Facebook Privacy: Site Confirms It Tracks You After You Leave(abcnews.go.com) |
Facebook Privacy: Site Confirms It Tracks You After You Leave(abcnews.go.com) |
I'm not worried about the ethics of Facebook. I don't think a site like Facebook should be prevented from doing this openly. I'm worried about whether I can ethically include all these social plugins knowing that they will, in my opinion, invade my users' privacy.
You can host an image locally, and create a link using it. You don't need to hand over the browser of all of your visitors to one or more AD companies by letting them execute arbitrary JavaScript on your pages.
Things like Facebook's "share" and Twitter's "tweet" buttons don't execute any arbitrary (i.e. not specified by the developer) JavaScript.
EDIT: Here is a Slashdot discussion[1] about a German newspaper who did that, and here's[2] the link to their jQuery plugin who does just that: only load FB code when the user clicks on the button. It's in German, but translation services are good enough nowadays.
EDIT2: And here's[3] the HN discussion.
[1]: http://slashdot.org/story/11/09/03/0115241/Heises-Two-Clicks...
* As a site operator, particularly if you're keen on 'organic' and free traffic, you need to keep on top of the latest in search engine and social marketing. Facebook and other social networks are becoming more important as traffic sources, as 'recommendations' from friends become more trusted. Bing and Facebook reached a deal to prioritize some results based on social recommendations ('likes'), and Google is rolling their own solution, so site owners have incentives to include the links.
* As a user, you generally want to see the most trusted results you can, and occasionally may want to recommend sites to your friends. Facebook's verbs 'like' and 'share' work well here - Google's '+1' is a little more opaque to most web users I'd suspect, but they're trying to convey the same intention.
* As Google/Facebook, you want as much data as possible about the behaviour of web traffic - search, engagement/interaction, conversion rates, even raw traffic figures. Even if people aren't interacting with these widgets, they are still often served up by AJAX from the source. This implies that Google/Facebook/etc see an incoming HTTP request, and sometimes associated cookies/referers. Add a little GeoIP and other user analysis, and you have very valuable data on aggregate.
All these generally seem like 'wins' for the parties involved - and that's usually the sign of good business taking place. For me, the main concern is that all this data belongs not to the general public, but to the widget providers, and large information disparities in any situation can be abused.
actually, what started the decline was the very subject of this article. I don't like Facebook watching where I go, and I started putting Facebook in another browser; naturally, I'm on Facebook less because it's harder to get to.
What was it that Dennis Ricthie said about his move to Bell Labs? Something like "It was 1968 and working on military projects just didn't feel right." He went on to make an enormous contribution and, we hope, preserved his peace of mind at the same time. You will never regret taking the high road. Just an opinion.
WARNING: STRONG LANGUAGE! ;)
"d00d, Quit being a FUCKING ASS": http://www.pigdog.org/auto/software_jihad/link/2581.html
It is becoming more and more obvious that we are nothing more than a pile of data to facebook, they don't look at us human beings who have a need for respect and privacy, but as potential data and revenue. I have always gotten the feeling that they think we are 'too dumb' to catch on, it's only a matter of time until the bubble bursts. They may still be a billion dollar company but the respect and loyalty will shift when something greater is envisioned and realized.
A scary aspect of Facebook is that most users are completely unaware and care-free. Their friends are on there, so why should they leave? A lot of my friends are leaving for Twitter because of the recent porn spam and the ticker nonsense, but that's a tiny chunk of the userbase (maybe a few hundred at the most).
> He emphasized that Facebook makes it a point not to do this. " We've said that we don't do it, and we couldn't do it without some form of consent and disclosure," Bejar says.
A better title would be "Facebook /could/ track users via the Like widgets, but doesn't do it yet"
I highly recommend it. Be aware that it does block disqus by default, I usually whitelist that one.
However, I'm happy that most of the time it prevents the annoying features of a page from loading.
Hint: Facebook is not alone in doing this.
This combo makes your browsing a little frustrating, but very educational. Try it, even for a day and be amazed at how many sites load content and scripts from 8, 10, or more unrelated domains.
I gave up trying to keep an up-to-date host file for all the web beacon/scam urls. I just vet requests now as they occur. You wanna believe it has changed my surfing habits.
/s/facebook/any other social service you intend to use.
[1]: http://fluidapp.com
No doubt that's either dumb, not possible, or something someone already thought of.
It means I can't comment on a growing number of sites that use fb for their comments system, but that is no loss to me in my not-so-humble opinion.
I am thinking of something that does not interact with the user but captures some of their web usage based on their consent. Would love to share it with the community when its ready!
Sure, Facebook can see sites you visit which use Facebook Connect in some form, but can they actually "create a running log of the web pages that each of its 800 million or so members has visited during the previous 90 days" like the article claims?
1. Doesn't have a Facebook account.
2. Runs NoScript to whitelist scripting and site trust.
3. Runs Cookie Whitelist to whitelist cookies.
4. Runs BetterPrivacy to wipe Flash/LSO cookies.
5. Runs Adblock Plus to prevent viewing ads wherever possible.
?
That said, at least some like Heise.de, have put in place solutions that do not add to the underlying problem.
a) You want to allow some service (I allow disqus, for example): disable blocking for the service b) A site requires facebook/twitter to log in, or you trust the site: whitelist the site (allows all tracking scripts)
I do wish it had a "allow by domain" so I could allow e.g. just facebook on just turntable.fm so I can log in, but not allow all of ttfn's other trackers.
Works fine on abc.com ;) http://screencast.com/t/01D8EF6AH5ij
http://www.google.com/support/analytics/bin/answer.py?answer...
GA users can choose to "share" their data with Google, and this page describes the advantages users will get if they choose do to so.
In theory, using a separate browser is not adequate protection from tracking. The Flash Player's "Shared Objects" (aka Flash cookies) are stored in a common directory, so the same Flash data is accessible from any browser running as the same user. I do not believe Facebook's tracking is this nefarious, but the method would be quite easy to implement.
Firefox and multiple firefox profiles isolate cookie storage and I also use Fluid on OS X to build site-specific browsers. The paid version offers a feature to isolate cookie storage within each app.
If that's true then it's utterly insane. This StackOverflow question from 2008 seems to confirm what you're saying, though:
http://stackoverflow.com/questions/364219/how-can-i-have-mul...
I really hope it isn't still the case...
Where are you getting this? Safari and Chrome (both built on webkit) definitely do not share cookie stores on OS X.
The easiest way to test this is with Safari and any of the OS X site-specific browser or http debugging tools.
I think you're referring to other applications which embed Safari's rendering engine. I wouldn't really call those browsers.
New browser feature - open this site in a temp VM.
I would encourage browsers that support isolated profiles, multiple browsers that don't share cookie storage, or using a jailed site-specific browser approach.