US Congressmen: Facebook Evading Privacy Questions 109
An anonymous reader writes "Two U.S. congressmen have accused Facebook of evading questions about whether it tracks users in order to deliver targeted ads. Joe Barton, a Texas Republican, and Edward Markey, a Massachusetts Democrat, said the social networking giant failed to adequately answer questions raised by a patent application that suggests Facebook could be tracking users on other websites. The duo previously asked the Federal Trade Commission to investigate accusations that Facebook tracks its users even after they log out of the social network, an issue the company says it has since fixed."
They Should Check Facebook (Score:2)
Two U.S. congressmen have accused Facebook of evading questions about whether it tracks users in order to deliver targeted ads
If they want answers, they should just check Facebook's "Facebook Ad Targeting" group page. I'm sure it's "leaking" all the answers they crave. /sarcasm
Re: (Score:2)
I disagree, this is the correct course of action. Ultimately it could lead to subcommittee hearings and changes to the law. Of course that probably won't happen as politicians in the US care less about privacy than the millions of idiots that willingly give FB their private details, but it is hypothetically possible.
Plus, if you don't talk with the execs running FB you can't scare them into reforming or get information that they haven't made public. I'm guessing that they've already read that page and found
Facebook just needs to donate more... (Score:1)
http://sopatrack.com/congressperson/B000213-rep-joe-barton [sopatrack.com]
"Fixed" could mean many different things (Score:5, Informative)
Re:"Fixed" could mean many different things (Score:5, Insightful)
Re:"Fixed" could mean many different things (Score:5, Insightful)
I don't know why regulators don't get this. Facebook's business IS farming personal information. The company's value is based on it. Their future expectations of profitability all depend on being able to sell it.
Of course they will maintain the veneer of compliance, while still doing the exact same things. If they have to pay tribute to a politician or issue an apology, so what? Pennies in a fountain. They have the world's largest pile of the world's most valuable commodity.
Re: (Score:3)
"They have the world's largest pile of the world's most valuable commodity."
What? that Joe drinks miller and likes kinky dildo's?
Its a bubble based on intangible information that only 2 cooperations seem to be interest in while the rest of the world instantly mental blocks their product as reflex
Re: (Score:2)
Re: (Score:2)
Well that is one of the definitions of fixed. As in fixed to the wall.
Re: (Score:1)
Mostly all of it is ads (Score:1)
Re: (Score:2)
Yes. Though, I'm sure that Facebook would prefer people believe otherwise.
Re: (Score:2)
Probably not yet.
Facebook can refuse to co-operate. Then congress could start an investigation and subpoena the information, which facebook would be obliged to obey. And then congress could write new legislation targeting facebook.
Or, facebook could try to quietly ignore the request and ratchet up their sponsorship of legislators.
Re: (Score:2)
Their best plan of action is to do as little as possible, exactly what it takes to make politicians calm down and nothing more.
Re: (Score:3)
At this point, probably not, but if they choose not to they could end up receiving a congressional subpoena. And even in the absence of that ignoring congress critters that have taken an eye to ones business practices isn't necessarily a wise idea.
If in doubt... (Score:5, Funny)
Re:If in doubt... (Score:4, Funny)
I prefer thinking about the NSA merging with Weekly World News: "Bat Boy completes spying mission in Iran, destroys Iranian nuclear plant singlehandedly"
Re: (Score:2)
Grope the bat boy's groin and waterboard Elvis?
Re: (Score:2)
Write a headline like "Kirstie Alley Fat AGAIN: How TOP SECRET Crypto Work Keeps Saavik Looking Like Sperm Whale"?
Pffft (Score:2)
I think congress should look in the mirror when it comes to evading questions... or taxes for that matter
Adblock Filter (Score:5, Informative)
||facebook.com^$third-party,domain=~facebook.net|~fbcdn.com|~fbcdn.net
||facebook.net^$third-party,domain=~facebook.com|~fbcdn.com|~fbcdn.net
||fbcdn.com^$third-party,domain=~facebook.com|~facebook.net|~fbcdn.net
||fbcdn.net^$third-party,domain=~facebook.com|~facebook.net|~fbcdn.com
Hosts file filter (even better) (Score:2, Informative)
Covers any program that is webbound, not just particular browsers that have AdBlock, per the subject-line above:
(Add either of these lines to your hosts file using a text editor & be sure to save it as "hosts", not "hosts.txt" (notepad's NOTORIOUS for that)).
---
127.0.0.1 fbcdn.net
or
0.0.0.0 fbcdn.net
---
* The latter's actually smaller & faster, thus imo, is the better, more efficient option (that's just as universally compatible as the loopback adapter address, but smaller by 2 characters, & has n
I'm more concerned about what CONGRESS is doing (Score:5, Insightful)
I'm way more worried about a government which now has free reign to spy on my phone calls, emails, etc. with no warrants and even gives retroactive immunity [wikipedia.org] to protect the telco's from any nasty civil rights lawsuits over this than I am about Facebook sending me some targeted ads.
In short, a government that treats the 4th Amendment to the U.S. Constitution like a piece of toilet paper is a lot more important a concern than Mark Zuckerberg trying to make a quick buck.
Why would anyone. . . (Score:2, Insightful)
. . .At this point, believe anything congress has to say? I hate Facebook, but come on. Congress cares about privacy? Give me a break. These guys have continually voted against privacy in the form of Patriot Acts, indefinite detention, warrantless wiretaps, etc. What is happening is Facebook just hasn't given the correct amount of "campaign contributions." When Facebook ponies up, you'll hear the tune change.
Re: (Score:2)
Yes, because completely blocking whole amazon aws and facebook is such an awesome idea.
Re: (Score:2, Funny)
Turn off Third Party Cookies (Score:2)
Re: (Score:2)
Is that really sufficient to thwart tracking by the Facebook "like" button? I thought the button was in an iframe, so the cookies wouldn't be considered third-party.
Re: (Score:2)
Please ignore the "I thought the button was in an iframe, so the cookies wouldn't be considered third-party." -- that was muddled.
But, it seems that Webkit-based browsers allow third-party cookies to be read but not written [grack.com] when third-party cookies are "disabled." Facebook can presumably read the cookie (if the browser allows reading) to see who you are, and read the referrer URL for the iframe to see what webpage you were viewing, so it seems they can track you if disabling third-party cookies doesn't pro
I is innocent (Score:2)
It was the evil twins done put secret cookies in all my codes.
-mark
3rd-party cookies (Score:4, Interesting)
3rd-party cookies are a contributing factor to some of these privacy violations.
At what point did it become standard for browsers to accept 3rd-party cookies? The original cookie spec explicitly forbid them, and only reason that I know of to support them is to allow sites to track you across other domains. No web application, shopping cart, etc. should ever need to use them. Further, they seem like a terrible security flaw.
I was surprised to find that Firefox enables this by default, and some web forums (Engadget) are even complaining if you turn them off. I think we need to nip this in the bug, but I am curious when and why this default changed.
Re: (Score:2)
At what point did it become standard for browsers to accept 3rd-party cookies? The original cookie spec explicitly forbid them, and only reason that I know of to support them is to allow sites to track you across other domains. No web application, shopping cart, etc. should ever need to use them. Further, they seem like a terrible security flaw.
Maybe browsers should have per-tab sandboxes for 3rd party cookies.
You close the tab, the cookie gets wiped.
Re: (Score:1)
And how would you suggest keeping state over a stateless connection? The other options (hidden fields, or a GUID in the URL) are at best no more secure than using a session cookie, in many cases they are far riskier to use.
Also, all modern browsers will only send a cookie to the same domain that set the cookie. Even if a facebook cookie is set on my browser, the browser will only send the cookie to the facebook domain... so unless
Re:3rd-party cookies (Score:4, Informative)
Cookies are absolutely not the problem, the vast array of sites installing facebook tracking scripts on their pages is the problem.
In which case, use http://www.ghostery.com/ [ghostery.com] to block trackers.
Re: (Score:2)
Also, all modern browsers will only send a cookie to the same domain that set the cookie
That is how they used to operate, and that is how they are supposed to operate. But enabling 3rd-party cookies means that this rule is disabled. And that is now the default in most browsers. I am trying to figure out when and why this changed.
Who's surprised? (Score:3)
OF COURSE they track you to provide targeted ads, how else do you think they stay in business? Do you think they have a gigantic infrastructure just for your personal pleasure? While I fully support forcing facebook to divulge all the info they store on you (i.e. that gigantic PDF they'll send you on request), I also have no problem with them doing just about anything they want with data they collected. If you find that so incredibly repugnant, don't use facebook at all.
This story to me is about the same as the headline "Pfizer dodges questions from senator that it 'sells drugs' to what they call 'patients'"
Or perhaps "INTEL refuses to deny that it makes computer processors!"
