I call it Sneakcon - they call it Beacon, not much difference there when you find out that affiliated websites (affiliated with FB) - were sending your information to your friends on FB despite your having LOGGED out of their site.
How did they figure this out? Well, simple - network monitoring via WireShark (I saw it on the blog of the original CA researcher that found this activity).
The idea behind Beacon was to send out info on your online habits to your friends on the site. However, soon people started complaining that the surprise element behind their surprise gifts were ruined because the intended recipient got to know of the purchase. Well, that's fine, and you can turn it off, but not even when you're logged off?? Whoa - that's serious breach of trust in my opinion.
As a reference, see this:
http://www.cio-today.com/story.xhtml?story_id=010000ZKE6WS
So, they track non-users as well - except that they will discard the data if it did not include an FB cookie saying it's an FB user - and then even if you were an FB user and even if you'd opted out of the 44 websites that work with FB, your info will STILL be sent except they won't process it (because you'd opted out). I don't think this is a good idea. Doesn't matter if you throw away the information or not: if I'm not an FB user you have NO RIGHT to my data. And who's to say the data is being REALLY thrown out? Who audits that?
You should know that you have to opt out ONE BY ONE - not all of the sites simultaneously. Couldn't be more painful than that. And considering how popular the site is, what if hundreds of companies choose to join the program. You'd have to constantly change your preferences to avoid opting in. It should be the reverse - unless you chose to opt in, nothing about you should be known to anyone.
This is why they are in very serious need of a customer privacy advocate, someone who can dispassionately identify such issues and guide the misguided person that chose to implement it so that people don't start abandoning the site or decide against joining it.
I'm quite sure that many people have decided not to join FB after this fiasco. I know I won't.
Be safe!
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment