Updated
Political groups are successful through mastering a public debate no matter what ideology they espouse, and regardless of what the issues actually are.
MoveOn.org is a good example. It has been staging a running protest against Facebook’s Beacon, the company’s new advertising system. The issue has been featured on CNN (video here) and in articles in mainstream publications such as the LA Times, the New York Times, the Wall Street Journal and in the blogosphere (Techmeme examples here, here and here).
Nearly a week into MoveOn’s privacy campaign, however, only around 25,000 users have signed up. A a little over a day ago, that number was at 21,000.
Before we explain how small that number is, there is a bigger issue. Facebook uses the cookie it requires for logging into its site to track what you do on other sites, from what we can tell. These cookies are unique identifiers — code sent to each user’s computer from Facebook, and tracked by Facebook when they visit web pages. We covered the basics of Facebook’s cookie plans last month.
Google’s Doubleclick and Microsoft’s Atlas ad networks also use cookies to track user actions, and this is a long-standing issue for online privacy advocates. In fact, the U.S. Senate is looking into Doubleclick’s privacy issues now. We have not heard MoveOn comment on cookie tracking as it relates to Beacon or any other company that uses cookies to track users.
Back to those thousands of anti-Beacon Facebook users. MoveOn group members represent only 0.04% of Facebook’s active user base. Last year, groups created to protest Facebook’s “news feed” attracted hundreds of thousands of members within a couple of days — the news feed is now one of the site’ most popular features, and widely imitated. Given Facebook’s active user size at the time, that number made up several percentage points of the total, meaning it generated a considerably greater response than Beacon has so far.
Note: Some might say the news feed was more fundamental to users’ experience than Beacon at this point, and that’s why the News Feed protests last year spread more quickly and vehemently. Still, if users were actually concerned about Beacon, you’d expect more members to have joined MoveOn’s Facebook group by now — with all the publicity.
How Beacon works, why MoveOn has beef, and our analysis
When you purchase a movie ticket on Fandango, for example, the site’s purchase confirmation page prompts a small window to appear on the bottom of the page asking if you want to share this information with your friends in Facebook.
If you don’t respond within a minute or so, the window disappears.
However, Facebook learns about what you’re doing before you even see the opt-out box, as this software developer describes in technical detail.
Facebook apparently uses the cookie it already requires for logging into the site to send a message from Fandango to Facebook about your movie ticket purchase. The cookie appears to allow Fandango to recognize your Facebook identity so it can send this information to your Facebook friends.
Meanwhile, if you ignore the box, the next time you log in to Facebook, you’re asked if you want to share your Fandango purchase on your news feed. No information will be shared about your Beacon activity in your friends’ news feed unless you explicitly approve it to appear.
But to say Facebook doesn’t let you opt out is hyperbole: If you missed seeing the window on Fandago, you are asked to approve Fandago’s request for sharing when you log into your Facebook account. You can choose to opt out, just not as conveniently as MoveOn would like.
[Update: Here's one report about none of the above opt-out options working. We don't know what caused this person to have a different experience with Beacon than other Facebook users.]
It is not clear if Facebook somehow retains the data gained through Beacon, before you even have a choice to opt out.
Meanwhile, MoveOn’s complaint doesn’t mention the cookie issue.
But here’s where MoveOn has beef. Facebook presents its “opt out” box at every site a users visits (or at least those that are participating in Beacon’s program). MoveOn says Facebook should let users opt out of Beacon completely, with the click of a single button — allowing users to never have to see the option again. In fact, this was option seen in early, leaked Beacon screenshots. MoveOn also suggests the small, opt-out box on sites should be more visible, by making it larger or having it appear in the middle of the page, or leaving it there longer.
Here’s a solution to MoveOn’s complaints. Third-party websites should try to figure out what information to send back to Facebook through Beacon that users will actually want to see (Facebook’s program gives them some discretion in this regard). These companies are just as responsible as Facebook for how users perceive them. Over time, users will become educated to look for the box and make a decision - similar to how users deal with Facebook news feeds. If you are really concerned about companies spying on you, however, cookie tracking is perhaps the biggest threat to your privacy.
If you want to block Beacon (and you’re a Firefox user), go here.
By the way, if you’re worried about other ad networks or Web sites tracking you (aside from the Facebook/Beacon prgrom), here are your general options:
You can delete and disable cookies on your web browser (every web browser has lthis option).
You can pinpoint and delete all ad-tracking cookies here, not only Facebook’s.
Myspace, meanwhile, is working on an ad network that promises to use user data to deliver relevant ads across the web — will it use cookies, like all of its competitors?
