The Latest Social Network Privacy Issue

This is one privacy scandal Facebook isn't alone on.

Facebook and other social networks have been giving advertisers data that could be used to identify names and other personal information of people who click on ads, the Wall Street Journal reports. It's scary, but the risk is nothing new and it's an unfortunate part of the way the Internet works.

Any site you visit can collect a lot of information about you, as creepily evidenced by the Panopticlick project run by digital civil liberties group the Electronic Frontier Foundation. One piece of information sites obtain about visitors is their referrer, the URL of the site visitors come from. Nearly every company uses referrers to find out what their sources of traffic are (Google, blogs, etc.). Do a Google search and the sites you click on will know how you got there because Google includes the search phrase in the URL:

With social networks, the problem is worse. A lot of networks include IDs and names in URLs. Using the ID or name, advertisers can easily and automatically scrub a user's public profile for more information, such as a name, photo, date of birth, likes, other interests, friends, etc.

(Note: The Journal reporter who wrote the story recently clarified that referrers weren't the only way in which social networks shared data. Facebook had apparently included IDs in the URL of the advertisement itself --, for example. Facebook changed its code in response to the Journal's inquiry.)

Advertisers said they didn't know they were receiving and don't plan on using the information. And while Facebook changed its code, a Twitter spokeswoman stated the obvious: "This is just how the Internet and browsers work." There are ways to obfuscate or hide the referrer.

This privacy problem was first "flagged" in an August research paper, The Journal reports. They don't name the authors, but this seems to be the paper in question. Data passed along, as the research paper explains, looks like this (emphasis mine):

GET /clk;203330889;26770264;z;u=ds&sv1=170988623...

Cookie: id=2015bdfb9ec||t=1234359834|et=730|cs=7aepmsks

But knowledge of the referrer privacy risk is nothing new. The paper itself refers to a note on referrer risk in a 1996 memo co-written by Tim Berners-Lee, the professor credited with inventing the Web:

Because the source of a link may be private information or may reveal an otherwise private information source, it is strongly recommended that the user be able to select whether or not the Referer field is sent.
Presented by

Niraj Chokshi is a former staff editor at, where he wrote about technology. He is currently freelancing and can be reached through his personal website, More

Niraj previously reported on the business of the nation's largest law firms for The Recorder, a San Francisco legal newspaper. He has also been published in The Hartford Courant, The Seattle Times and The Age, in Melbourne, Australia. He's also a longtime programmer and sometimes website designer.

Saving the Bees

Honeybees contribute more than $15 billion to the U.S. economy. A short documentary considers how desperate beekeepers are trying to keep their hives alive.

Join the Discussion

After you comment, click Post. If you’re not already logged in you will be asked to log in or register.

blog comments powered by Disqus


How to Cook Spaghetti Squash (and Why)

Cooking for yourself is one of the surest ways to eat well.


Before Tinder, a Tree

Looking for your soulmate? Write a letter to the "Bridegroom's Oak" in Germany.


The Health Benefits of Going Outside

People spend too much time indoors. One solution: ecotherapy.


Where High Tech Meets the 1950s

Why did Green Bank, West Virginia, ban wireless signals? For science.


Yes, Quidditch Is Real

How J.K. Rowling's magical sport spread from Hogwarts to college campuses


Would You Live in a Treehouse?

A treehouse can be an ideal office space, vacation rental, and way of reconnecting with your youth.

More in Technology

Just In