Facebook Users Complain of New Ad-Based Tracking

Tech.Luver noted a story about facebook users complaining over ads where their shopping habits are shared with their friends as if they are endorsing products. The neatest part is that you can opt out- if you click a box that disappears after 20 seconds... wait to long, and they assume you are totally fine with it.

Adversitement

CmdrTaco has bought a Swedish-made penis-enlargement pump!

Eeenstrookshoons

Place dee peenoos poomp oon doo peenoos ahnd vapeedly poomp dee handool oop oont doown.

I guess accuracy is too much to hope for

The neatest part is that you can opt out- if you click a box that disappears after 20 seconds... wait to long, and they assume you are totally fine with it.

Not true; the FaceBook provides a secondary method of opting out, just like you can control lots of privacy tweaks already. There's a nice new option for "External Websites: You can edit your privacy settings for external websites sending stories to your profile." (this is not to say there aren't privacy problems with Facebook in general) [facebook.com]

I guess actually looking before writing a news article would have been just too hard.

Re:that's not the issue, though?

Because it isn't just their privacy policy. It is the page where you set your privacy options. Thats why.

Re:I guess accuracy is too much to hope for

The main problem is that you have to opt out AFTER a site tries (or succeeds) at adding a story to your profile. If you don't respond to the popup (20 seconds OR a blocker), it assumes that you do indeed want to add the story to your profile. While you can disable it later, it might be a few hours or days before you notice if you're not a heavy Facebook user. And, you can only disable it on a site-by-site basis in this manner.

Many nontechnical users that have hare angry. Many Slashdotters use NoScript or something to that effect.

If you get the Blocksite plugin and block *.facebook.com/beacon/*, you can use Facebook normally and not have to worry about sites that implement it- the script that runs the beacon never gets to run, and there is no chance for the story to be sent.

Re:I guess accuracy is too much to hope for

Facebooks' policy is, and has always been, "It's better to ask forgiveness, than permission" with regards to policy. They claim to be for your privacy, but whenever they roll out a new feature that might be a privacy concern, they opt you in and don't make any sort of announcement so it can be months before you notice that you can close out such features. I used to be on facebook, and I recently closed my account because of such bullshit. A lot of my friends, my fiance, my mom, etc., acted rather put-out like I'm intentionally avoiding them or something. It's wierd how much pressure I've felt (though not from my fiance, she gets it) to re-join. News like this is just what I need to show people why I left.

Information leaks and "SkyNet"

Facebooks' policy is, and has always been, "It's better to ask forgiveness, than permission" with regards to policy.

Who cares about this? What's important is the long-term trend. Computers are networked. They are growing in power and complexity at an exponential rate. The algorithms for data processing and pattern-recognition software are being worked out at lightning speed.

Computers are sharing information. And, once leaked, it's basically impossible to contain it. And once leaked, this information is available for an indeterminate period of time - forever?

Why forever? Since storage capacity is growing exponentially, the need to purge old data is dropping exponentially, too. I have, on DVD, a hard disk image of my entire computer at around 1999. It's about 1 GB of data, and was a real hassle to get together back when I made it. But now, I've got a copy in a folder in my home directory on my Laptop, which has 160 GB HDD. It's not enough space for me to care - my disk usage is floating around 75% now, including my entire MP3 collection. (which dwarfs my old HDD)

I'm probably going to keep that old disk image, along with its ancient copy of freecell.exe forever. Not because I care at all about freecell.exe, but because the cost of actually deleting that file is far greater than the cost of keeping it around.

And so it is with leaked, marginally valuable information - the cost of leaving it "hanging around" is lower than the cost of identifying exactly what it is and deleting it. So this leaked information tends to "stick around" forever, and we have pattern recognition, AI, and search algorithms improving rapidly, which dramatically reduces the cost of identifying and reprocessing this marginal information. The end result is a human/machine meta-creature, a sort of swarm-like social animal like ants but with a common, shared intellect, lots like the GAIA from (you guessed it!) Asimov's Foundation series! [wikipedia.org]

Asimov was a visionary in more ways than one...

Guess I'm rambling. I'll stop now.

