Facebook: Brutal Dishonesty

“Facebook does not track users across the web,” – A Facebook spokesperson on September 25, 2011

and

“Generally, unlike other major Internet companies, we have no interest in tracking people.” – Facebook employee on September 25, 2011

v.

“A method is described for tracking information about the activities of users of a social networking system while on another domain.” – Facebook Patent application dated September 22, 2011

Whoops

See: HowTo: Setup secure and private Facebook browsing

117 thoughts on “Facebook: Brutal Dishonesty

  1. Ravi Sheth says:

    uh-oh spaghetti-o’s

  2. Good stuff Arrington!

  3. I’m liking these shorter posts. I don’t remember you doing quick posts like this on TC. Also, their policy changed in those three days. *Obviously*

  4. Yousef Soliman says:

    Lol, come on, that’s pretty poor. If you want to lie, at least make it a little less obvious.

  5. Brad Pineau says:

    Love it.

  6. Between Facebook Connect and Google analytics/ad placements on every other site, I would imagine the majority of our internet use is being recorded at nearly every step by one or both of them.

    • Michael Boyd says:

      Google Analytics’ TOS says all data is anonymous. Google Analytics is not tracking you to improve ads.

      • sleepd says:

        They also said that they don’t collect personal information while driving around taking pictures of houses too.

        • Bob says:

          No, they said they don’t collect any information that is not *public* while driving around. Your SSID is not private (unless you’ve hidden it), unencrypted packets are not private (Just like Ham radio isn’t private).

      • I meant that sites have ad placements and/or google analytics in place both of which are tracking methods in one way or another.

  7. They aren’t tracking users. They are tracking information! LOL

  8. Probably Mark Zuckerberg will be unhappy with this post, but who cares?

  9. Andrew Torba says:

    This is old news. Am I the only one who read Facebooks TOS?

  10. Facebook = “piece of shit company”

  11. Great reason to stop using Facebook, and move to Google Plus instead!!… oh wait, I am on Chrome browser… About time we give up keeping secrets, and just give in to the internet houses. Not like they can do much with my data anyway, other then send me more relevant ads!

  12. They aren’t tracking users. But they will!

  13. rick says:

    Allow me to complete that 2nd quote…

    “we have no interest in tracking people…” but our advertisers sure do!

  14. Ronelsax says:

    This guy is good at this.

  15. AJ says:

    Awesome post, Arrington. Short with great impact.

  16. how is it possible to maintain a facebook account and not have it track you on the web? use facebook in firefox, and the rest of browsing in chrome?
    i just use facebook in incognito mode in chrome…. yes i am paranoid, but it seems i have every right to be.
    not even sure that’s enough at this point.

  17. shmoogle says:

    Being the half-full guy, I find your posts have become much more incisive since you left TechCrunch.

  18. Their engineers are either dishonest, brainwashed, or don’t grasp it all (top comment) http://nikcub.appspot.com/logging-out-of-facebook-is-not-enough

    I wish someone would do a single post, listing all their naughty behavior
    over just the last 3 years.
    Seeing people – well know techie wags, bloggers, social media “pros” –
    swoon over Zuckerberg’s “sincerity” at #F8, made my brain cramp…

  19. Well, I’m just gonna go ahead and click the little “Like this on Facebook” button. Doh!

  20. Obviously they want to patent it so nobody else can do it either — they have no interest in doing it themselves!

  21. joncantin says:

    Sounds more to me like one hand doesn’t know what the other is doing than anything else… I’ll give them the benefit of the doubt – though the same rule applies, don’t put anything online you wouldn’t want your grandmother to see – just add one more caveat.

    “Thow shall delete all cookies and start a new browser session between Facebook visits”

    Jon
    Founder of WoodMarvels.com

  22. Terry Lee says:

    Facebook has weaved themselves so deep within the fabric of the Internet, it’d be surprising if they DON’T track people. All the features such as “likes”, commenting engines and a unified login — users should expect Facebook to track users.

  23. They track absolutely everything on facebook.com and I’m everything possible on other domains. They don’t necessarily act upon that data immediately, but they do collect and treasure it – without a doubt!

  24. mts says:

    sounds like serendipity to me!

  25. Richard says:

    Trackers my browser blocked when loading this webpage:

    Comscore Beacon
    Facebook Social Plugins
    Google +1
    Linkedin Widgets
    Quantcast
    Twitter button
    Wordpress stats

    #justsaying

  26. Unsubscribe FB soon says:

    Don’t tell me Google is not doing/did the same.

