Facebook's Beacon just the tip of the privacy iceberg
Similar (or worse) tracking and information collection rampant across industry
Computerworld - Facebook's Beacon ad service may, ironically, be the best thing that's happened to the online privacy movement in a while.
The controversy raised by the social networking site's use of the Beacon technology has helped drag into the open the widespread but hitherto largely hidden problem of online consumer-tracking and information-sharing, according to privacy advocates.
"This Facebook debacle is in one way very good, because it shows people just what is happening," said Pam Dixon executive director of the World Privacy Forum. "There are other sites and other places where very similar data arrangements exist, but it is all happening under the radar and people simply don't realize it."
A bushel of Beacons, and worse
Facebook's Beacon was released in early November as a part of its Facebook Ads platform. It is ostensibly designed to track the activities of Facebook users on more than 44 participating Web sites, and to report those activities back to the users' Facebook friends, unless specifically told not to do so.
The idea is to give participating online companies a way to monitor the activities of Facebook users on their Web sites and to use that information to then deliver targeted messages to the friends of those Facebook users.
But the relative lack of disclosure about what was going on -- and the relative difficulty involved in opting out of the program -- has led to a maelstrom of criticism against Facebook over the past few days. Adding fuel to the fire have been a series of damaging disclosures by a CA Inc. security researcher that show that Facebook's tracking was far more invasive and extensive that the company originally let on.
According to the researcher, Facebook's Beacon tracked the activities of users even if they had logged off from Facebook and had declined the option of having their activities on other sites broadcast back to their friends.
Likely to be even more damaging was another disclosure Monday afternoon that Beacon's tracking did not stop with just those of Facebook users. Rather, it tracks activities from all users in its third-party partner sites, including IP address data of people who never signed up with Facebook or those who deactivate their accounts.
Unfortunately, such tracking is not at all unusual in the online world -- it's far more the norm than the exception, Dixon said. "One of the things we have been saying about behavioral advertising is that people don't know it's happening.... You have to be tremendously technically savvy to know what is happening under the hood," she said.
Dixon's organization was one of was one of nine privacy advocacy groups that in October submitted a proposal to the Federal Trade Commission asking the agency to consider implementing a Do Not Track list to protect people from having their online activities unknowingly tracked and used by marketers. The FTC itself held a two-day workshop in early November to hear industry and consumer views on online tracking and behavioral-based advertising amid growing concerns about the privacy implications of those activities.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts