Facebook Beacon privacy hubbub…

The Facebook Beacon privacy issues are swirling around blogospere today (here, here, here, here and here).

There’s a lot of technical analysis deconstruction Beacon behavior and some packet traces that confirm what’s actually happening on the wire.

One thread discusses the issues surrounding gathering affiliate interactions when a user is not logged into Facebook.

I think these all miss the point. The fundamental issue here is opt-in vs. opt-out, and their obfuscated variations. Not when tracking occurs.

That said, it seems to me that gathering affiliate activity while you are not logged in is the proper way to do this.

Assuming that I do want to share my on-line behavior with my friends I’d want that activity to be captured whenever it occurred regardless of being logged in or not. Then when I am logged in, I can opt-in/out per activity. Seems pretty logical if you as me.

Otherwise, I’ve got to be logged in all the time (which might be nice for Facebook), or remember to log in before I do anything to be sure that my activity gets captured. That’s silly.

Where would anyone get the idea that this kind of tracking activity would be contingent on being logged in?

If anyone needed another reason to block Facebook .js this is it. Here’s how.

UPDATE: I guess I should have actually looked at what Facebook’s FAQ said before I posted this. Right there, in the very first sentence it states:

If you are logged in to Facebook and visit a Beacon Affiliate, an action you take (like writing a review or purchasing an item), may trigger that website to want to publish a story to Facebook. Before that happens, a notification will display in the lower right corner of your screen. If you click “No Thanks”, no stories or information will be published anywhere on Facebook. If you click â??Closeâ? or ignore the story, the story will be sent to Facebook, but not yet published.

So, I guess that’s the answer to my question where someone would get the idea that their activity is contingent on being logged in.

Which makes this even more troubling. The actual behavior of the system seems quite logical to me, but this FAQ is clearly misleading. Furthermore, it is inconceivable to me that given the scrutiny that they are under right now these documents were not carefully reviewed, which signals to me that they’re parsing things too carefully. Trying to make things more palatable than they really are.

I find it even more astonishing that as of Sunday 2PM PST this document has not yet been updated!


Subscribe to Blog Updates

Quickly connect apps, data, and devices

Start Free Trial
Contact Us Free Trial