homepage Welcome to WebmasterWorld Guest from 54.166.108.167
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / WebmasterWorld / Community Building and User Generated Content
Forum Library, Charter, Moderators: rogerd

Community Building and User Generated Content Forum

    
Facebook Beacon Notifications Changed Due To Privacy Fears
engine




msg:3517017
 11:32 am on Nov 30, 2007 (gmt 0)

Confronted with mounting privacy protests, Facebook.com has scaled back a Web monitoring feature that notifies one's friends when the Facebook user visits affiliated Web sites, the company said on Thursday.

In a statement, the Palo Alto, California-based company said it was making a several changes to a recently introduced feature called "Facebook Beacon" in the wake of a petition signed by 50,000 Facebook users to scale back the feature.

Facebook Beacon Notifications Changed Due To Privacy Fears [reuters.com]

 

weeks




msg:3517485
 8:13 pm on Nov 30, 2007 (gmt 0)

When we read about "privacy fears" on the web, we typically think of Russian code monkey's trying to capture our bank account passwords, etc.

This ain't that: This is all of your friends knowing your every activity. "Beacon" was going to tell them when you bought movie tickets online and what movie you were going to see, for example. And what music you were purchasing. Etc.

This makes it all too clear that Facebook's young punks are just that: punks.

For those of us with websites which need more than the typical info about our users (i.e., credit card, age, phone number), Facebook's irresponsible actions have done us a real disservice by creating an atmosphere of distrust.

I got suckered like this in the early days of the web going to work with an email driven application. It was a very good product, but then the spam wave hit and I couldn't get my mother to sign up.

I am more than a little concerned about this. And you should be as well.

balam




msg:3517350
 5:37 pm on Nov 30, 2007 (gmt 0)


System: The following message was spliced on to this thread from: http://www.webmasterworld.com/community_building/3517488.htm [webmasterworld.com] by engine - 8:20 pm on Nov. 30, 2007 (utc 0)


PCWorld: Facebook Alters Notifications After Privacy Furor [pcworld.com]

Confronted with mounting privacy protests, Facebook.com has scaled back a Web monitoring feature that notifies one's friends when the Facebook user visits affiliated Web sites, the company said on Thursday.

In a statement, the Palo Alto, California-based company said it was making a several changes to a recently introduced feature called "Facebook Beacon" in the wake of a petition signed by 50,000 Facebook users to scale back the feature.

Dang, now I'll have to actually wait until Christmas to find out what The Girlfriend got me!

jtara




msg:3517521
 8:50 pm on Nov 30, 2007 (gmt 0)

When we read about "privacy fears" on the web, we typically think of Russian code monkey's trying to capture our bank account passwords, etc

Ah, but Russian code monkeys work in secret and silently, and never affect you until/unless your credit card is used fraudulently.

So, most people don't think about it much.

The side-effects of this were instantly obvious to users, and so the uproar.

What amazes me is that it wasn't instantly obvious to Facebook management. What were they thinking? Are they so out of touch with the real world that they thought this would go over as anything but a lead balloon?

Maybe this will make Google re-think some of their plans.

(I fear, though, that they will only alter their plans insofar as making their snooping as transparent and non-obvious as possible.)

Chico_Loco




msg:3517630
 10:54 pm on Nov 30, 2007 (gmt 0)

What amazes me is that it wasn't instantly obvious to Facebook management. What were they thinking? Are they so out of touch with the real world that they thought this would go over as anything but a lead balloon?

Mark Zuckerberg is Twenty-something years old. I respect that he's built something that's used by so many people (temporarily forgetting that the idea was allegedly stolen from others), and I've heard a lot of people trying to suck up to him, but I think this is a good example of why a person that young shouldn't be in charge of such a company. He could take a page from the Larry / Sergey book and recognize that he'd be better off hiring a true executive to keep things in check. The bigger problem (even more than this) is simply the fact that he doesn't have the business experience to negotiate and optimize business deals. There's nothing wrong with that either - he's got his whole life to learn how to do it right.

I first heard about this Beacon thing when I was at a large NYC advertising agency. My very first question was whether this was opt-in or out-out. I couldn't believe that it was going to be opt-out. I simply knew this was coming, and I'm not all that much older than Mark :) - though I have been an internet entrepreneur for longer than he.

Oh, and by the way, let us not forget that this has happened before [nbc11.com] to facebook.