Re:I guess accuracy is too much to hope for

Show your friends what you like and what you're up to outside of Facebook. When you take actions on the sites listed below, you can choose to have those actions sent to your profile. Please note that these settings only affect notifications on Facebook. You will still be notified on affiliate websites when they send stories to Facebook. You will be able to decline individual stories at that time. No sites have tried sending stories to your profile

I hope you are not suggesting that I wait until after a site sends something to my profile to have means to stop it? This would be ok, if you alone are notified of the attempt before it can be successfully carried out. What if someone doesn't notice the little blip they put up on the external site? Can they still block others from seeing something even if its only once? I won't have to worry about this because my account is registered with an email I don't use for shopping, so I am asking because I can only find out from others experiences. That at least is the point most people here are getting at.

Anything other than having the default be no consent, there seems to be something wrong with this model. I think this may mean people will start shopping with a non-facebook registered email address.

My solution from a while ago was to create a new email address for every site I register with (it is a mail forwarder - i don't actually check dozens of email addresses). This gives me the ability to delete the address if it starts getting too much spam (selling of email addresses was one of the original reasons for me to do this). a sideeffect is that it hinders (though does not block) sharing of my info amongst businesses.

Re:I guess accuracy is too much to hope for

I just checked my facebook privacy settings and it just gives a stupid message and has no options to opt out. I guess my privacy has to be violated first and only then am I able to tell them that I didn't like it.

Show your friends what you like and what you're up to outside of Facebook. When you take actions on the sites listed below, you can choose to have those actions sent to your profile. Please note that these settings only affect notifications on Facebook. You will still be notified on affiliate websites when they send stories to Facebook. You will be able to decline individual stories at that time. No sites have tried sending stories to your profile

Opting Out

If you look at it more closely [facebook.com] you can't opt out of the service generally. Every time a new site tries sending stuff to your news feed you have to go back to the Facebook privacy page and opt out of that particular site.

Aside from AdBlock, you can do the following to effectively de-activate this service:
1. Get Firefox
2. Download and Install the BlockSite plugin for Firefox.
3. After restarting Firefox select 'Add-ons' from the Tools menu.
4. Click the 'Options' button on the BlockSite extension
5. Click the 'Add' button
6. Enter http://facebook.com/beacon/* [facebook.com] into the input box
7. Click 'OK'
8. Click 'OK' again and you are good to go.

Re:Opting Out

Aside from AdBlock, you can do the following to effectively de-activate this service:

I think closing ones account and would be an infinitely preferable option. Yours only resolves this one issue. But what about the next one? And the one after that?

They say don't throw the baby out with the bathwater, and that's fine, but I think the facebook baby went down the drain a while ago, and all that's left is a mass of humanity puttering around in its own dirty bathwater.

What do you expect on a free service?

Personally, I think it's a fair trade. What do you expect when you put all your personal information in to a web-site that is free to use? They have to make money some how and the easiest way to do that is to sell your information on to other people or come to agreements with other companies to find ways to market to you.

If you don't like that then don't use Facebook!

If you want your own soap box under your own rules then get your own site. You can even run these out of your own house now provided you're with a civilised ISP.

Simon

Re:What do you expect on a free service?

At universities, this has replaced e-mail as a primary form of communication. I ask people I meet for an e-mail address. They tell me to look them up on facebook. At a university, you would literally be cutting out much of your social life if you never used facebook, because most of the people at the school expect that you will communicate with them through it. It's like saying that if you don't like the subscriptions and lock-ins that the cell companies require in the US, that you just don't use a cell phone. The price of ignoring it is huge.

Re:What do you expect on a free service?

Orly?
Cry more.

What facebook is doing is contemptible. But if you can't take a stand against something like this that requires such a minor inconvenience... Good Lord! All it takes is for when you're exchanging information that you explain you're against facebook and you give a phone number or email address or domain name or aim name. Anything else they can use to get in touch with you. Most people will admire you for taking a stand, it shows strength. If someone really wants to speak to you in the future they will make the necessary arrangements. What's going to happen when someone really steps on your civil liberties or wrongs you in some way like, oh I don't know, the governement and you're required to make a real democratic sacrifice in order to fix things?
Are you going to sit there as you do now and cry like a little baby about the inconvenience it would bring into your life?

There was a time students would get out and protest against illegal or amoral wars, now they care more about their latte or facefuckmeintheassbook.

Re:What do you expect on a free service?

They tell me to look them up on facebook.

The only time I ever do this is when I don't actually want someone to get ahold of me. Facebook makes a nice intermediary, especially if they're just going to send me messages or write on my wall where I can easily ignore them.