    MZ go FY mom with your 21Q’s. Asking me if my daughter is hot to me.

  27. as a marketeer this doesn’t bother me a single bit. as a private person either because i have nothing dodgy to hide. check google’s remarking tools and tell me how different that is from this? Not much is it? Google follows you everywhere as well via their networks of adsense publishers.

    one thing though: Facebook should play open cards and not say they didn’t intend it.

    • this malarkey about “if you have nothing dodgy to hide, why worry” is really old by now. just because i prefer that my private data remain private doesn’t mean i am doing anything dodgy whatsoever. you sound like a typical white, male, generally privileged person; you don’t live in a country where your sexual preference is against the law, or where your political views can get you arrested, disappeared, killed. you’re not a teenager with abusive parents, or a woman with a stalker. i could go on; there are many reasons to want to control one’s data, most of which aren’t dodgy. lastly, just because something doesn’t bother you doesn’t mean it shouldn’t bother anyone else. imagine; the world does not revolve around you.

  28. Euro2cent says:

    So … no “FaecesBook comments” here, eh, what?

    What a disappointment, that was lately making the TechCrunch comments *soooo* interesting – in a sort of paint drying way – and so full of self-promoting sycophants.

  29. It keeps getting more and more ridiculous. Way to lay it out there for all to see

  30. Schoen says:

    Welcome to the “free” internet,
    Facebook, Google?
    We could use some laws against the to protect our privacy.

  31. An old adage: “If you’re not paying for a service, you’re the product, not the customer.”

    And instead of finding this kind of insultingly sloppy spindoctoring even remotely amusing I would like us heavy users to pick up the fight, spit in their sly faces and simply take alternative approaches like “Diaspora”, Marc Pesce’s “Plexus”, Adriana Lukas’ “mine!” and other distributed modes of communication, sharing and maintaining an online interface serious by mass-migrating.

    Don’t you find it slightly odd that in order to tell a friend about what you do or show him a picture of the last thing you found worth taking a foto of you first have to upload it to somebody else’s server? Where said someone reserves the right to do with said foto as he pleases? Probably using it in making a buck off of it?

    Seriously, it’s high time to have sovereignty of the individual being realized on the interwebs.

    Cheers and enjoy the Sunday wherever you are.

    M.

  32. Tried to share this article on Facebook via HootSuite and directy on FB. Doesn’t work. Stefan

  33. Tried to share this article on Facebook via HootSuite and directy on FB. Doesn’t work. Stefan

  34. tony says:

    No surprises here…I bailed on Facebook 18 mos ago…about 2 mos after starting. Saw it as an outright assault on privacy and all about marketing and data mining. It is no longer anonymous ip addresses being tracked, its you, and by name…

  35. jeff says:

    This makes perfect sense – we are their product. The customer is the advertiser. So thwey are priming their products to be the most attractive products to advertisers that they can be. Privacy is a bad trait for this product. We’re kind of like the pigs that get really tasty grain and a well-heated barn. The pigs are made to be happy but the customer is the restaurant….

  36. Keith Lowery says:

    This has been going on a very long time. The web giants have all become giants through innovative approaches to monetizing data. Claims by a web giant that they’re not collecting data on people should be met with a loud, collective guffaw.

    I posted the following note on Facebook over a year ago to make my friends aware of what was going on. All of Facebook’s denials are, of course, completely hollow. What they’re doing is not necessarily evil. I can’t say the same for their unwillingness to own up to it.

    Facebook is Stalking you on the Internet
    by Keith Lowery on Sunday, June 20, 2010 at 5:52pm

    I’m not an alarmist kind of guy in regards to the internet. Indeed, over the years I have accumulated a number of patents nearly all of which are in internet-related technologies. I am not an internet naysayer. I’m generally a big booster of the internet and believe it to be a great leveler, largely through easy access to information that is unmanaged by mainstream gatekeepers, editors, etc.

    So the reader should not take what follows as an indication that I think it’s time to panic about Facebook and what they’re doing. I just think that people need to understand what’s going on with FB’s recent efforts around Social Plugins and what they’ve done with security.

    The harsh reality is that Facebook and their partner sites are engaged in a massive stalking exercise that gives Facebook visibility on your surfing habits. That may be perfectly ok with you and, if so, the rest of what follows may not be that interesting. But if you’re surprised to discover that sites like ABC News, for instance, tell Facebook about every article you read on their site – even if you’ve opted out of this feature on Facebook – you might want to read on.