- Darrin Ward

[edited by: Chico_Loco at 10:59 pm (utc) on Nov. 30, 2007]

jomaxx




msg:3517772
 5:15 am on Dec 1, 2007 (gmt 0)

Even as an opt-in feature this sounds like a nightmare, guaranteeing a never-ending string of bad PR over people being embarrassed, fired, sued, stalked, divorced, defrauded or even arrested due to participating in Facebook.

walkman




msg:3518128
 5:27 pm on Dec 1, 2007 (gmt 0)

in behavior lies the real money so they are trying to test the limits of acceptance by its users. Expect more of these ideas

isorg




msg:3518288
 9:03 pm on Dec 1, 2007 (gmt 0)

people being embarrassed

What I don't get about social networking sites is that people are naive enough to let their hair down. Or maybe I'm just too uptight :-)

My Facebook profile is totally geared for potential clients and business partners to get to know me - so, educational profile, some interests, product photos etc. and I abjectly ignore anything to do with any of the so-called "applications". Even the "fun wall".

But my co-workers have photos of nights out, getting drunk, compromising positions, the works. They do this intentionally and voluntarily and don't mind who sees it.

What am I missing here?

plumsauce




msg:3518294
 9:19 pm on Dec 1, 2007 (gmt 0)

What amazes me is that it wasn't instantly obvious to Facebook management. What were they thinking? Are they so out of touch with the real world that they thought this would go over as anything but a lead balloon?

The bigger problem (even more than this) is simply the fact that he doesn't have the business experience to negotiate and optimize business deals. There's nothing wrong with that either - he's got his whole life to learn how to do it right.

It amazes me too.

But, being 23 is no excuse.

Notice that the users of the same age range recognised the problem as it related to them personally.

All he had to do was use the golden rule, "do unto others ..."

In other words, "would this be acceptable to me as a user?"

It amazes me how multi-million dollar properties are constantly jumping off a cliff without much thought other than how "cool" some "feature" is going to be.

Do thousand dollar bills have some mind altering chemical in the printing ink? It seems to have a common effect on all those who possess them. At least Paris Hilton is easy on the eyes :)

ambellina




msg:3518358
 11:23 pm on Dec 1, 2007 (gmt 0)

I don't get how this feature could be useful. I don't care if some kid I haven't talked to since middle school bought a tee shirt. Someone probably figured out that they could show that mess, so they did, just to show off. Sillies.

tedster




msg:3518363
 11:31 pm on Dec 1, 2007 (gmt 0)

The story has taken a new turn today.

Facebook's Misrepresentation of Beacon's Threat to Privacy:
Tracking users who opt out or are not logged in.

Facebook is collecting information about user actions on affiliate sites regardless of whether or not the user chose to opt out, and regardless of whether or not the user is logged into Facebook at that time. The evidence I present below directly contradicts both public statements made by Facebook, and direct email correspondence from their privacy department, demonstrating that Beacon is a serious threat to user privacy.

Computer Associates story [community.ca.com]

The issue here, according to other coverage on PCWorld [pcworld.com] is that the investigator from CA was told by Facebook's privacy department that "as long as you are logged out of Facebook, no actions you have taken on other websites can be sent to Facebook."

walkman




msg:3518422
 2:04 am on Dec 2, 2007 (gmt 0)

wow! Nothing like having 1000's of computers wizards on your back, especially when you're lying. How stupid do they have to be to do this thing (lying that is)?

I expect them to tone down bit by bit till the users accept something. But now it seems like they will be chalaneged on each step.

Update: " If a Facebook user clicks "No, thanks" on the partner site notification, Facebook does not use the data and deletes it from its servers. Separately, before Facebook can determine whether the user is logged in, some data may be transferred from the participating site to Facebook. In those cases, Facebook does not associate the information with any individual user account, and deletes the data as well."
[community.ca.com...]
Oh Ok ;)

plumsauce




msg:3518432
 2:27 am on Dec 2, 2007 (gmt 0)

wow! Nothing like having 1000's of computers wizards on your back, especially when you're lying. How stupid do they have to be to do this thing (lying that is)?

Seems to me that the viewpoint amongst the navel gazers is that anything goes on the internet as long as you can write a sufficiently weasel worded tos and privacy policy.

In other words, anything goes as long as you aren't one of those "feelthy" peddlars of blue pills using email.

"We're soooo much better than those spammers".

Um, actually no. At least they sell a real product with a real business plan. Such as it is.

Just rantin' away while I wait for Bubble 2.0 to pop. :)

Has CNN picked this up yet? (fingers crossed tightly)

jtara




msg:3518439
 2:46 am on Dec 2, 2007 (gmt 0)

Facebook should have taken the money (investment, buyout) while it was on the table from several sources.