At my university, this doesn't fly for legitimate communications. Facebook is quickly gaining on myspace for the electronic embodiment of tackiness. A phone call is best, an instant message has the benefit of being...well...instant. Even email works. A message on Facebook is like a Fisher Price email.
I don't buy the social networking argument either. Facebook is great if you want a huge number of 'friends' to show off, or really want to give someone a 'pet duck' or 'sixpack of beer'. It's not bad to get a glimpse at what someone might be like based on a profile, but the usefulness pretty much ends there. I've never had a physical relationship that involved sending a 'super poke' (at least not on facebook), or formed a business connection by sending someone a virtual 'small box with a hole in it'.
Of course your mileage may differ, and I'm getting ready to graduate, so the freshman crowd may see things differently, but particularly with the direction that facebook is heading, anyone who uses it as a serious means of communication is just hindering themselves.

What happens when...

What happens when someone shops at an adult store and there are minors on their friends list...?

Re:What happens when...

The same thing the happens when you watch a porno movie and you have "let my msn friends see what I am watching" enabled..

Username is currently watching "AnalBeachNuns9.avi"

Re:What happens when...

Care to share?

Re:What happens when...

Then those minors will be PERMANENTLY DAMAGED FOR LIFE. Permitting minors to know of the existence of adult novelty items is a crime against humanity and should be punished by death.

You can disable it in Privacy.

Facebook > Privacy > External Web Sites

Any site that has attempted to send something to your profile via the Beacon can be revoked and the stories deleted.

Facebook users...

Hardly a week goes by without Facebook users whining about something.

If only they would harness that energy and complain about something really important. There's a lot of bad things happening in the World where their incessant and perpetual vociferousness could help invoke real social change.

If they don't like Facebook, there are MANY Web-2.0-social-networkized alternatives. They should just go use them instead (and quietly). I feel really sorry for the guys who started Facebook sometimes, they have a really tough crowd to deal with.

Re:Facebook users...

Personally, I've never used Facebook or any social-networking site, and I only know what little I read here on Slashdot. Even so, it does seem like hardly a week goes by without Facebook implementing some controversial, poorly thought out feature that pisses a lot of people off. As with any large-scale data aggregator (for that is, in effect, what Facebook has become) there's the potential to screw up and hurt people. There's a need to make money, I know, but sometimes Facebook's management seems to err on the wrong side of privacy.

Re:Facebook users...

Secondly, Facebook users DO harness their energy and invoke real social change. There are THOUSANDS of groups and "Causes" devoted to organizations like FreeRice.com, Red, AIDS / HIV Research, ASPCA, Breast Cancer Research, Domestic Abuse, and so on. Don't believe? Have a look yourself. Facebook Causes [facebook.com] or Socially Conscious Networking - Facebook [pronetadvertising.com]. Next time do a little research before stereotyping 55 million people. Facebook Factsheet [facebook.com]

Do you really think those Facebook groups and causes achieve anything other than allowing people to show off how 'socially conscious' they are?

Typical marketeer-think

Even if there is a simple opt-out in the general privacy settings, if one hasn't needed it before it's a rude shock to find it suddenly is needed. Sharing information in aggregate is one thing, being used as a product endorser is quite another.

This is yet another illustration that people want opt-in so they can decide and marketers want opt-out so people can get stuck with crap they don't want. That the individual opt-out disappears after a short time shows the real attitude: We don't even want you to have that option, really. Just like the spammers who try to claim that proper verified opt-in is "double" as if it made more work for their victims.

The only real surprise in all this is that people don't set the opt-out as a matter of course when they sign up for the service. Of course, they have to know about it to set it. Not having, nor desiring, a Facebook account I don't know if it's made plain right up front or if a person has to go searching for the controls. And then hope the settings stick. Some places (*cough*LiveJournal*cough*) "forget" settings from time to time.

the microstatus feature is worse, I hear

Personally, I would be more upset about the Microstatus feature they're testing right now [pttbt.ca]... at least you CAN opt out of the ad one...

Adblock Plus + Adblock Plus: Element Hiding Helper

Adblock Plus [mozilla.org] and Adblock Plus: Element Hiding Helper [mozilla.org] will take care of those text ads or any element on a website you want to hide. I had already been using ABP but found the Element Hiding Helper just to get rid of those damned things.

DPA

As my lecturer said (in a Data Protection Act lecture in Britain*): "the biggest threat to the data protection is not criminals but american companies". It seems your protection laws are remarkably slack.

*That's BritainEnglandUKEurope to my friends over the pond

Wait...I'm confused

Those users say they never noticed a small box that appears on a corner of their Web browsers following transactions at Fandango, Overstock and other online retailers. The box alerts users that information is about to be shared with Facebook unless they click on "No Thanks." It disappears after about 20 seconds, after which consent is assumed.