    Every time you go to a web site that includes Facebook’s “Like” social plugin, that site includes code from Facebook that reports information back to Facebook on which page you’re viewing. Facebook pitches this as a way to personalize your experience on their partner sites. Where things get interesting is that whether you’ve opted out of this kind of thing or not, Facebook’s code works in such a way that the pages you view are always reported back to Facebook. So Facebook is accumulating information on all of their users, not just about what they do on Facebook, but about the contents of what you are reading whenever you visit a Facebook partner site.

    Here’s an example:

    http://www.facebook.com/plugins/like.php?channel_url=http://static.ak.fbcdn.net/connect/xd_proxy.php%23%3F%3D%26cb%3Dfb948359%26origin%3Dhttp%253A%252F%252Fabcnews.go.com%252Ff9b00cc5%26relation%3Dparent.parent%26transport%3Dpostmessage&href=http://abcnews.go.com/Business/wireStory%3Fid%3D10962580&layout=standard&locale=en_US&node_type=link&sdk=joey&show_faces=false&width=300

    This is the URL for the “Like” widget on the abcnews.go.com site. You can see that in the query string portion of the URL (the portion that follows the first “?”) the URL of the page I’m visiting at abcnews.go.com is being supplied to FB: href=http://abcnews.go.com/Business/wireStory%3Fid%3D10962580.

    The short of this is that every site that is using Facebook’s social plugins is a willing participant in Facebook’s effort to track your usage of the internet, even when you’re visiting a site that isn’t Facebook’s. That may be perfectly ok with you. But I mention it because I strongly suspect this will come as a surprise to some people.

    People may have buttoned down their own security and privacy options on Facebook (which would be wise for everyone to do) thinking they have eliminated their problems.

    Unfortunately that doesn’t mean Facebook has stopped stalking you on the internet. They know what you’re reading. They know what sites you’re visiting.

    Everyone will have to decide for themselves how comfortable they are with that.

    • L says:

      not if you’re not logged into Facebook when you visit these other sites! (right? I hope??)

      • TH says:

        Even then, yes – they get your ip-address plus your Browser’s user-agent string, which can tie the information pretty accurately to your FB account, even without cookies.

      • Keith Lowery says:

        Actually, the way this stuff works is using iframes, which will cause your browser to bounce your Facebook cookie back to them. The last time I looked (don’t know if this is still true), your cookie contained your userid even when you were logged out. So they could track you whether you were logged in or not. FWIW.

  37. zato says:

    Brutal link-bating.

  38. Thomas Lukasik says:

    The bigger they are, the harder they fall — how long before Facebook fulfills it’s destiny as the 21st Century AOL?

  39. Thank you Arrington. Thank you so much. Needed someone influential to bring this topic up.

  40. As usual, people will continue to use Facebook despite knowing that it tracks their surfing history.

  41. Phil Dewey says:

    Facebook motto: Do all the evil Google left on the table.

  42. sm7cth says:

    Guess it’s not a question of tracking individuals – it’s just a tool to create stastitical basis for the advertisers marketing analysis. It’s all 100% commercial stuff and who on the net isn’t acting that way, with the exception for organizations like “Free and open-source software”, FOSS et al.

    Microsoft and Google are other examples of Giants, who exist under the same premises.

    Making money worshipping a God that some call Mammon is the one and only interest in this world of ever-accelerating destruction in the name of growth which is the only neo-liberal concept these mental dead people know.

    So, if You do’nt want to be left out of any sense of community, you’ll have to accept these terms till you eventually find some way out of it – the Amish people has found a way, so there may be others alike.

    Kent Åsberg, Vellinge Sweden

  43. The insanity continues. Let me add something else that goes to show how out of touch those in executive positions are. Look at this a Facebook contest by HHS to connect those in case of a disaster? Riots, are they disaster, I would not recommend and next up is is an act of Congress to determine what is a disaster? We do need smarter folks in office.

    http://ducknetweb.blogspot.com/2011/08/hhs-seems-to-be-confused-on-social.html

    I actually blogged this with some additional thoughts here as well on the digital illiteracy of those in government making decisions and being “non participants” in consumer IT, so how can they know?

    http://ducknetweb.blogspot.com/2011/10/facebook-patent-applicationcommunicatin.html

  44. Awesome – keep on poking at these issues.

  45. Joe Buckley says:

    Two possible points.