They are finished.

I'll bet their new sign-ups drop off a cliff and never come back, after the major headline news stories that are sure to come.

Shouldn't this be blockable by setting your browser to send cookies only to the same site? We all have that setting, right?

(I observe a strict opt-in cookie policy. All cookies are blocked. I have to enable them for specific sites that need them.)

Or are they doing this some other way? If not with cookies, wouldn't this be cross-site scripting? Aren't browsers supposed to prevent that?

They can always match-up IP addresses, though that's not completely reliable.

The big problem is that this doesn't end with Facebook. Facebook will fade, I am confident at this point. But others with even less-scrupulous motives will carry on where they left off, forcing browsers to get more and more paranoid.

Glad I never signed-up for Facebook. At this point it is more intrusive, silly, and useless than MySpace ever was. And that's saying a lot!

Any bets on which comes first? The demise of Facebook, or the breakup of Belgium into of Flanders and Wallonia? ;)

Chico_Loco




msg:3518459
 3:40 am on Dec 2, 2007 (gmt 0)

[forbes.com...]

Coca Cola have apparently backed down from using Beacon...

“We have adopted a bit of a ‘wait and see’ as far as what we are going to do with Beacon because we are not sure how consumers are going to respond,” said Carol Kruse, Coke’s VP of global interactive marketing

Darrin J. Ward

skibum




msg:3518528
 8:03 am on Dec 2, 2007 (gmt 0)

In order to "not track" or record what users do, don't you have to track them so you know not to track them or save the data?

Habtom




msg:3518533
 8:14 am on Dec 2, 2007 (gmt 0)

Leaving the issue being tracked down on other sites aside, can somebody tell me why people use facebook?

Virtual socialization?
Reaching out old friends?

[edited by: Habtom at 8:16 am (utc) on Dec. 2, 2007]

lorenzinho2




msg:3518925
 11:23 pm on Dec 2, 2007 (gmt 0)

< They are finished.

wanna bet?

walkman




msg:3518949
 12:18 am on Dec 3, 2007 (gmt 0)

Hong Kong billionaire takes $60M Facebook stake
0.4%...$15 billion market value.

[afp.google.com...]

ronin




msg:3518967
 12:55 am on Dec 3, 2007 (gmt 0)

can somebody tell me why people use facebook?

Well I don't know about all the silly knick-knacks but, as a communication tool:

1) It's less of an interruption than instant messaging: it's asynchronous communication rather than synchronous.

2) As asynchronous communication it's quicker and less laborious than sending email or text messaging. (Especially when contacting multiple recipients).

3) The newsfeed is probably the most efficient communication tool ever developed for telling multiple friends short snippets about what have you been doing / are planning to do.

amznVibe




msg:3519212
 12:24 pm on Dec 3, 2007 (gmt 0)

Wait 'til people find out that yahoo has been using beacons for nearly a decade.

Rosalind




msg:3519230
 12:46 pm on Dec 3, 2007 (gmt 0)

Facebook are currently getting a lot of free publicity on British TV. At the moment it's flavour of the month as various presenters talk about their Facebook pages, but next month it'll be the next internet fad. I suspect it will fade, whether or not there are scare stories about this issue.

I don't think the underlying privacy issue will disappear, however. People will still put their lives online, and still allow themselves to be tracked in detail, in spite of the consequences.

piatkow




msg:3519257
 1:28 pm on Dec 3, 2007 (gmt 0)

I had words with my daughter about what she put on Facebook some time ago. She insisted there were no problems and half a year after graduating she is still unemployed!

HelenDev




msg:3519404
 5:11 pm on Dec 3, 2007 (gmt 0)

They are finished.

I seriously beg to differ on that one. I suspect that a lot of the venomous and negative comments I keep seeing about FB are from people who don't use it and don't understand it.

can somebody tell me why people use facebook?

I'll happily admit to using it. It is a great way to keep in touch, especially with my real-world friends who I don't get around to seeing that often but who I actively want to chat to and share pics and stuff with. I don't generally disclose my personal information to anyone but my friends, all of whom I know in the real world.

It is a big deal and social networking is absolutely here to stay. It's quite a new technology and a lot of it relies on innovation and cross referencing from different activities and sources. Therefore it's not surprising that there will be a few issues around privacy which will probably be ironed out in the course of time.

Hopefully it will become more sophisticated in the future and you will be able to separate out your work and leisure interests in FB without too many problems. FB already allows this to some extent with the Limited Profile option.