I can see it now.... (Score:1)
Joe Barton:- You can’t lie, so tell me Mark, where is this user?
Mark Zuckerberg:- Uh, hmm, well, uh, I don’t know where he’s not.
Joe Barton:- Your telling me, you don’t know where this user is?
Mark Zuckerberg:- It wouldn’t be inaccurate to assume that I couldn’t exactly not say that it is or isn’t almost partially incorrect.
Edward Markey:- So you do know where he is?
Mark Zuckerberg:- On the contrary. I’m possibly more or less not definitely rejecting the idea
Am I the only one...? (Score:2)
Who thinks these congressmen are so vigorous to get up off their asses cause they have something extremely incriminating to hide? (That facebook might have?)
Re: (Score:2)
Re: (Score:2)
I've said for a few years now that we will get meaningful privacy legislation only after a couple of present or up-and-coming politicians get their careers torpedoed by a 15 year old facebook post. Even better would be someone buying usage data, linking it up to politicians, and running advertisements about the websites they visit.
Re: (Score:2)
I am unlikely to hire or vote for anyone who been a perfect goody two-shoes his or her whole life. If I have to choose between two otherwise equally qualified candidates, I'm going to go with the one who is passed out with sharpie marks all over.
That's okay (Score:2)
That's okay, anybody concerned about this can just not use Facebook. If they are really concerned, they could help the public and probably earn a bundle, too, by starting up a competitor that has better practices and expending their advertising funds educating the public as to why this is better.
Meanwhile, my concern is people like Barton and Markey, who keep taking my money against my will, and meddling in things like this, all the while claiming to "represent" me. Unfortunately this is not so easily sol
Pointless (Score:1)
Re: (Score:2)
Re: (Score:1)
Re: (Score:2)
It's not just posting. Once they have your personal details and a cookie on your computer they get your "stuff you don't want them to have" by tracking you wherever you go. That is the problem. I might like Zebra porn but don't want Zebra porn ads showing up magically wherever I browse. Most people are not /. types either so they don't even have a clue they are being tracked.
Re: (Score:1)
What the hell? (Score:1)
Privacy on Facebook (Score:2)
NOTHING on Facebook is private. If you remember this, then you're okay. If you can't figure this out, then ... well ... too bad for you.
I guess the same thing that happened (Score:1)
Quid Pro Quo (Score:2)
All other problems having been solved, two Congresscritters are shaking Facebook down. Folks, if you use a "free" service, then the product being sold is you. That's the QPQ.
Re:Google Analytics (Score:5, Insightful)
It's exactly the same privacy issue as the Facebook buttons, except that Google is much less likely to have your real name.
Re:Google Analytics (Score:5, Informative)
Bzzt, wrong, both track only the pages on which the tracking code is placed (typically ALL of them). I know this because I've set up these systems as part of my job.
Re:Google Analytics (Score:5, Informative)
No you're still wrong. Yes you can put it in the template, and you can do the same with the Facebook button. The Analytics code doesn't use mind control waves to force the web dev to put it in the template. It isn't unusual to see a Facebook button in a site's "static areas" that appear on every page that lets you Like the company. Technically you are 100% wrong and practically you are grasping at straws.
Facebook is pretty close to GA in popularity now. Look, even Slashdot, the home of the privacy-aware geek, has fucking facebook buttons now, what does that tell you.
Re: (Score:3, Informative)
Yes, site owners tend to put analytics code in sitewide templates. That's kindof the point of analytics. On the other hand, FB code goes on millions of sites that don't use google's analytics, and it almost certainly correlates and stores more actual user-specific data.
Re:Google Analytics (Score:4, Informative)
Will the people who are not using a script in ABE (the Application Boundary Enforcer) in NoScript to prevent Facebook from doing things to you on other sites kindly make yourselves known by raising both feet?
The script to enter looks something like this (see NoScript website):
# This one allows Facebook scripts and objects to be included only .facebook.com .fbcdn.net .facebook.com .fbcdn.net
# from Facebook pages
Site
Accept from
Deny INCLUSION(SCRIPT, OBJ, SUBDOC)
Whatever happened to the NoScript feature for dealing with Web bugs or as AT&T / Yahoo call them, web-beacons? IRC there was a feature for that on untrusted sites. It seems like one to have all the time. Maybe something to avoid loading ANYTHING from other domains would be a good default much of the time too. If other content is that important, the host could be a proxy or users can grant permission. Ebay surely needs something like that.