    1. They say they are not tracking user data. There is no evidence that they are
    .
    2. If they have patents it gives them more ability to stop others doing s0o.

    Lets hope they are good guys after all. If so then there is no contradiction.

    As a general principle everyone should assume that whatever they do on the internet is not secret.

  46. Wait a minute, how do you prove that those inventors “Schoen; Kent Matthew; (San Francisco, CA) ; Dingle; Gregory Luc; (Palo Alto, CA) ; Kendall; Timothy; (San Francisco, CA)” are facebook employees at the time of patent application?

    The only “facebook” string appear in that patent application as links to javascripts from facebook.com. Alright, maybe that’s a clue but then again, this patent applicant does NOT say this patent belongs to facebook Inc. explicitly.

    Did I miss something here?!

    • billslawski says:

      There’s a publicly accessible patent assignment database at the USPTO where I found out about the assignment on Thursday when the patent application was published.

      Perhaps that’s where Michael found out about it, too.

  47. sidcool1234 says:

    Love it or hate you, no one is going to get off facebook anytime soon…

  48. Vic Berggren says:

    Wait, don’t let the “do no evil” employee’s that jumped ship at google for facebook find out about this :)

  49. arcs says:

    This seems like blatant sensationalism to me. The patent and the 2 quotes are talking about different things.

    This particular patent describes the process for 3rd party sites to tell Facebook about something the user did, which subsequently can be shown as an ad to the user’s friends, i.e. “Your friend blah has bought something on This Service, do you want to do so too?”. This sounds like the new open graph API that was unveiled at f8.

    This is quite different from the meaning implied by this post, which the first 2 quotes were addressing, that Facebook tracks and correlates browsing patterns of users across the internet without their consent.

  50. altView says:

    for all you conspiracy theorists…all this ruckus may be to set up a new “premium” version of facebook that promises no tracking. facebook’s corporate communications has stuck to the story this past week, that if you want the “free” web, your privacy is the price you have to pay. perhaps soon it will be, pay $XX per month, and you’ll avoid all this.

  51. billslawski says:

    The patent application describes pretty much how Facebook might track users across the internet without their consent, through a number of possible methods, including java script tracking code, tracking pixels, and iframes and cookies.

    The first claim of the patent explicitly states such an intent:

    “A method for tracking information about the activities of users of a social networking system while on another domain, the method comprising: maintaining a profile for each of one or more users of the social networking system, each profile identifying a connection to one or more other users of the social networking system and including information about the user; receiving one or more communications from a third-party website having a different domain than the social network system, each message communicating an action taken by a user of the social networking system on the third-party website; logging the actions taken on the third-party website in the social networking system, each logged action including information about the action; and correlating the logged actions with one or more advertisements presented to the one or more users.”

    And that term “logged actions” doesn’t mean the actions of logged in users of Facebook, but rather the actions of Facebook users, logged in or not, on sites other then Facebook that are tracked and logged by Facebook.

  52. Renee Marie Jones says:

    Corporations don’t even try to tell the truth anymore, and the people that run them have no shame, no morals, and no ethics. They know if they continue to deny, that people will believe them, not you.

  53. anonymous says:

    And there’s even a Facebook option for commenting on this blog…

  54. Adam says:

    Maybe they’re patenting it so no one else can do it?

  55. MichaelEdits says:

    Sometimes the truth is hard to face.

  56. The pragmatic answer to intrusive tracking by FaceBook and Google would be to develop browser plug-ins that dynamically block selected servers. The dynamic blocking would be based on allowing a server access only if necessary *for the user* to perform an action.

    I have FaceBook blocked in my hosts file. For me, they are just another tracking server in an extensive list.
    This binary approach isn’t a practical step for everybody :)
    Even if they don’t use FaceBook, a few hundred million end users are not going to playing with their hosts file.
    Blocking all of Google in the same way would have a large element of cutting off nose to spite face. For Google, blocking has to be dynamic and selective.

    If FaceBook is only ubiquitous, then Google+ needs a stronger term to describe it.
    Neither FB or G are going to stop doing what they can do.

    The only reason to allow a page to access a FB or G server would be to allow it to do something that *we* want it to do.

    The trackers on this page do nothing for me.
    FB and G, for example, have no business recording my visit to this blog. If the cost of giving Michael recorded traffic for ranking is to expose myself as data to corporates, then the cost is unacceptable.