JS_Harris




msg:3519915
 5:40 am on Dec 4, 2007 (gmt 0)

As if using the members to earn affiliate income isn't enough telling your friends they should too since you did is pathetic imo.

There is clearly no regulation on privacy and the internet.

balam




msg:3520217
 4:13 pm on Dec 4, 2007 (gmt 0)

PC World: Facebook Admits Ad Service Tracks Logged-Off Users [pcworld.com]

Facebook has confirmed findings of a Computer Associates security researcher that the social-networking site's Beacon ad service is more intrusive and stealthy than previously acknowledged, an admission that contradicts statements made previously by Facebook executives and representatives.

PC World: Facebook's Beacon Ad System Also Tracks Non-Facebook Users [pcworld.com]

If you think that just because you have never signed up for Facebook you're immune to the tracking and collecting of user activities surrounding the popular social networking site, think again.

Facebook's controversial Beacon ad system tracks the activities of all users of its third-party partner sites, including people who have never signed up with Facebook or who have deactivated their accounts, CA (Computer Associates) has found.

Emphasis mine.

Any guesses on their next lie?

jtara




msg:3520348
 7:19 pm on Dec 4, 2007 (gmt 0)

Ah, the second article clear-up the mystery as to how Beacon works, and bring up a point of caution for webmasters.

It's pretty simple. The partner sites include a call to Javascript code on Facebook. The Javascript code does the tracking. Browsers don't consider this "cross site scripting" - even though it is literally that - because it is done with the cooperation of the partner sites.

("Cross-site scripting - as in the "bad" "cross-site-scripting" - refers to a site trying to reach into the pages of another NON-partner site that happens to be open in the same browser.)

Of course, this is done all the time by probably the majority of sites on the net - Adsense, etc.

Now, here's the caution for webmasters: do you really know what the Javascript applets your site loads from partner sites really does?

It used to be, you were given a snippet of Javascript code to include in your page. You plugged it in manually, it was short, and when you plugged it in, there it was for you to see.

The trend lately, though, has been to provide a snippet of Javascript code to be placed where the widget is to appear (if there is a visable widget), plus a line to include a Javascript library from the the partner site.

The rationalization for this, I suppose, is that this allows fancy GUI effects, greater functionality, etc.

If you're doing this with any partner sites, do you know what their included Javascript code does? Have you ever looked at it? Have you tracked changes to the code, and assured yourself that it's not doing anything nasty to your users? Does the site notify you of changes? Do they really tell you anything beyond "put this line at the top of your file"?

When you load Javascript code from another site, you should be very cautious. If it's a lot of code, you probably have no idea what it is doing, and it would be costly and time-consuming to determine. And it could change at any time.

And if that Javascript code sends data to the partner site, of course you have no idea what is happening to that data once it is delivered to the site. You can't examine their server-side code.

In this case, an examination of data packets (rather than an examination of the code) revealed that data was being sent all the time - for logged-in, logged-off, opted-out, and non-Facebook users.

I see a more widespread problem. Facebook just brought it to the surface.

Do you examine your partner-site Javascript code? Do you examine sessions with a protocol analyzer? Do we need to start doing this?

balam




msg:3521347
 1:39 am on Dec 6, 2007 (gmt 0)

The Register: Facebook CEO capitulates (again) on Beacon [theregister.co.uk]

Facebook CEO Mark Zuckerberg has issued a mea culpa to his 56 million users, saying he failed to give them the ability to control the personal information that is shared with others. He also announced a new switch that with one flip allows people to completely turn off the feature, which is dubbed Beacon.

"We simply did a bad job with this release, and I apologize for that," Zuckerberg wrote in a blog post on Wednesday. "People need to be able to explicitly choose what they share, and they need to be able to turn Beacon off completely if they don't want to use it."

See this thread as well: Follow-up: Facebooks on Beacon "we did a bad job" [webmasterworld.com]


> Do you examine your partner-site Javascript code?

Not as closely as I should have.

> Do you examine sessions with a protocol analyzer?

Now I will!

> Do we need to start doing this?

Excellent idea!

jtara




msg:3522586
 5:56 pm on Dec 7, 2007 (gmt 0)

LOL, a blog on C¦Net today proposes a new job title needed at Facebook:

VP of Adult Supervision

The problem is that Facebook's users aren't only people like their mind-blowingly young executives and programmers. A large proportion of their users are over 35. We don't appreciate having our privacy stomped on, and just because we want to participate in social networks, we don't necessarily want to live our lives in an exhibitionist fishbowl. Product design suffers when a grown-up perspective is not taken into account.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Community Building and User Generated Content
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved