… My heart’s in Accra Ethan Zuckerman’s online home, since 2003

November 15, 2007

Facebook changes the norms for web purchasing and privacy

Filed under: Geekery,Media — Ethan @ 12:42 pm

If you’ve got a Facebook account, try this experiment: Go to overstock.com and buy something. (I recommend Kwame Appiah’s “Cosmopolitanism” if you’re really stuck for something to purchase.) As you complete the purchase, a window appears in the bottom right of your browser window, announcing “Overstock.com is sending this to your Facebook profile”.

Okay, let the window disappear – on my browser, it takes only about ten seconds for it to disappear. Now log into Facebook. You’ve got a new item in your mini-feed, the message “Overstock.com is sending a story to your profile.”

There’s a check-off box to allow you to hide this message in the future – i.e., let Facebook post this “story” without warning to you – to turn it off, it requires you to click “See More”, then “Edit Settings”, then tell Facebook that you don’t want Overstock.com to post stories to your profile.

There’s no global opt-out – no ability to tell Facebook, “Please stop posting my purchase behavior from any third-party sites to my feed.” You’ve got to opt out from each new partner you encounter, either by clicking on the window on the purchase site, or by turning off this “feature” for each partner on Facebook.

I had two reactions when I saw a demo of this feature on Tuesday. One was “Well, that looks like a good reason to get off Facebook.” And the other, hearkening back to my days as the creator of ad-driven user-created-content websites, was “Hot damn, someone finally did it.” Because, of course, this is the sort of information that ad targeting companies would kill for.

For me, the overwhelming feeling was one of uneasiness – in my head, at least, this isn’t how the web works. When you’re doing business with a website, your interactions have consequences only on that site, not on a completely unrelated website, right? Of course, that’s not true – it hasn’t been for a while. HTTP supports the ability to load items from multiple sites on the same webpage – you’re loading this page from ethanzuckerman.com, but the badge of flickr.com pictures in the sidebar is loading from flickr.com. It’s pretty common on content websites to accept ad banners loaded from a third party, and cookies set in your browser that can be used to track your browsing behavior between different sites. (Here’s a useful tool that allows you to detect ad-tracking cookies installed on your browser and opt out of those networks.)

So why is this alliance between Overstock and Facebook any different? Well, technically, it does something that’s unfamiliar and uncomfortable for people who’ve written web programs that use cookies. A cookie is supposed to be a secret string of information written by one website to your browser and accessible only to that website. You shouldn’t be able to write a script that asks for information in a cookie set by another server. (There’s a form of cross-site scripting attack called “cookie theft” designed to do exactly this.) It looks like Overstock is somehow accessing your profile information on Facebook, which it shouldn’t be able to do.

Of course, what’s actually happening is that when you load Overstock’s “transaction complete” page, you’re also loading something from Facebook, likely an invisible image, and a script, which allows Facebook to access your Facebook.com cookie, which containts account information. Because Facebook and Overstock are cooperating in building a joint webpage, they can do something that seems… unheimlich… to those of us who’ve been playing on the web for the last dozen years.

My colleague David Weinberger has an excellent piece in the Huffington Post where he argues that Facebook is breaking social defaults on how privacy works with this new feature. “Our expectation is that our transactions at one site are neither to be made known to other sites nor made known to our friends. We may well want to let our friends know what we’ve bought, but the norm and expectation is that we will not,” he argues. This is especially important, because Facebook is huge and powerful – Facebook may change the social default on this topic, and it may become the norm to advertise your purchasing behavior to your social network of choice.

The web’s a lot more complicated than it used to be. My instinctive response to this new behavior was to turn off cookies in my browser. Of course, that also means turning off Facebook, which won’t let you log in with cookies turned off. The proper technical response may be some new sort of security alert in Firefox: “The site you’re visiting wants to send information to another site – do you want to allow this to happen?” Of course, as the wonderful Mac “security” ad points out, most of us just want to ignore these warnings. The truth is, if Facebook users don’t rebel against these new kinds of features, they’ll simply become the new default for interactions between commerce sites and social networks.

Pardon me while I switch all my embarrasing purchasing behavior over to another browser that doesn’t know anything about my social networking sites.


My colleague Wendy Seltzer has some useful thoughts on this new feature as well.

54 Comments

  1. […] Ethan Zuckerman gives detail on the sequence and some privacy thoughts of his […]

    Pingback by Wendy’s Blog: Legal Tags » Facebook: Privacy versus cross-context aggregation — November 15, 2007 @ 1:15 pm

  2. OMG…

    (great post, indeed)

    Comment by ismael — November 15, 2007 @ 1:38 pm

  3. Is there a Facebook group yet for protesting this?

    Comment by matt — November 15, 2007 @ 2:06 pm

  4. Requiring cookies to sign in is the thing that gets me. Wow. Enforcing the Facebook cookie in order to use the service. They are really walking the line and in this case they are definitely crossing some.

    Comment by Kyle — November 15, 2007 @ 2:15 pm

  5. It seems the only difference between this and a cross-site scripting attack is that my privacy is now violated by corporations rather than by random-hacker.

    Comment by Jack — November 15, 2007 @ 3:05 pm

  6. Matt, I’ve seen a couple of Facebook protests regarding the new contextual advertising services on Facebook, but nothing specific about cookie-sharing between Facebook and Overstock (and, we suspect, more sites in the near future…) Sounds like a good opportunity to start one up – invite me if you do.

    Jack, I think you’re on the right track there, but I think the difference is that the script isn’t injected using a XSS bug but is a choice by the cooperating companies who believe, on some level, that they’re providing a service for their users. And some of their users may well see it that way…

    Comment by Ethan — November 15, 2007 @ 3:58 pm

  7. […] …My heart’s in Accra » Facebook changes the norms for web purchasing and privacy “There’s no global opt-out to tell Facebook, “Don’t post my purchase behavior from any third-party sites to my feed.” You must opt out from each new partner by clicking on the window on the purchase site, or by turning this off for each partner.” (tags: social+media change privacy advertising business+models tidbits+fodder business problems usability) […]

    Pingback by contentious.com - links for 2007-11-15 — November 15, 2007 @ 6:23 pm

  8. While it isn’t as nice as a global opt-out, you can at least say no thinks on the little pop-up to opt out of it without ever having to go to Facebook to do so.

    I think it’s really a secret plot to make people stop buying embarrassing items. Imagine the hilarity that could ensue if they partnered with an online adult store.

    Comment by Jeremy Herbel — November 15, 2007 @ 7:24 pm

  9. The thing to keep in mind is that some people are going to love this feature. Do you think it’s possible to do this correctly, in a way that makes it possible to preserve privacy in a way that you’re comfortable with. Let’s keep in mind that initially many people were very uncomfortable with per-site cookies and now we’re all used to that. If Facebook’s mechanism were always opt-in instead of opt-out would that be sufficient to make enough people feel comfortable?

    Comment by Natalie Glance — November 15, 2007 @ 8:11 pm

  10. It’s a great point, Natalie. I think a lot of people are going to enjoy the feature. It made me very uncomfortable, but I’m totally open to the idea that I’m likely to be in the minority. Making it entirely opt-in would satisfy a lot of my concerns – I can imagine voluntarily finding ways to sync my iTunes with Facebook so people can see what music I’ve recently added to my library, for instance. But it strikes me as very, very easy to miss what’s going on with this feature and simply ignore your way into the loss of privacy…

    Comment by Ethan — November 15, 2007 @ 9:35 pm

  11. […] Facebook changes the norms for web purchasing and privacy | Ethan Zuckerman Quote – If Facebook users don’t rebel against these new kinds of features, they’ll simply become the new default for interactions between commerce sites and social networks. (tags: business advertising facebook privacy identity socialnetworks) […]

    Pingback by rexblog.com: Rex Hammock’s weblog » Blog Archive » links for 2007-11-16 — November 16, 2007 @ 1:29 am

