More bad news for Facebook

The bad news about Facebook's Beacon program, user tracking, and privacy concerns just keeps piling up. Now Mark Zuckerberg and Facebook are under fire from consumers, journalists, activist and advocacy groups, and even its own advertising partners.

Today's biggest revelation, reported by PC World, is that "Facebook has confirmed findings of a CA security researcher [Stefan Berteau] that the social-networking site's Beacon ad service is more intrusive and stealthy than previously acknowledged, an admission that contradicts statements made previously by Facebook executives and representatives," including email correspondence between Berteau and Facebook's privacy department, as well as statements made by Facebook vice president Chamath Palihapitiya to The New York Times.

Facebook confirmed Stefan Berteau's specific allegation that Beacon tracks the off-Facebook activties of members even when they are logged out of the social-networking site.

The big question for users is whether there is anything Facebook can do to regain their trust. One of my frustrations with this story has been to see many media reports with headlines like "Facebook in privacy U-turn over Beacon" when the company had still refused to allow users to easily and permanently opt-out of Beacon.

Now as more revelations and discrepancies come to light, we're seeing more coverage like today's San Jose Mercury News editorial, "Facebook move doesn't clear up privacy fears."

The privacy groups EPIC and the Center for Digital Democracy are preparing to file FTC complaints against Facebook. In the meantime, advertisers including Overstock.com and Coca-Cola have dropped their connection with Beacon. As Henry Blodget observed in the Silicon Alley Insider blog, "Ouch. You can dismiss whiny 'pundits' all you want, but when major advertisers you touted as being charter members of the program decide you jerked them around, you had better start apologizing in a hurry."

I wish that consumer pressure were enough to turn this program around (or off!) but advertisers and regulatory agencies may be the ones to ultimately get Facebook's attention.

[ten90jwhite]

I don't why everyone is sooo pissed off about this. When I first saw it working on my page I though it was a really cool feature! I had no idea everything on the internet was so interoperable already. We think that the idea of retinal scanners at the Gap asking us if we liked our last purchase is futuristic (see Minority Report) but we are very nearly there. I don't want to see this go away, but they should let you turn it off or moderate its settings.

[ten90jwhite]

Also, here's something for people to think about - the "terms of use" and "privacy" policies you agree to when you use sites accessed by Beacon currently allow for those sites to send information to a third party without your knowledge. If everyone is freaking out about this information becoming public, think about how much of your private information is being passed around between companies without your knowing.

[mojomom]

I think you have just answered your own question! I agree that the privacy problem lies as much with the participating sites as it does with Facebook. (I wrote about that in my previous blog post.) Beacon is the tip of the iceberg but Facebook is an important site and they should be held to a standard of respecting members' privacy.

Not everyone thinks that Beacon is a cool feature and we should certainly be able to permanently opt out. Remember that on Facebook you are the product being sold! Your information and behavior is being sold to advertisers. What are users getting in return, and is it worth it?

[ten90jwhite]

Users are getting free content! People are forgetting that the whole point of this advertising system is to generate money to provide free services (like Facebook, MySpace, YouTube, etc). The information that gets passed back and forth about you isn't really too sensitive at all. It is a huge jumble of keywords, sites that you have visited, and some basic information about you (name, gender, ip address, browser, etc.). What is the downfall of my information being sold to another company? It's not serious enough information for me to be concerned about and it's not like people are looking through my data (I feel sorry for the people who have to manage those humongous, ugly databases). I definitely enjoy what I am getting in return and don't know what I would do without all of my free services (including CNET), because they wouldn't be around without advertising. Pretty much anything they can think of to support themselves is fine by me as long as I don't have to pay.

[mojomom]

I totally support your right to give your information away in return for services if that is what you want to do. But web user agreements need to be clear, communication from companies needs to be honest, products should be safe, and in my book users should be in control of their information--for example, you should have the right to remove your personal information from a company's servers at your request. Right now many sites fall short of my personal standards of customer respect and privacy protection, so I am declining to participate. I worry that other services are secretly abusing my personal information (ie selling my info when I went to a site to conduct a paid business transaction) and the current Facebook example inflames these concerns.

[ten90jwhite]

In that case, it seems like people should be more upset at the companies giving their information than the company (Facebook) receiving it.