Ride the Lightning

Facebook Will Track Your Web Activity: Changes in Privacy Policies AGAIN

June 18, 2014

ZDNet reported yesterday on another change in Facebook's privacy and advertising policies which is sure to infuriate users. The change allows Facebook to track users outside of Facebook in contravention of previous assurances that it "does not track users across the web."

A positive spin was originally placed on this, indicating that users could better manage their advertising preferences. Users will soon be able to click on a little arrow on an ad, which will show them a simplified version of Facebook's marketing dossier on them, and the user can check or un-check different advertising interests.

However, Facebook also announced last Thursday that it will begin tracking its users' browsing and activities on websites and apps outside Facebook, starting (lucky us, in America) within a few weeks. Facebook said it will begin to disregard its users' choice of using their in-browser "Do Not Track" setting: Soon, anyone who clicks "ask websites not to track me" in Safari (or any other browser) will be completely ignored by Facebook.

Google and Yahoo already ignore users' Do Not Track settings; fortunately, Twitter, Microsoft and Pinterest still respect the browser setting.

In 2011 Facebook was hit with a $15 billion class action lawsuit for tracking users after they've logged out: The suit alleged Facebook had violated Federal wiretapping laws in doing so.

When reached for comment on this article, a Facebook representative told ZDNet, "At this time, we will only use information to make ads better that we get when you’re logged into Facebook. We won’t look at the information when you’re logged out." I love the words "at this time." No one who has watched Facebook's history believes that they will stay with this position for long.

Thursday's announcement seems to be an about-face on Facebook's 2011 statements, when the company told ZDNet:

"Facebook does not track users across the web. Instead, we use cookies on social plugins to personalize content (e.g. Show you what your friends liked), to help maintain and improve what we do (e.g. Measure click-through rate), or for safety and security (e.g. Keeping underage kids from trying to signup with a different age). No information we receive when you see a social plugins is used to target ads, we delete or anonymize this information within 90 days, and we never sell your information."

Facebook has been accused multiple times of using cookies to track users even after they log out of the service – with the company twice denying the allegations and twice claiming it had fixed the issue, calling it a bug.

Since then, Facebook has introduced its own tracking alternative to cookies: Facebook's tracking conversion pixel. The 1×1 pixel is an invisible .gif that tracks users as they go anywhere online.

Facebook's announcement said that users can easily opt-out of this tracking — but the opt-out process is on an external website (the Digital Advertising Alliance), it must be done for each browser, and the opt-out must be re-done every time a user clears out their browser's cookies. Are you KIDDING?

And where is the Federal Trade Commission in all this? They appear to have approved the change, making their "regulation" of Facebook an utter farce.

E-mail:    Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology
http://www.senseient.com
http://twitter.com/sharonnelsonesq