  12. […] Changing the norms for web purchasing & privacy November 16, 2007 Filed under: Uncategorized — quangtran @ 6:46 am (via Ethan Zuckerman) […]

    Pingback by Changing the norms for web purchasing & privacy « Project Kali — November 16, 2007 @ 2:46 am

  13. I think this one may go the way of the mini-feed. A minor protest then it will be accepted.

    Comment by JohnofScribblesheet — November 16, 2007 @ 7:02 am

  14. […] Beacon was simply in beta and they were testing out the response of users. As Ethan Zuckerman has pointed out, the response may not be that great and ultimately their new Beacon service could ultimately […]

    Pingback by Facebook Beacon: A Test of Web Users - The Unofficial Facebook Blog — November 16, 2007 @ 12:17 pm

  15. […] gist is this: when you buy something at a participating web site (Ethan Zuckerberg shows how it is done at overstock.com), Facebook discloses to that 3rd party web site, that you are a user of Facebook, and hands over […]

    Pingback by Facebook discloses its users to 3rd party web sites » alexander kirk » Blog Archive — November 16, 2007 @ 1:01 pm

  16. […] Facebook changes the norms for web purchasing and privacy – …My heart’s in Accra Ethan Zuckerman havaitsi Facebookin ja overstock.com:in harjoittavan kyseenalaista yhteistyt. Overstockista tehdyt ostokset ilmestyivt nkyviin hnen Facebook sivulleen, ilman Zuckermanin omaa valintaa. […]

    Pingback by Linkit 16.11.2007. at Ilja Suvanto — November 16, 2007 @ 5:50 pm

  17. Ethan,

    Would you see this differently if this were not implemented via cookies– which would be fairly trivial via IP/time log or another mechanism? Or would it be worse to have these companies tracking us by data exchanges… which they already are, of course?

    What if I purchase a server slot at Qwest’s SLC facility and record IP address and unencrypted traffic for Overstock, correlate with Facebook and other sites, — which essentially will give me very close to your purchase history, and more– and sell the data? Being done…

    Also, how about the likely, and likely essentially undisclosed, use of personal survey/preference/demographic data from AskVille by Amazon…?

    Alexa ? Google?

    This is why I would never have a FaceBook account…

    Comment by Ken Thomas — November 16, 2007 @ 6:55 pm

  18. […] My heart’s in Accra – Facebook changes the norms for web purchasing and privacy “There’s no global opt-out – no ability to tell Facebook, “Please stop posting my purchase behavior from any third-party sites to my feed.” You’ve got to opt out from each new partner you encounter…” (tags: facebook beacon advertising privacy cookies scripting datamining surveillance backlash) […]

    Pingback by Adam Crowe - links for 2007-11-17 — November 16, 2007 @ 8:35 pm

  19. […] Facebook changes the norms for web purchasing and privacy Alliances with shopping web sites can allow Facebook friends to see your shopping habits. (tags: facebook privacy) […]

    Pingback by Rants, Raves, and Rhetoric v4 » Blog Archive » links for 2007-11-17 — November 17, 2007 @ 4:34 am

  20. A Facebook group against is a little absurd. If you think this is an invasion of privacy, just quit Facebook! That’s what I did. But I wasn’t that enchanted with it to begin with.

    Unfortunately most people are lazy, and I think Ethan is right that this may become the new norm. But it sounds pretty terrible.

    Imagine the outcry if Amazon was selling your purchase history to Google, and Google was selling the keywords from your GMail account to Amazon.

    I wonder if the deluge of product promos from people who aren’t really your friends will drive people away from the service.

    Thanks Ethan, for the clear breakdown of how the new ad system works.

    Comment by pnj — November 17, 2007 @ 9:05 am

  21. Thanks for the eye-opening info. I tried to delete my facebook account but I couldn’t quite do it. I hope we will get rid of these criminals.

    Comment by John Smith — November 18, 2007 @ 11:54 am

  22. Surely this can’t be by cookie alone? If that was the case what about shared computers? I might end up buying something but it would send that information to the facebook profile of another user of the PC.

