November 27, 2007
@ 04:00 AM

Recently I’ve read a number of negative posts about the Facebook Beacon which highlight how easy it is for a company to completely misjudge the privacy implications and ramifications of certain features in social software applications.

Charlene Li, a Principal Analyst at Forrester Research who specializing in social software trends and marketing, writes in her blog post Close encounter with Facebook Beacon  

I put a lot of trust in sites like Facebook to do the right thing when it comes to privacy. After all, the only stuff that gets out into the public is the stuff that I actually put in. Until now.

Earlier this week, I bought a coffee table on When I next logged into Facebook and saw this at the top of my newsfeed:

I was pretty surprised to see this, because I received no notification while I was on that they had the Facebook Beacon installed on the site. If they had, I would have turned it off.

I used my personal email address to buy the coffee table, so I was puzzled why and how this "personal" activity was being associated with my "public" Facebook profile.

David Treadwell, a corporate vice president of Windows Live, writes in his blog post entitled Blockbuster, you're fired

Yesterday evening, I decided to add a few movies to my Blockbuster queue. Upon adding movies, I was surprised to see toasts from Facebook showing up on the Blockbuster site indicating that something was being added to my Facebook news feed. When I finished adding movies, I went to Facebook to see what was going on. I was then quite surprised to learn that Blockbuster and Facebook were conspiring to broadcast my movie selections to my Facebook friends.

I am not normally uptight about privacy issues, but you guys really crossed the line on this one:

  • I had never told either Blockbuster or Facebook that you should share my movie selections with friends.
  • Neither of you asked me if you could take this action. You just went ahead and did it, assuming that I would not mind.
  • This sharing of information about me without my informed consent about the mechanism of sharing is absolutely unacceptable to me.

You can find similar complaints all over the Web from similarly Web savvy folks who you typically don’t see griping about privacy issues. In all of the complaints raised, the underlying theme is that Facebook violated the principle of putting the user in control of their user experience.

As someone who works on a competing service I have to give the folks on Facebook credit for shipping the Facebook Beacon so quickly. I assumed something like that was still about six months away from being on their radar. I do give them poor marks when it comes to how this feature has been rolled out. There are several problems with how this feature has been rolled out when it comes to how it affects their users.

  1. Linking identities and data sharing without user permission: One of the thinks people have found creepy about this feature is that they are automatically discovered to be Facebook users on sites that they have not told they use Facebook. In Charlene’s case, she actually uses different email addresses to log in on both sites which must have seemed even doubly weird to her at first. As Ethan Zuckerman points out in his post Facebook changes the norms for web purchasing and privacy this completely upturns user expectations of how privacy on the Web works especially when it comes to cookies.  

    It's a genuine concern that Facebook has opened a Pandora's box when you consider what could happen if it is deemed socially acceptable for Web sites to use cookies to actively identify users across sites as opposed to the passive way it is done today. I’m sure the folks at Google would be excited about this since thanks to AdSense and DoubleClick, they  probably have cookies on every computer on the Web that has cookies turned enabled in the Web browser. Today it’s Facebook, tomorrow Amazon and eBay are posting your purchase history to every OpenSocial enabled web site courtesy of the cookies from these sites or from Google ads on your machine.

  2. No global opt-out: There is no way to turn off this feature. The best you get is that when a site tries to publish an update to your news feed and mini-feed, you get an entry for the site added to your Privacy Settings for External Websites page on Facebook. I guess it never occured to Mark Zuckerburg and Justin Rosenstein that not sharing my purchase history with Facebook is a valid privacy option. Why do I have to police this list and refer back to it every couple of days to figure out if some new Web site is now publishing my private data to Facebook without my permission? 

    I expect that kind of myopia and hubris from the Googles and Microsofts of the world not Facebook. Wow, the honeymoon lasted shorter than I expected.

I suspect that Facebook will loathe fixing both issues. The first issue can’t really be solved by having partner sites provide an opt-in mechanism because there is the valid concern that (i) people won’t opt-in to the feature and (ii) the experience and messaging will vary too much from site to site for users to have a consistent set of expectations. This then points to Facebook having an opt-in page for partner sites that is part of the Facebook settings page for this feature but that may start getting away from the add 3 lines of code to reach millions of users sales pitch which they have going. Adding a global opt-out button is also similarly fraught with down side for Facebook.

At this point, they’ll have to do something. I’ll be impressed if they address both issues. Anything less is simply not good enough.

PS: The technically inclined folks in the audience should take a look at Jay Goldman’s excellent Deconstruction of the Facebook Beacon Javascript. Found via Sam Ruby.

Now playing: Eightball & MJG - Relax & Take Notes (feat. Project Pat & Notorious B.I.G.)


Tuesday, November 27, 2007 9:37:33 AM (GMT Standard Time, UTC+00:00)
Good article Dare. But I feel we are addressing a sub problem and not the underlyng issue. It is not about Beacon, SocialAds or privacy. The problem with Facebook and most other social networking sites is that their business model (free but ad-based) service fails to address user need. It leads to walled gardens and data hogging. It is masked by providing the user a "free" service. The cost at which it comes free, advertisement, is taken gladly by the user, because he does with it what he did in other media as well, he ignores it. And the user? He doesn’t care. He gets spoiled with “free” stuff, that isn’t free at all. But the bill isn’t payed by him, so who cares. It is the most worthless driver for a business model. If ignorance and indifference were the main driver for a web 2.0 company I’d fire the CEO and proclaim the main investors to be idiots!
We need to get rid of this flawed business model and think user value instead. It would solve many of the current web 2.0 issues like data portability, privacy, identity etc.
Tuesday, November 27, 2007 12:08:47 PM (GMT Standard Time, UTC+00:00)
I wonder if an "opt-out of Facebook" could be a viable solution. Maybe a mass migration a la lemming style would make them change their behaviour.

I have to admit though that I am one of those people who can't see any use for having a Facebook account. (Note: any use for me. For others, there must be some use of the site)
Tuesday, November 27, 2007 3:07:35 PM (GMT Standard Time, UTC+00:00)
The image from Charlene Li's blog that shows what Facebook put in her news feed is missing from your quote. It makes the quote kind of confusing when you read it and the image is missing. I had to follow the link to her blog just to see the image.

Thanks for letting me know about this issue!
Tuesday, November 27, 2007 5:07:37 PM (GMT Standard Time, UTC+00:00)
At the Web 2.0 Summit I asked Marky Z why I had a Facebook page when I didn't click-on-the-link in conformation email telling me they were going to suck-down my address book. He giggled and said it was a glitch, but how many more glitches are now called members?
Wednesday, November 28, 2007 5:52:09 AM (GMT Standard Time, UTC+00:00)
I found the global opt-out.

As soon as I read this, I zipped over to my Blockbuster account and looked for the javascript to verify where it was loading from. I added "" to my Adblock filters.

No more beacon for me.

- Dave
David Bullock
Wednesday, November 28, 2007 11:33:54 PM (GMT Standard Time, UTC+00:00)
I bet Zuckerberg himself does not use this Facebook Beacon "feature"
Hashim Warren
Comments are closed.