Social networks may be sharing your info with advertisers
PC World - Lately, social networking sites have been bending over backwards to assure their users that user privacy is of utmost importance--but it may have all been in vain, as the Wall Street Journal discovered Thursday that several social networking sites are sharing, with advertisers, information that can be used to identify individuals.
A report in the Journal said that a number of social networking sites (including Facebook, MySpace, and Digg) may be sharing users' personal information with advertisers. Since the Journal started looking into this possible breach of privacy, both Facebook and MySpace have moved to make changes.
The practice is a somewhat defensible one -- and most of the companies involved did try to defend it -- in which the advertisers receive information on the last page viewed before the user clicked on their ad.
This is common practice all over the Web, and, in most cases, is no issue -- advertisers receive information on the last page viewed, which cannot be traced back to the user.
In the case of social networking sites, the information on the last page viewed often reveals user names or profile ID numbers that could potentially be used to look up the individuals.
Depending on what those individuals have made public, advertisers can then see anything from hometowns to real names.
The real problem is, of course, that social networking sites have the ability to obscure user names and profile ID numbers from advertisers -- but they simply haven't.
While many of the sites only reveal information about the last page viewed (which may not be the user's profile and may therefore not reveal anything about that person), Facebook was a more serious offender as it sent information on both what profile was being viewed and who was doing the viewing.
Ironically, these companies may be breaching their own terms and conditions--in which they promise not to share personal data with third parties, without the user's explicit consent and knowledge.
But as PC World reported last year, sites have a "huge amount of wiggle room with that promise."
[ Related read: Beware of privacy-policy loopholes. ]
While Facebook has made changes to fix this privacy breach (it fixed some of the code Thursday morning), the other sites claim their user names are not personally identifiable, because they don't require that users reveal their real names. Not only that, but "this is just how the Internet and browsers work," according to a Twitter spokesperson.
Anne Toth, vice president of global policy and head of privacy at Yahoo, said the advertisers don't want this personally identifying information. "If it happens to be there, we are not looking for it," she told the Journal.
Still, perhaps it's time to start thinking twice.
- Franken presses Ford on location data collection practices
- Justices let stand appeals court decision on border searches of laptops
- California lawmakers move to bar state help to NSA
- Appeals court again nixes Google's bid to overturn Street View case
- Older Mac webcams can spy without activating warning light
- Update: Judge rules NSA spy efforts may be unconstitutional
- Perspective: Privacy concerns could keep Amazon delivery drones grounded
- NSA collects data from millions of cellphones daily
- Perspective: Curbing data use is key to reining in NSA
- Lavabit-DOJ dispute zeroes in on encryption key ownership
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- What Datapipe customers need to know about the new PCI DSS 3.0 compliance standard This handy quick reference outlines what PCI DSS 3.0 is, who needs to be compliant and how Alert Logic solutions address the new...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- The Critical Role of Support in Your Enterprise Mobility Management Strategy Most business leaders underestimate the importance of tech support when they choose an EMM solution. Here's what to put on your checklist.
- Separating Work and Personal at the Platform Level: How BlackBerry Balance Works BlackBerry® Balance™ separates work from personal on the same mobile device, right at a platform level. Find out how it can work for...
- Live Webcast Best Practices for the Hyperconverged Enterprise Network To the Age of Constant Connectivity and Information overload
- Getting Ready for BlackBerry Enterprise Service 10.2 Find out how BlackBerry® Enterprise Service 10 helps organizations address the full spectrum of EMM challenges, while balancing the needs of both the...
- Containerization Options: How to Choose the Best DLP Solution for Your Organization This webcast outlines a framework for making the right choice when it comes to containerization approaches, along with the pros and cons of... All Networking White Papers | Webcasts