    Surely this must be a combination of cookie AND email address – i.e. the third party site uses the email address you logged in/registered with, in combination with the cookie.

    If this is the case, couldn’t you just use different email addresses to unfox this?

    Comment by Nick P — November 19, 2007 @ 6:18 pm

  23. All I know is that this sucks I ordered all my Christmas gifts and the next thing I know everyone knows what they are getting. I cancled the entire order with Overstock and will no longer order from them.

    Comment by kalley — November 20, 2007 @ 2:44 pm

  24. […] Ethan Zuckerman explains, with screen shots. […]

    Pingback by Scripting News for 11/24/2007 « Scripting News Annex — November 24, 2007 @ 12:43 pm

  25. PNJ: So are you saying that every time a service that you like does something you don’t like, you should just quit instead of trying to do something about it?

    I think you’ve hit your personal nail on the head — you don’t particularly like Facebook.

    For those of us who do like Facebook, but would prefer that these things don’t get added as standard, default behaviour, there seems nothing wrong in trying to do something about it.

    There’s an irony in starting a Facebook group about it, I agree.

    I *really* hope the “most people are lazy” comment isn’t levelled at those of us who have found a social network on which a lot of our friends and colleagues reside, and don’t want to leave.

    Yes, I could find another network and encourage all my contacts to come with me, and perhaps we wouldn’t be “lazy” then (though we could be accused of poor use of time, when there are so many more important things to do). But why should I? And who’s to say that the new network won’t violate privacy at some point in the future? Or that, some other service, online or offline, won’t (for those that simply say “don’t use social networking services”)

    Comment by Andy Merrett — November 24, 2007 @ 4:47 pm

  26. This is why I don’t mess with cookies. ALL cookies flush each time I quit the browser. See something weird? Cmd-Q and come back again with renewed anonymity.

    Did you know some websites will charge you *more* if you are a repeat customer for a specific product? I’ve had that happen too when Safari changed where they were storing their cookies (you now have to change the cookies folder to read-only rather than locking a cookie file).

    Comment by heavyboots — November 24, 2007 @ 9:32 pm

  27. […] a big ass long thing I was going to post about this on another site, but I’ll leave you with someone else’s words on it and let you figure it out for yourselves. Keep in mind it is more than just Overstock, it is also […]

    Pingback by FaceBook The New Spyware? : Smoke Rings, Coffee Stains — November 24, 2007 @ 11:55 pm

  28. Here it is:
    http://www.facebook.com/group.php?gid=5930262681&ref=nf

    Comment by Coturnix — November 25, 2007 @ 2:02 am

  29. One way to deal with this is to refuse to buy from companies that partner with Facebook in this way and to drop a line to their support desk stating this. It may only take a few such complaints to get them to change their mind about implementing it. But then like most similar protests, it may have no effect at all.

    Comment by Julian Bond — November 25, 2007 @ 4:12 am

  30. […] Ethan Zuckerman: Facebook changes the norms for web purchasing and privacy […]

    Pingback by EU ser kritisk på Facebook - dSeneste — November 25, 2007 @ 11:52 am

  31. […] Zuckerman provides a good example of this. Ethan displays a wonderful rundown of what happens with the new Facebook Beacon Ad program. If you’ve got a Facebook account, try […]

    Pingback by Fresh Vision Media - Blog Archive » Facebook vs. MoveOn.org — November 25, 2007 @ 7:44 pm

  32. […] Facebook changes the norms for web purchasing and privacy […]

    Pingback by Das mit dem Datenschutz | gekow.net — November 25, 2007 @ 9:12 pm

  33. […] Ethan Zuckerman – Facebook changes the norms for web purchasing and privacy […]

    Pingback by » The Social Gene Pool : Whose Data Is It Anyway? Money.Power.Wisdom: Which Do YOU Want? — November 26, 2007 @ 1:51 am

  34. […] μια ιδέα για την κατάσταση: | Calacanis | Doc Searls | Dave Winer | Ethan Zuckerman | Jeff Jarvis | David Wienberger | Wendy Seltzer | Matt […]