How do Fandango and Overstock know that the buyer has an account on Facebook? How do the two get linked up? Cookies?

Re:Wait...I'm confused

"How do Fandango and Overstock know that the buyer has an account on Facebook? How do the two get linked up? Cookies?"

Any site that is part of the Beacon affiliate network has a script that can read your Facebook cookies. The code is here, for any interested. http://www.facebook.com/beacon/beacon.js.php [facebook.com]

You buy a product on Overstock. It gets some information on your Facebook account, then asks if you wish to 'publish this story' to your Facebook account. You can click:
1) Learn more.
2) This isn't you. No publish.
3) No thanks. No publish.
4) Close. Publish later.
5) Ignore. Publish later.

4 is the problem; you can ignore or close the box, and it will, instead of thinking that means a No Publish, ask you AGAIN when you log in to Facebook. If you ignore that one, too, or do anything but specifically click No (the X in this case), it *will* publish. It's unintuitive.

Whether this is user-error or intentional design, users are also reporting that they have to opt-out of these affiliates site by site to stop publishing, because opting out of Beacon itself is insufficient or not possible. That's why people are irritated -- they never downloaded an app or asked for Beacon, didn't realize they had to specifically tell it 'no', and can't figure out how to turn it off.

I never wait to long.

I guess I'm just too impulsive to ever put off my longing - right now, I'm feeling an indeferrable longing for a proofreader at Slashdot!

Like most

Like most social networking sites on the internet, facebook started sucking as soon as it became popular.

That's called negative agreement

and it's actually illegal in some countries.

Why I quit Facebook and you should too

It was for precisely this reason that I recently quit Facebook [cydeweys.com]. I was a member of it mainly for contacting people in college, but I've since graduated, and have found myself spending less and less time using it. Meanwhile, its infringements on my privacy have grown more and more.

The first whiff of displeasure I got when using Facebook was when people could tag me in photos without my permission and have them display on my profile. Understandably, there's lots of pictures one would probably not want the world to see, especially during a job search. I did eventually find the option to disable this "feature", but it was many months afterwards. Similarly, I expect there's a way to disable this privacy-infringing commercial thing, but the simple fact is, it's turned on by default for users, and you have to actively figure out how to disable it.

That's not how this kind of stuff should work. It should be opt-in, not opt-out. Am I supposed to babysit my Facebook account into the indefinite future, disabling each new feature as it comes out, hopefully in time to prevent revealing information that I didn't want revealed? No thanks. I'll just quit Facebook. I did, and you should too. The more people who put up with this kind of crap, the more emboldened they will be to keep doing it.

"wait to long"

Hey, phonetic editing!

If it *sounds* right, it *must* be right!

Nice!

My favorite part of Facebook

Is that you cannot actually delete all of the information in your profile with ease. You can deactivate your account, but all of your information is still on their servers and will load right back up if you log in again. To actually delete your profile you have to delete EVERY SINGLE THING from it. That's right, every post on your wall, every picture, you have to individually delete each of them. Fun times.

Facebook's Tactical Advantage

Currently, Facebook possesses an *unknown* tactical advantage in opposition to Google's *unknown* willingness to commit strategic resources and influence. But once Facebook's advantage is quantifiable, I suspect that Google will guesstimate and commit enough resources to win the battle. The odds are good that Facebook's growth rate of change will hit an inflection point in the next few months. These user complaints are a direct result of Facebook trying to push a tactical advantage for strategic gain.

http://www.realmeme.com/roller/page/realmeme?entry=social_networking_meme [realmeme.com]

Once Facebook hits an inflection point, its scope of influence is bounded, i.e. predictable.

Facebook needs to change the game to increase their chances of winning.
At this point, I give them a 50/50 chance.
There's power in coalitions (see IBM's strategy with Eclipse, Sun's strategy with Java & JCP).

If I owned Facebook, I'd redo the Facebook API by combining some of the ideas of OpenSocial, then build a coalition along the lines of the Java Community Process to manage it, abdicating 49% of the power and responsibility to other companies. If Facebook does that now, they can leverage their current development community and possibly force Google's hand. If they wait, the true extent of their power will eventually be revealed and challenged.

Give us the List of Companies involved

Ok, Facebook do appear to have been doing something very stupid here, but let's get a list of all the vendors involved. Can we not have a list of all the vendors (Amazon and the like) who are happy to release your private sales information to a third party without your express permission?

