I originally published this blog at http://community.ca.com/blogs/securityadvisor
Published Dec 11 2007, 04:59 PM by Benjamin Googins
“Facebook Beacon is a means of sharing actions you have taken on third party sites, such as when you make a purchase or post a review, with your friends on Facebook. In order to provide you as a Facebook user with clear disclosure of the activity information being collected on third party sites and potentially shared with your friends on Facebook, we collect certain information from that site and present it to you after you have completed an action on that site. You have the choice to have Facebook discard that information, or to share it with your friends.
To learn more about the operation of the service, we encourage you to read the tutorial here. To opt out of the service altogether, click here. Like many other websites that interact with third party sites, we may receive some information even if you are logged out from Facebook, or that pertains to non-Facebook users, from those sites in conjunction with the technical operation of the system. In cases where Facebook receives information on users that are not logged in, or on non-Facebook users, we do not attempt to associate it with individual Facebook accounts and will discard it.”
While these updates are welcome, and the universal opt-out of the posting of stories is good evidence that they are taking user privacy concerns seriously and attempting to address them, they have not yet taken the actions necessary to fully mitigate the risks posed by Beacon.
Some behaviors taken by programs (or by the entities or organizations offering programs) pose risks. From a privacy perspective, a behavior poses a risk if it involves a user losing control of their information. Beacon’s current implementation poses a risk In the case of Facebook users, who are logged in or have selected “Remember me” while logging-in in the past, the risk is higher, since the information is sent in a way which can be tied to their user profiles, which would allow Facebook or anyone else receiving the data to infer even more information about that individual. People without Facebook accounts face a smaller risk, as their information can only be tied to an IP Address and not an individual.
Beacon is an example of a new way of advertising on the web, and it offers some very interesting potentials. But new and groundbreaking systems must be designed carefully in order to ensure that they respect the rights of their users, and this is in part due to their novelty. Users do not have experience with systems like Beacon, and so designers have to be careful not to fall back on the assumed implicit consent which covers more established systems. While Facebook did not launch Beacon in a way which protected their user’s rights, they have over the past week shown a strong commitment to changing that for the better. We have been happy to see them react promptly and responsibly to this matter, and we hope to see them address our remaining concerns.
By: Benjamin Googins
Benjamin Googins is a senior engineer working on CA’s Anti-Spyware product. His primary functions include analyzing spyware and privacy breaches, fielding press inquiries, blogging and drafting documents. He has been a significant contributor to the User Permission document , Spyware Scorecard , Threat…