Privacy advocates hail Facebook's plan to shutter Beacon

Computerworld - Privacy advocates are applauding Facebook's willingness to shut down its controversial Beacon service as a part of a broader settlement in a class-action lawsuit against the company.

The move signals an overdue acknowledgement by the popular social-networking site of the need to give users more control over their personal data and how it is shared, they said.

"Beacon was a disaster, not because it used people's personal information for commercial marketing purposes," said James Grimmelmann, an associate professor at New York Law School. "It was a disaster because it used people's personal information commercially and then rubbed their faces in it, literally."

Facebook on Friday said that it was willing to shut down Beacon and create a settlement fund of $9.5 million to resolve a lawsuit filed against it in August 2008. The suit, filed in San Jose, alleged that Facebook and Beacon affiliates such as Blockbuster and Overstock.com had violated several privacy laws, including the Electronic Communications Privacy Act and the Video Privacy Protection Act, when they shared data about Facebook users with each other.

A similar but separate lawsuit involving Blockbuster's participation in Beacon is currently pending in Texas. It is not clear whether the proposed settlemen will affect the Texas litigation as well.

Facebook's Beacon service was released in early November 2007 as a part of the Facebook Ads platform. It was designed to track the activities of Facebook users on participating Web sites and to report those activities to the users' Facebook friends unless specifically told not to do so. For instance, a Facebook user's purchase of an item on a participating vendor's Web site was immediately broadcast to that user's friends, unless the user specifically opted out of such notifications.

But the stealthy nature of the service, its intrusive tracking of users and the extensive sharing of user information between Facebook and its Beacon affiliates resulted in an outpouring of protest against the service. Though, Facebook tweaked Beacon several times to make it more user-friendly, the concerns persisted. Grimmelmann, for instance, was among the first to question whether Blockbuster was violating the Video Privacy Protection Act when it shared information about a Facebook's users movie choices to others.

The big problem with Beacon was that the information Facebook collected was not being used to help users but to help affiliates sell goods, Grimmelmann sai8d. "It interfered with people's self-presentation, turning them into shills against their will," he said. "Beacon wasn't just illegal, it was a bad idea -- it made it obvious to users that large, impersonal companies were pushing private data around in order to hijack their identities and mess up relationships of friendship and trust."

Grimmelmann called Beacon "an intensely alienating, unforced error by Facebook."

Marc Rotenberg, executive director of the Washington-based Electronic Privacy Information Center (EPIC), welcomed Facebook's decision. But he said he hopes the settlement in San Jose does not preclude the litigation in Texas, where EPIC has filed a friend-of-the-court brief supporting the plaintiffs. According to Rotenberg, it is almost certain that federal privacy laws were broken if Blockbuster shared information about an individual's movie rental habits with other Facebook users while participating in Beacon.

As such, that case needs to be allowed to move ahead, he said.