The Latest Social Network Privacy Issue

This is one privacy scandal Facebook isn't alone on.

Facebook and other social networks have been giving advertisers data that could be used to identify names and other personal information of people who click on ads, the Wall Street Journal reports. It's scary, but the risk is nothing new and it's an unfortunate part of the way the Internet works.

Any site you visit can collect a lot of information about you, as creepily evidenced by the Panopticlick project run by digital civil liberties group the Electronic Frontier Foundation. One piece of information sites obtain about visitors is their referrer, the URL of the site visitors come from. Nearly every company uses referrers to find out what their sources of traffic are (Google, blogs, etc.). Do a Google search and the sites you click on will know how you got there because Google includes the search phrase in the URL: http://www.google.com/search?q=hideous+wart+removal.

With social networks, the problem is worse. A lot of networks include IDs and names in URLs. Using the ID or name, advertisers can easily and automatically scrub a user's public profile for more information, such as a name, photo, date of birth, likes, other interests, friends, etc.

(Note: The Journal reporter who wrote the story recently clarified that referrers weren't the only way in which social networks shared data. Facebook had apparently included IDs in the URL of the advertisement itself -- www.facebookad.com/?ref=Niraj, for example. Facebook changed its code in response to the Journal's inquiry.)

Advertisers said they didn't know they were receiving and don't plan on using the information. And while Facebook changed its code, a Twitter spokeswoman stated the obvious: "This is just how the Internet and browsers work." There are ways to obfuscate or hide the referrer.

This privacy problem was first "flagged" in an August research paper, The Journal reports. They don't name the authors, but this seems to be the paper in question. Data passed along, as the research paper explains, looks like this (emphasis mine):

GET /clk;203330889;26770264;z;u=ds&sv1=170988623...
Host: ad.doubleclick.net
Referer: http://www.facebook.com/profile.php?
id=123456789&ref=name

Cookie: id=2015bdfb9ec||t=1234359834|et=730|cs=7aepmsks

But knowledge of the referrer privacy risk is nothing new. The paper itself refers to a note on referrer risk in a 1996 memo co-written by Tim Berners-Lee, the professor credited with inventing the Web:

Because the source of a link may be private information or may reveal an otherwise private information source, it is strongly recommended that the user be able to select whether or not the Referer field is sent.
Presented by

Niraj Chokshi is a former staff editor at TheAtlantic.com, where he wrote about technology. He is currently freelancing and can be reached through his personal website, NirajC.com. More

Niraj previously reported on the business of the nation's largest law firms for The Recorder, a San Francisco legal newspaper. He has also been published in The Hartford Courant, The Seattle Times and The Age, in Melbourne, Australia. He's also a longtime programmer and sometimes website designer.

Why Is Google Making Human Skin?

Hidden away on Google’s campus, doctors at a world-class life sciences lab are trying to change the way people think about their health.

Join the Discussion

After you comment, click Post. If you’re not already logged in you will be asked to log in or register with Disqus.

Please note that The Atlantic's account system is separate from our commenting system. To log in or register with The Atlantic, use the Sign In button at the top of every page.

blog comments powered by Disqus

Videos

Why Is Google Making Human Skin?

Hidden away on Google’s campus, doctors are changing the way people think about health.

Video

How to Build a Tornado

A Canadian inventor believes his tornado machine could solve the world's energy crisis.

Video

A New York City Minute, Frozen in Time

This short film takes you on a whirling tour of the Big Apple

Video

What Happened to the Milky Way?

Light pollution has taken away our ability to see the stars. Can we save the night sky?

Video

The Pentagon's $1.5 Trillion Mistake

The F-35 fighter jet was supposed to do everything. Instead, it can barely do anything.

More in Technology

Just In