    Twitter can pick up this visit – but *only* because I wished to comment here. That was *my* decision.

    If I were a FB user and wished to comment using the FB account here, I should have an option to allow the FB links from the page and reload the page. The permission would be for the page only and either temporary or permanent. The default would be that my visit here was never detectable to them.
    Even on a FB or G property, I’d like to have options that blocked any of their servers that were not necessary for the page to function for whatever *I* wanted to work. This is particularly important when using a Google property.

    A simple easy-to-use browser plug-in would be the only practical way of getting significant numbers of people to emasculate the muppets while still getting their Interwebz fix.

  57. Ciaran Laval says:

    Well to be fair to the employees, they may not have known about the patent application.

    I suspect this is to do with Open graph, not all companies will cave in like Spotify and try and push Facebook accounts on their new users.

  58. Andrew Cecil says:

    Wonder how many of you whiners will actually leave facebook

  59. A big organisation maybe the “Spokesperson” did not realise a patent had been filed? Have you got any real facts like who the spokesperson was?

  60. Blowfly says:

    I will bet on the fact that FB (with MS peadophile image scan) fails to report suspect users and sites to law enforcement – Esp if it leads to bad PR.

    But then again, why bother – given the history which MSN provides (if you suspect your corperate platform has been used to commit a crime – exposing you to a law suit or costly investigation and negative PR; then feel free to pull the service and delete information).

  61. Facebook systematically lies about almost everything it does. Most stunningly I discovered last year that it even lied to advertisers by placing an advert outside the defined demographic! (http://alexanderchalkidis.com/?p=755 )

    It seems that this is just a reflection of Zuckerberg’s character but I am not sure how it can scale without law suits in a public company.

  62. amerikagulag says:

    Of COURSE it’s dishonest! It’s a government spybot for Israel! The US government is incapable of truth-telling. We should expect it tells the truth in this ONE instance????

    Wake up!

  63. A. Noyes says:

    Some people have suggested that this application is intended to patent tracking of logged out users. Nothing could be further from the truth. Instead, a careful reading of the portion of the application that purportedly describes tracking of logged out users (Paragraph [0099] shows that this excerpt is actually describing a fundamental part of Facebook Platform—social plugins that create social experiences across the web without logging into Facebook repeatedly or third party sites at all.

    Our social plug-ins allow Facebook users to go to any website with a social plugin and see what content their friends have liked without logging into that website. the user must, however, be logged into Facebook to see this social content on third party websites. What is being described in section [0099] of the application is the fact that you don¹t have to log into Facebook again at each third party site in order to see social plugin content. You just have to be currently logged in to Facebook when you visit the site. If you continue reading the application (i.e. paragraphs [0100] and [0101]), you¹ll also find it is consistent
    with our longstanding principles of notice, choice and control, and offers mechanisms and processes by which a person would be notified and could opt in or out.

    There are other things mentioned in the patent application and, for many of those, it¹s important to understand how companies use patents. That is, technology companies patent lots of ideas. Some of these ideas become products or features and some don’t. As a result, current functionality and future business plans shouldn’t be inferred from our patent applications. — Andrew Noyes / Facebook Communications

    • James Phillips says:

      The Patent does not acutally say if the users should be logged in or not. For conversionn tracking to work, logging even after the user is logged out would be more effective. You are collecting all of the information through ubiquitous “like” buttons anyway and threatening to suspend websites that implement a “two click” like button.

  64. Why would fb like to know when I see porn? Bastards!

  65. Muy Optimista says:

    Eso es un DELITO en varios paises de Latinoamerica, es una violacion de correspondencia y privacidad.

  66. Konrad says:

    I keep being surprised by people who are surprised that Facebook doesn’t play fair or nice.

    Look. Remember how Zuck started the company? How he tricked and lied? How he … never played fair? And just where and when should the company have stopped doing that, adopting a culture of ethical and honest behavior?

  67. billslawski says:

    Hi Michael

    Now that I know where you found it, how about attribution for the discovery of the patent application?

    Thanks.

  68. Jane Doe says:

    If you post something on the internet — It’s not private. Bottom line.

  69. You already know thus significantly in relation to this subject, produced me individually consider it from so many varied angles. Its like men and women don’t seem to be fascinated unless it is something to accomplish with Woman gaga! Your personal stuffs nice. All the time handle it up!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 15,227 other followers

%d bloggers like this: