open standards, and the latter is Facebook's recent big privacy fuck-ups. (Could also be argued that Facebook employs vendor lock-in by keeping their platform closed and not allowing others to facilitate communication through it. Yes, this doesn't apply to IM, so I refer to profiles/groups/everything else.)

In both cases, Beardy McNerdy is your average geek, trying to warn others about the perils of big corporations in the online and personal computer worlds. The irony is that in one case, Sticky non Techie is fine with the 3vil, but in the other, he's actually running to Beardy McNerdy with the news, alarmed.

People don't give a shit about nerd turf wars over document formats, what they have WORKS for them and everyone else

Except when people get macro viruses from .doc files.

Re:you should not be surprised by this

[Fritz T. Coyote]

Yes... and even if geeks and privacy fans manage to avoid being in the particular set of data, who cares... there are plenty of folks (one borne every minute) who have happily posted lots of stuff on FB, etc... It's a gold-mine of demographic data, only an idiot (or someone with ethics) would pass up the chance to use that data to Make Money Fast.

Time to Update Barnum's Philosophy for the 21st Century: 'It is morally wrong to allow a sucker to keep their money or their privacy'