Doug Sherrets contributed to this article
Tags: co:Facebook, co:google, co:microsoft, co:MySpace8 Comments
-
Danny Sullivan said:
Well, Google hasn’t actually been given approval to buy DoubleClick yet. And right, anyone can get data with cookies and beyond what Facebook is collecting, without any opt-out being offered at all. That remains an issue. Facebook simply magnifies it by publishing this tracking with a self-identified profile of someone. Suddenly, what we do on the web and how we are tracked becomes visible to ourselves and those we know. Kill cookies, and that helps. Have an universal opt-out from Facebook, with that being the default, would help more. Not publishing ourselves period with profiles would help even more beyond that. But it’s good fun :)
-
Alexander van Elsas said:
I see a lot of referrals to the “MoveOn.org only has x thousand supporters. Usually in the same context you use it, only a small percentage of the total user base complains, so what is the fuss about. In my opinion it isn’t really relevant how many people join the movement. And the user? He doesn’t care. He gets all spoiled with “free” stuff, that isn’t free at all. But the bill isn’t payed by him, so why would he care. It is the most worthless driver for a business model. The Facebook user doesn’t mind SocialAds, is the tech blogging community fighting a lost cause? I don’t think so! If ignorance and indifference were the main driver for a web 2.0 company I’d fire the CEO and proclaim the main investors to be idiots!What is more important is the underlying issue. The Facebook business model is flawed. In my opinion the current web 2.0 business model has got to be replaced by something better. No more free ad-based services leading to walled gardens, user and data lock -ups or -ins, indifference, waisted advertisement spend, the illusion of providing value to a user.
Instead we need business models that are user centric and monetize user value. And the great thing about such a business model that it solves the current issues with data portability, privacy, Socialads or beacon automatically.
-
dave mcclure said:
this is SUCH a non-issue.
sure, a universal opt-out would be nice… and given how FEW people would give a FF, Facebook should probably go ahead and do it anyway.
but as you note, such a small % of people understand and/or care about this, that’s it pretty much a complete non-issue. a slightly larger issue is the overall treatment of user cookies across multiple sites, as you note re: Doubleclick.
but what’s the bigger issue for Facebook?
none of this is all that compelling, and it’s only a slight upgrade from the previous Sponsored Stories experience.
until there is 1) a lot more inventory of Beacon / paid News Feed stories, and 2) the CTR goes up on those items, this is not going to be a happy story for Facebook monetization.
personally, i think there has to be more incentive in the system for users to publish & click on this data. it’s not a bad idea, but as currently implemented it doesn’t appear to be getting a lot of traction. if that doesn’t change soon, it’s not a very good story for FB.
-
Gavin said:
I don’t understand why people are so uptight about FaceBook. If you don’t like their privacy protection, then leave. It’s a free country. As for their new ad program, technically they can do it, because you agreed to it somewhere in the legal documents.
-
HateTheFeed said:
I did precisely what Gavin recommends. I left Facebook just before this moveon.org fiasco began. Having seen Facebook basically from its beta days (when it was only for the US News Top 20 colleges essentially), it got a little worrisome to see privacy issues continually eroded. I’m more upset that I can’t actually delete my information from their servers (they keep profiles in case people have a change of heart). That’s even more worrisome than any of this other stuff.
-
Greg said:
The majority of Facebook users are to young to give a dam about privacy issues as they have not seen how privacy abuse on the internet effects them over the past decade & a half. Why does it matter that people know I bought bla-bla-bla… or they would only sell my email address to reputable entities anyway… right? (but who are those buyers selling it to?) I’ve read numerous articles about why the “Y” generation would fit the profile for excepting this issue under the light that it is just how we do business.
As for not being able to delete profiles… I’d suggest just changing it to bogus xxxx information before leaving the account.
-
James said:
privacy is imporant with anything but facebook really does not understand this..
-
Weis said:
Really informative article, it helped me a lot, had to come back a few times and readi it again. keep up the good work, thanks
4 Trackbacks
6:28 pm
VentureBeat » Facebook Beacon lit up by protests, gets small changes said:
[...] The number of people who have signed up in favor of a single-click opt-out on ringleader MoveOn’s Facebook group has doubled in the last two days from 25,000 to 50,000. That’s solid growth, but not yet a full-blown revolution by Facebook standards (see our previous coverage here). [...]
8:50 pm
VentureBeat » Beacon, also Facebook’s behind-the-scenes web data tracker said:
[...] Beacon currently works by letting a partner site, like Blockbuster, send a message to your Facebook friends about your purchase, with your explicit approval. Then, the message appears in your friends’ news feeds (more on the larger controversy here). [...]
2:46 pm
VentureBeat » Bigger than Beacon: Politician presses Google on privacy issues said:
[...] basic issue here, as we said during the height of the Beacon controversy, is whether or not companies like Google and Facebook [...]
8:09 am
In Anchor » SearchCap: The Day In Search, November 27, 2007 said:
[...] Do Facebook users care about "privacy issues?" What about Doubleclick?, VentureBeat [...]