Facebook tracks users even when they're logged out, and without telling them
[Welcome, Harvard and Montana FaceBook users. (Yes, I checked my SiteMeter log, and no, I don't track the records. But then, I'm not a humongous corporation trying to model you and your social network, and resell and repackage the results to, well, whoever, and store the information indefinitely, without giving you the opportunity to purge it. Of course, I'm sure you've never gone anywhere online that you wouldn't be totally OK discussing in a job interview, say. I know I haven't.*)]
Facebook has confirmed findings of a CA security researcher that the social-networking site's Beacon ad service is more intrusive and stealthy than previously acknowledged, an admission that contradicts statements made previously by Facebook executives and representatives.
Stefan Berteau, senior research engineer at CA's Threat Research Group, wrote in a note about Beacon's until-then unknown ability to monitor logged-off users' activities and send the data back to Facebook.
Users aren't informed that data on their activities at these sites is flowing back to Facebook, nor given the option to block that information from being transmitted, according to Berteau.
If users have ever checked the option for Facebook to "remember me"-- which saves users from having to log on to the site upon every return to it-- Facebook can tie their activities on third-party Beacon sites directly to them, even if they're logged off and have opted out of the broadcast. If they have never chosen this option, the information still flows back to Facebook, although without it being tied to their Facebook ID, according to Berteau.
Facebook's admission over the weekend contradicts previous statements from the company regarding this issue. For example, in e-mail correspondence with Facebook's privacy department, Berteau was told, among other things, that "as long as you are logged out of Facebook, no actions you have taken on other websites can be sent to Facebook."
A similar statement was made by a high-ranking Facebook official in an interview with The New York Times published Thursday.
"If I buy tickets on Fandango, and decline to publish the purchase to my friends on Facebook, does Facebook still receive the information about my purchase?," a Times reporter asked Chamath Palihapitiya, Facebook's vice president of product marketing and operations at Facebook
"Absolutely not. One of the things we are still trying to do is dispel a lot of misinformation that is being propagated unnecessarily," Palihapitiya replied.
Well, it's all very simple.
"Absolutely not" means "Yes, definitely!"
I always knew I hated that candy-assed Web 2.0 shit; their extreme hipness disguises their extreme willingness to sell anything about me to anyone and anybody without thinking twice or even letting me know. Heck, they'd sell their own grandmothers into a brothel, if they could resell her data.
NOTE * Without even giving you a cut for the sale of your own data, for pity's sake. I mean, the least they could do is tip decently, eh?
UPDATE Please note that this story broke after FaceBook placed limits on Beacon after users protested; this is new.