Re: (Score:1, Interesting)
That makes no sense. Facebook like button really isn't on all pages of the internet because it makes no sense to have it on them, and isn't as widespread either. But every site wants to see how many visitors they have and all other information about them.
But hey, if you don't believe me, take a look at Blekko's Grep the Web [blekko.com]. As part of crawling the web they do exactly this kind of stuff, to determine how many websites have something compared to other.
Here we can find number of domains with Google Analytics [blekko.com]:
Re: (Score:1)
I see the 'google-analytics.com' on several sites when I go in an enable certain domains in chrome. I block all JS and cookies, and only allow what I want to.
So, I block all the facebook, google, and doubleclick stuff that shows on the page.
Having said that, I've been using google for years. I am sure I was stupid sometime back in the day and logged into my Gmail, G+, Google Wave, Gdocs, etc on an unsecure browser, and they have my settings.
If you use Google login, do you know that you should turn off you
Re: (Score:2)
Yeah I turned off the "browsing history" feature shortly after it was rolled out. As I've discussed elsewhere in this thread I'd like to "sandbox" any Google account activity in a separate private browsing window, I can't wait until Firefox allows concurrent private browsing like Chrome does.
Re: (Score:1)
I was obviously talking about how people usually do it. Of course you can do all sorts of tricks or server side determination on when to include GA, but that's completely beside the point and not how majority do it.
Re: (Score:2)
Re: (Score:2)
Watch out Google, Facebook is coming after you for patent infringement. If you do not pay the licensing fee, SOPA will be activated.
Re: (Score:1)
Golf clap. You really can turn every thread into something negative about Google, can't you? You must be some sort of meta-anti-search engine, what with all the insightful information you bring to each and every thread where you fear that someone MIGHT not have the opinion that Google is evil. Did Larry and Sergey go to Stanford with you and make jokes about your mom? What's the deal?
Re:Google Analytics (Score:5, Informative)
It's the new Anti-Google astroturfer. The last one got killed because it he admitted he was a paid astroturfer for MS. This one isn't going to last very long either. Note for anyone who is wondering why I know (with >95% certainty) that DCTech is a paid astroturfer:
* brand new handle
* posts random Google is evil posts in the most unrelated topics
* does so within seconds of the article being up
* does little other than post Google is evil
Re: (Score:2)
I thought you were being just paranoid and delusional, but I took a look at his post... All of them are:
* Google is evil (with a minor in Bing isn't)
* Linux UI stinks (imply MS is good)
* Right holders RULE!
I hope he got good money for his soul.
Re: (Score:2)
Actually, I'd argue that there's evidence that he's simply a crazed MS fanatic who wants to bash all of it's competitors. Here's a list of what I've compiled supporting this:
*Microsoft would only pay him if he could even marginally make them look better instead of looking like a hare-brained MS-loving lunatic.
OK, I admit it was a short list, but I think a valid one.
Re: (Score:2)
The ones I know are SharkLaser and InsightIn140Bytes but they are so obvious.
You would think someone would actually realise what they are doing. It's like going to a party and bullshitting to everyone. It makes you an ass and unacceptable in social situations.
Re: (Score:3)
You're right that companies are built from individuals, and that they have their own, valid opinions. However, that's not the problem here. If an MS employee wants to post their opinion under a pseudonym, I'm fine with that. I'm fine with someone liking MS products, and posting that. But that's not what's going on here: someone is paid to take a position and defend it at all cost. There is no debate going on here, merely advertisement.
I object to being advertised to by someone pretending to not be advertisi
Re: (Score:1)
Yes, because someone who has different opinion is obviously a paid shill. Do you even notice how paranoid you sound?
Re: (Score:2)
You are a paid shill. You have no genuine opinions since you are obviously willing to change them on a dime.
Don't you want to think for yourself?
Re: (Score:2)
Yep, I've noticed the slant. All you gotta do is mark him enemy, watch the FUD spew, ignore and move on. Hell, his post history matches what you say and it's relatively new.
I guess MS must be a bit bored with the last astroturfer.
Re: (Score:2, Insightful)
I'd like to voice my disagreement with the above AC, whose rudeness casts a shadow upon the proper anon's who provide interesting and thoughtful commentary. NeutronCowboy, thanks for the analysis; it was insightful. Don't let the above 1% fellow get to you.