I think it would be very important to promote a list of online retailers who it's NOT safe to shop with. Ignore the fact that Facebook are showing the information where they shouldn't be, the retailers who are offering the information out in the first place are the ones to really be angry with.

And if it isn't in cooperation, and there's some kind of stealth applet in the browser (as it sounds like there might be) listening in on third-party site traffic then that sounds like either a browser security hole (which should be patched) or some kind of malware that should be removed from systems.

Unless, this is just some overblown incident of user stupidity where they are telling facebook more than they should be. I haven't seen the thing in action myself.

Jolyon

Re:Give us the List of Companies involved

This might be a partial list, as I've heard reports of participating sites not on this list. But Here ya go:

        * AllPosters.com
        * Blockbuster
        * Bluefly.com (NASDAQ: BFLY)
        * CBS Interactive (CBSSports.com & Dotspotter) (NYSE: CBS)
        * eBay (NASDAQ: EBAY)
        * ExpoTV
        * Fandango
        * Gamefly
        * IAC InterActiveCorp. (NASDAQ: IACI) sites (CollegeHumor, Busted Tees, iWon, Citysearch, Pronto.com, echomusic)
        * Expedia (NASDAQ: EXPE)'s Hotwire
        * Joost
        * Kiva
        * Kongregate
        * LiveJournal
        * Live Nation (NYSE: LYV)
        * Mercantila
        * National Basketball Association
        * NYTimes.com (NYSE: NYT)
        * Overstock.com (NASDAQ: OSTK)
        * (RED)
        * Redlight
        * SeamlessWeb
        * Sony Online Entertainment LLC (NYSE: SNE)
        * Sony Pictures (NYSE: SNE)
        * STA Travel
        * The Knot (NASDAQ: KNOT)
        * TripAdvisor
        * Travel Ticker
        * Travelocity
        * TypePad
        * viagogo
        * Vox
        * Yelp
        * WeddingChannel.com
        * Zappos.com

from
http://www.bloggingstocks.com/2007/11/22/facebooks-creepy-ads-put-your-mouth-where-your-money-is/ [bloggingstocks.com]
which sources the info from
http://sev.prnewswire.com/computer-electronics/20071106/AQTU20606112007-1.html [prnewswire.com]

When you live a lie,

reality is a threat.

Facebook users are complanining on asite....

...that requires your REAL FUCKING NAME about privacy issues?

Hilarious.

Faceook Architecture

I just opened an account on Facebook recently -- mostly to see what the big deal was. It seemed harmless enough until I got a request to join a particular Facebook "app", in this case an app that compares tastes in movies.

I use Firefox exclusively with NoScript installed. I clicked on the link, and... What the hell am I doing on this completely different site? And why is it trying to run JavaScript at me? Further, why is it trying to run a cross-site script from Facebook?

It was at this point that I began to suspect that the pages Facebook is presenting me are not, in fact, always generated by Facebook's servers, but instead can be cobbled together from any number of sites and servers located anywhere, and that these sites all exchange data transparently with Facebook.

I haven't read their developer's pages or their API specification, so I'm only guessing here. Does anyone know if this is in fact true?

Because if it is -- to borrow one of Jon Stewart's terms -- then it's an absolute catastrofuck of a design, and everyone but everyone should run screaming from Facebook as fast as they can.

Schwab

silence?

well the old addage is scilence is compliance

hmm.

Welcome to the new social norm in the world. The "sheeple" are mad because someone is trying to profit from the mindless social jabber on these megasites. Plus Microsoft is trying to recoup the loss from the google fakeout. :) Gee, looks like Microsoft, who is now processing the ads on the site is doing quite well..I still say they need to lace an ad in the queue with a flawed WGA validator and go RIAA on these people. OH..sorry, your Windows is pirated, pay us 3000$ and we'll look the other way. :) We skip steps 1-3 and go straight to 4. Profit. :) $ocialnetworking...ain't it grand? :) In other news, Nigerian spammers are offshoring work to India...

Re:Call me back when...

Let me tell you something, buddy. Once you go black ... you never go back.

Re:What a bunch of whiney bitches!

While I don't agree with the latter part of your post, the first two sentences seem appropriate enough. If you agree to the privacy policy (which is a god damn nightmare of a policy, imo) and then turn around and cry bloody murder when your information is used in ways that are covered in the policy, take a look in the mirror when you start pointing fingers.

I don't agree with the way they use information, and coincidentally I don't have an account with facebook. Seems pretty simple to me.