Summary: Facebook’s Beacon program, which announces your purchases on your FB profile feed, has generated some vociferous responses from privacy advocates. There are some profound issues here that I’d like to explore in more depth. This post covers responses to the program so far, starting with Om Malik and running the gamut from Search Insider to the Wall Street Journal. Tomorrow, I’ll provide my thoughts on the matter.

I was all ready to leave this topic alone, really! But the issues that have been raised since the launch of Facebook’s Beacon advertising platform have become too central to the topic of privacy for me to ignore.

The social-graph-leveraging ad service was pegged as a potential privacy nightmare the day it was launched (November 6) by Om Malik, who raised some pointed questions to the good folks at FB and received responses that were vague at best, leaving him to conclude:

…in reality, this is a privacy disaster waiting to happen. The javascript on the Fandango site pops up a little screen which asks if you want to publish the information on Facebook. If you say no, your friends won?t see the information, but apparently Facebook still receives it. This means that if you are a Facebook member, Facebook will know what you are doing on each of their partner sites. And there is no way for you to opt out of that. Or is there? I asked Facebook to clarify and I am still waiting for them to write back.

We could say that this is a knee-jerk reaction—after all, it came out the very day the program launched—so it’s worth checking into subsequent opinions and experiences from the past two weeks. (Yes, yes, I know that it’s only been two weeks and we’re still dealing with knee-jerk reactions. I’m just summing up the situation to date.)

The day after the GigaOm stake-in-the-ground, MediaPost’s Just An Online Minute backed him up:

Another part of Faceboook?s plan, the Beacon program, is far more troubling from a privacy point of view. That initiative involves informing people?s friends of purchases they?ve made online. In other words, if one Facebook member buys a DVD of, say, season two of ?The Office,? and allows that information to be shared with others, the member?s Facebook friends will be notified that one of their contacts has purchased that DVD.

Users will be able to opt out of the service, but privacy concerns remain. Simply explaining this type of offering to people who aren?t familiar with Web advertising might prove difficult, let alone explaining the opt-out procedure. What?s more, even tech-savvy users mistakenly check the wrong boxes online, inadvertently opting in instead of out and vice versa.

Headlines of stories about Beacon continued to touch on the potential negatives; a piece from my university paper, the Cornell Daily Sun, came out with The Last Straw for Facebook?, while Mark Simon’s Search Insider column the following Monday was titled Social Ads or Social Networking Nightmare?

Privacy advocates and legal eagles picked up the thread, with the Wall Street Journal last Friday reporting on the real-world implementation of the program (thanks to PogoWasRight for the tip):

…Last Sunday the Law Blog purchased three tickets to ?Bee Movie? on Fandango, the movie site. After we did this, Facebook automatically updated our profile to say, ?Peter bought ?Bee Movie? on Fandango.?

Huh? Did we want everyone on Facebook to know our movie-buying habits? Not really. But it seems we agreed to this. According to Fandango?s privacy policy, which we agreed to by using the site, ?If you are a member of a social network service (such as Facebook, MySpace, etc.) or you use other Internet sites where you have authorized them to gather information about your online behavior on Fandango . . . Fandango may share information regarding your activities . . . with those third parties pursuant to your authorization.?

Then we checked out our privacy settings on Facebook. Under ?Privacy Settings for External Websites,? there?s a Fandango icon, indicating that we?ve agreed to have our actions on Fandango sent to our Facebook profile. We changed our profile, mandating that they never ? never! ? do this again.

And now today. CNet’s Caroline McCarthy reported that MoveOn, which historically has focused its energy on domestic regime change, has decided that Facebook Beacon poses a significant privacy problem, one that has to be stopped:

Online activist group MoveOn.org is poised to announce a campaign targeting Facebook’s “Beacon” advertisements, which post information about users’ activity on partner sites (movie rentals, purchases from online retailers) onto their friends’ News Feeds. According to MoveOn representatives, the organization considers this to be a “glaring violation of (Facebook’s) users’ privacy,” and has launched a paid ad campaign on Facebook, a “protest group” on the social-networking site, and an online petition to encourage the company to allow users to opt into the program at their own volition.

“The bottom line,” MoveOn spokesman Adam Green said in an interview with CNET News.com, “is that no Facebook user should have their private purchases online posted for the entire world to see without their explicit opted-in permission.”

It’s true that Beacon advertisements are limited to the news feeds of the people on a user’s friends list, but Green said that doesn’t make a difference. He cited Facebook user testimonials that ranged from members who said their entire Christmas lists had been published on their News Feeds (spoiling many a surprise in the process) to student activists who were concerned that sensitive purchases might show up and result in serious consequences–”If a college kid rents Brokeback Mountain and some homophobic person on his campus sees that, that could be a real problem,” he explained.

This was too much heat for Facebook to ignore, so, a couple of hours after the MoveOn announcement, they responded with one of their own:

“We encourage feedback from our users on new products,” the Facebook statement read, “but in this case, the MoveOn.org-led group misrepresents how Facebook Beacon works. Beacon gives users an easy way to share relevant information from other sites with their friends on Facebook.”

…Facebook’s statement stressed that because this information is not public, it isn’t an invasion of privacy. “Information is shared with a small selection of a user’s trusted network of friends, not publicly on the Web or with all Facebook users,” the statement explained. “Users also are given multiple ways to choose not to share information from a participating site, both on that site and on Facebook.”

MoveOn.org spokesman Adam Green was quick to provide an additional response. “If Facebook’s argument is that sharing private information with hundreds or thousands of someone’s closest ‘friends’ is not the same as making that information ‘public,’ that shows how weak Facebook’s argument is,” Green said in an e-mail. “Facebook users across the nation are outraged that the books, movies, and gifts they buy privately on other sites are being displayed publicly without permission–and it’s time for Facebook to reverse this massive privacy breach.”

I’ll pick this story up tomorrow and give you my view on the implications and issues, but I’d also really like to hear your reactions, both to this post and to the Facebook Beacon program as a whole. What do you think of it? Have you seen it in action?

This entry was posted on Wednesday, November 21st, 2007 at 8:16 am and is filed under Facebook, Privacy. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.