A young Wollongong man and his computer have exposed secret monitoring by one of the world’s biggest companies.
Nik Cubrilovic become an overnight sensation yesterday after revealing Facebook is tracking users after they have logged off the social networking site.
The University of Wollongong drop-out blew the lid in a blog post, which triggered a panic among users and reignited debate over online privacy.
Born in Wollongong and educated at Hayes Park Public School and Kanahooka High, Mr Cubrilovic spent yesterday at home, coming to grips with his new-found global notoriety.
"From where I’m sitting right now, I have no idea how big this story is, all I’m seeing is the media requests coming in from all over the world," Mr Cubrilovic said.
"I’m used to privacy not being a big issue [but] an increased awareness from Facebook users is what’s made things really blow up this time."
Tests the 31-year-old conducted last year revealed that, when somebody logs off Facebook, rather than deleting tracking "cookies" the site maintains account information and other unique tokens that can be used to identify users.
When a user visits another website containing a Facebook button or "widget", the browser sends details back to Facebook.
Mr Cubrilovic only released the test results on Sunday in a bid to tell users how to avoid the privacy implications of Facebook’s latest upgrade.
"I thought it was my obligation," he said…
That from The Illawarra Mercury, which reports today:
Facebook has denied that it tracks its users’ web surfing even when they are logged out, saying it only uses tracking cookies to personalise content and to make the site more secure.
In a blog post, Dapto-based technologist Nik Cubrilovic this week accused Facebook of using cookies to track users when they are logged off from the service.
The University of Wollongong drop-out became an overnight sensation after revealing Facebook is tracking users after they have logged off the social networking site.
Facebook engineer Gregg Stefancik denied that the company tracked users in a comment on Cubrilovic’s post. Stefancik did admit that Facebook alters – but does not delete – cookies when users log out. But he says Facebook does that as a safety measure, and does not use the cookies to track users or sell their personal information.
Logged-out cookies are used to protect consumers, Facebook said. For example, Facebook says the logged-out cookies are used to identify spammers and phishers, detect when an unauthorised person is trying to access a user’s account, help users regain access to an account when it’s been hacked and disable registration for underage users who try to re-register with a different birthdate….
You may read the rest there.
Now I have to admit I was not all that concerned by the story when I first read it yesterday. My recent reading of The Facebook Effect has shown at the very least that despite the squillions of dollars one associates with something like Facebook and the natural paranoia around such a thing, Facebook has all along been comparatively unmercenary and has in fact passed up opportunities to monetize the site, sell on data, and so on. Much to the bemusement of some.
… I have a more radical recommendation for Facebook: Go ahead, Mr. Zuckerberg, take your marketing practices a step further and sell that social data the company is collecting. Facebook is poised to become the biggest consumer database in history. Instead of using that knowledge to show users tiny ads, a more potent business model could be to sell information about users to outside marketers.
To be sure, Facebook has no plans to sell consumers’ data. I asked Facebook spokesman Barry Schnitt about my idea, and he said in an e-mail that "people share so freely on Facebook, in part, because they trust that we’re not going to sell their information. We don’t have any interest in violating that trust."
Let’s play a mental game, though, and see what the social networking world might be like if Facebook and other sites sold data that could make the coupons that arrive in consumers’ mailboxes more relevant.
Marketers maintain lists, or sets of data about you, that couple your name with various descriptors. Consumers walk through life leaving clues that let marketers figure out who they are and what they’re likely to buy. Your driver’s license, voting registration records, product purchases, and periodical subscriptions are all fair game….
Consumers should get over their panic. Yes, a recent Facebook glitch allowed outsiders to see private chat conversations. Yes, Congress is drafting legislation that would require companies to explain how they collect data. And yes, you may have posted photos of your puppy that result in strange marketing offers.
None of this would preclude Facebook from doing what stores and auto dealers have done for years—selling your personal information to the highest bidder. Doing so could also shield Facebook from some criticism, since it puts distance between the place users input data and the offers that result from it.
If this sounds outrageous, take a breath and read your direct mail tonight. Did we mention we know you drive a Lexus?
Fact is, without cookies doing their thing Facebook simply wouldn’t work. I find Facebook’s response to this latest story quite convincing and happily continue to use the site – even growing to like the new interface!
See related stories: 6 stories of life-changing social media connections; Facebook confirms ‘Like’ data collection, will fix three cookie-related issues within 24 hours; A look at Facebook usage across eight different countries.
# This is post 1,000!