Friday, May 28, 2010

Social Networks Caught Sharing Users' Information

Amidst the recent furor of Facebook's privacy options changes came the news that both Facebook and MySpace, as well as many more social networking sites, were already sharing your private information. According to a damning report in The Wall Street Journal by Emily Steel and Jessica E. Vascellar, Facebook, MySpace, LiveJournal, Digg, Xanga, and other popular social networks and networking sites, have been sharing user data with major advertising firms, including Google's DoubleClick and Yahoo!'s Right Media, for some time now. Worse yet, some of this information includes members' usernames and/or real names, meaning advertisers could follow that information back to the members' profiles to learn even more about them (depending on what they had chosen to share/how their privacy options were set)!

When the story first broke, both the social networks and the advertising firms defended the practice, but many of the social networks, including Facebook and MySpace, took moves to discontinue the practice shortly before the article was published. Several of the ad firms said they were not even aware they had been receiving such information, and certainly never used it. Practically speaking, they have very little incentive to do so - even if a single member spends hundreds of thousands of dollars online every year, the resources spent targeting that single user would never justify doing so.

Advertisers, like other webmasters, receive the webpage URL on which their ad resides whenever someone clicks on that ad. As most social networks incorporate members' usernames into various URLs, such as the user's personal profile, this information was inadvertently being reported. Even if they never used it, it is impossible to believe that advertising network employees did not realize this; more likely, they never used the information and kept quiet about it because they knew the practice was in violation of industry standards - many of which were set/suggested by the ad networks themselves to stave-off government regulation.

Twitter is another social network which was found to pass user information in the same manner, but does not use advertising on member pages, and so it was largely a moot point in Twitter's case. However, at least one expert said Facebook's practice went further than most, identifying both the person who was clicking on the ad, as well as the profile they were visiting when the ad was clicked. Further, Facebook is one of the few social networks which requires users reveal their real names to register. That expert was so concerned that he personally sent the FTC a letter, asking them to investigate the matter.

The news bolstered many netizens' fears concerning social networks, and Facebook in particular. A study conducted around the same time showed that nearly 60% of those polled had considered deleting their Facebook account even before the recent privacy issues arose, and more than 15% had already closed their accounts when the changes to privacy-handling went into effect. A spokesperson for the network compounded problems with what came across as a cavalier attitude toward users' concerns in a Q&A with the New York Times, in which he basically told people not to share information they wouldn't want being made public.

Perhaps most disturbing of all, the information-passing issue was first noted almost a year ago by researchers from AT&T Labs, but went largely ignored. The researchers said they contacted the social networks at that time, which some of the sites confirmed, and made them aware of the problem.

Many of the social networks have since changed the way this information is collected and passed to advertisers.

© C Harris Lynn, 2010

No comments: