The Latest Social Network Privacy Issue

More

This is one privacy scandal Facebook isn't alone on.

Facebook and other social networks have been giving advertisers data that could be used to identify names and other personal information of people who click on ads, the Wall Street Journal reports. It's scary, but the risk is nothing new and it's an unfortunate part of the way the Internet works.

Any site you visit can collect a lot of information about you, as creepily evidenced by the Panopticlick project run by digital civil liberties group the Electronic Frontier Foundation. One piece of information sites obtain about visitors is their referrer, the URL of the site visitors come from. Nearly every company uses referrers to find out what their sources of traffic are (Google, blogs, etc.). Do a Google search and the sites you click on will know how you got there because Google includes the search phrase in the URL: http://www.google.com/search?q=hideous+wart+removal.

With social networks, the problem is worse. A lot of networks include IDs and names in URLs. Using the ID or name, advertisers can easily and automatically scrub a user's public profile for more information, such as a name, photo, date of birth, likes, other interests, friends, etc.

(Note: The Journal reporter who wrote the story recently clarified that referrers weren't the only way in which social networks shared data. Facebook had apparently included IDs in the URL of the advertisement itself -- www.facebookad.com/?ref=Niraj, for example. Facebook changed its code in response to the Journal's inquiry.)

Advertisers said they didn't know they were receiving and don't plan on using the information. And while Facebook changed its code, a Twitter spokeswoman stated the obvious: "This is just how the Internet and browsers work." There are ways to obfuscate or hide the referrer.

This privacy problem was first "flagged" in an August research paper, The Journal reports. They don't name the authors, but this seems to be the paper in question. Data passed along, as the research paper explains, looks like this (emphasis mine):

GET /clk;203330889;26770264;z;u=ds&sv1=170988623...
Host: ad.doubleclick.net
Referer: http://www.facebook.com/profile.php?
id=123456789&ref=name

Cookie: id=2015bdfb9ec||t=1234359834|et=730|cs=7aepmsks

But knowledge of the referrer privacy risk is nothing new. The paper itself refers to a note on referrer risk in a 1996 memo co-written by Tim Berners-Lee, the professor credited with inventing the Web:

Because the source of a link may be private information or may reveal an otherwise private information source, it is strongly recommended that the user be able to select whether or not the Referer field is sent.
Jump to comments
Presented by

Niraj Chokshi is a former staff editor at TheAtlantic.com, where he wrote about technology. He is currently freelancing and can be reached through his personal website, NirajC.com. More

Niraj previously reported on the business of the nation's largest law firms for The Recorder, a San Francisco legal newspaper. He has also been published in The Hartford Courant, The Seattle Times and The Age, in Melbourne, Australia. He's also a longtime programmer and sometimes website designer.
Get Today's Top Stories in Your Inbox (preview)

The Time JFK Called the Air Force to Complain About a 'Silly Bastard'

51 years ago, President John F. Kennedy made a very angry phone call.


Elsewhere on the web

Join the Discussion

After you comment, click Post. If you’re not already logged in you will be asked to log in or register. blog comments powered by Disqus

Video

Adventures in Legal Weed

Colorado is now well into its first year as the first state to legalize recreational marijuana. How's it going? James Hamblin visits Aspen.

Video

What Makes a Story Great?

The storytellers behind House of CardsandThis American Life reflect on the creative process.

Video

Tracing Sriracha's Origin to Thailand

Ever wonder how the wildly popular hot sauce got its name? It all started in Si Racha.

Video

Where Confiscated Wildlife Ends Up

A government facility outside of Denver houses more than a million products of the illegal wildlife trade, from tigers and bears to bald eagles.

Video

Is Wine Healthy?

James Hamblin prepares to impress his date with knowledge about the health benefits of wine.

Video

The World's Largest Balloon Festival

Nine days, more than 700 balloons, and a whole lot of hot air

Writers

Up
Down

More in Technology

Just In