Social networking site Facebook is continuing it’s about-face and apologies about its controversial Beacon system, a key component of the company’s advertising platform. As originally envisioned, Beacon was intended to let Facebook users easily capture and share information that wasn’t necessarily on Facebook—like what they do (and purchase) at other Web sites and services. Of course, this information is also of great interest to advertisers.
Facebook originally rolled out Facebook as an opt-out system: that is, Beacon was fully enabled (and sharing information about Facebook users) by default. This created a groundswell of protest, not only because Beacon had a tendency to spoil surprises and create social awkward faux pas when it "shared" what users were buying for (say) a surprise party or a birthday, but also because of the program’s privacy implications: the data Beacon freely shared with other Facebook users (and Facebook itself) was potentially very private, and there was no way for users to prevent that information from being shared.
After some delay, Facebook announced last week it was implementing a way for users to opt-out from sharing information via Beacon, offering a way for users to explicitly say it was OK to share selected information with Facebook and other Facebook users. However, the move was promptly criticized as not going far enough: rather than having to approve or disapprove every Beacon-related action, Facebook did not offer a way users to opt out of the system entirely.
At the same time, a senior engineer at Computer Associates announced that Facebook captures detailed data on user actions on Beacon partner sites—including IP addresses&mdas;even if Facebook users delete the Facebook cookie, and even if site visitors have deactivated their Facebook accounts…or never signed up with Facebook in the first place. The revelation contradicted Facebook’s public statement on how Beacon operated; the company had claimed the technology collected no information on non-Facebook users or former Facebook users. Now, the company says the information is collected, but deleted unused.
Now, Facebook’s Mark Zuckerberg has relented, offering a way for Facebook users to opt out of the Beacon tracking system entirely. "It took us too long after people started contacting us to change the product so that users had to explicitly approve what they wanted to share. Instead of acting quickly, we took too long to decide on the right solution. I’m not proud of the way we’ve handled this situation and I know we can do better," wrote Zuckerberg in a posting on the company’s site.
However, Facebook’s Beacon opt-out tool is only available to Facebook members; non-Facebook users and former Facebook users apparently have no way to prevent Beacon from collecting information on their actions at partner sites. Although Facebook says this data is deleted, many Internet users still feel they have no reason to take Facebook at their word.
The controversy highlights the intersection of online privacy and the ever-increasing commercialization (e.g., monetization) of seemingly innocuous online activities. The bottom line is that Internet users should probably assume just about anything they do online can be tracked, and that information can be shared, without their knowledge, with other online businesses and sites. As Sun’s Scott McNealy famously said years ago: "You have no privacy. Get over it."