    Pingback by Το Facebook, λίγο πριν το κλικ — November 26, 2007 @ 5:51 am

  35. […] move by Facebook to team up with retailers and share information: automatically updating your Facebook profile with purchases you have made. I can see why people […]

    Pingback by Cross-web sharing between applications at Rage on Omnipotent — November 26, 2007 @ 8:21 am

  36. […] dem Titel ‚Beacon‘ betrachtet und vor allem kritisiert. Joshua Porter, David Weinberger und Ethan Zuckerman geben jeweils einen guten Überblick. Selbst moveon.org hat sich inzwischen eingeschaltet. […]

    Pingback by Sammelbecken 27.11.07 at Johannes Kleske - tautoko weblog — November 27, 2007 @ 2:50 am

  37. […] Ethan Zuckerman explains, with screen shots. “Pardon me while I switch all my embarrasing purchasing behavior over to another browser that doesn’t know anything about my social networking sites.” […]

    Pingback by FreewareBB » Blog Archive » Digging into the latest Facebook privacy issue — November 28, 2007 @ 2:13 pm

  38. […] even more interesting, and here are couple of articles that explaining the issue a little better: Facebook changes the norms for web purchasing and privacy Facebook’s Brilliant but Evil […]

    Pingback by Now I Simon › Facebook — November 29, 2007 @ 12:26 am

  39. […] pare di capire, dal post di gone verbose del 24/11 che, da alcuni giorni è così (i tuoi acquisti vengono comunicati alle rete di tuoi conoscenti, e pare non ci sia modo di disinser…, anche se forse adesso ci […]

    Pingback by E se facebook… « oh my marketing! — November 30, 2007 @ 12:57 pm

  40. […] Today someone sent me a blog post that discusses how some e-commerce sites are automatically broadcasting information about your online behavior to the popular social networking site: Facebook: Facebook changes the norms for web purchasing and privacy. […]

    Pingback by Webgrrls Wisdom » Are Companies Sharing Your Purchase Habits With Your Friends? — December 19, 2007 @ 11:34 pm

  41. This happened to me with overstock and facebook. I am so angry about it! I want to cancel my facebook account and I won’t buy from overstock ever again!!!!

    Comment by shh — May 18, 2008 @ 4:44 am

  42. […] a good explanation with screenshots of how it works by Ethan Zuckerman. Read his whole piece, and read David Weinberger’s piece too. […]

    Pingback by Joshua Porter: Facebook’s Brilliant but Evil design « Scientia Potentia Est — June 27, 2008 @ 8:50 pm

  43. […] I just read a recent Ethan Zuckerman post on a similar issue of gradually making objectionable practices seem normal: Facebook in cahoots with merchants, luring […]

    Pingback by think twice » Blog Archive » The things we take for granted (addendum) — August 5, 2008 @ 1:39 pm

  44. […] like to blur, and — perhaps more important — because of its radical and sometimes shady reshaping of privacy norms. I know that not being on Facebook makes me, in a certain sense, invisible — and blind. On […]

    Pingback by wayneandwax.com » E-cologies & High Resolutions — December 31, 2008 @ 12:19 pm

  45. […] caused a huge outcry, reported throughout the traditional media and throughout the blogosphere. This outcry only intensified when MoveOn.org began a petition to make Beacon an opt-in program and […]

    Pingback by the Library Channel » Blog Archive » Big Brother is watching you on Facebook? — February 18, 2009 @ 4:43 pm

  46. […] in November of 2007. Introduced in time for that year’s Christmas shopping season, Beacon used a cookie set on one website (Overstock.com, for example) to display information on Facebook (information that you’d just […]

    Pingback by …My heart’s in Accra » Bye, bye Beacon… and other bad ad ideas — December 8, 2009 @ 4:00 pm

  47. The guys who run FB need to come clean on exactly how intrusive the site can be. I understand they can use some pretty stealthy ways of tracking users when they are not even logged on

    Comment by Nii — January 28, 2010 @ 6:25 pm

  48. […] excellent expos by Ethan Zuckerman on how our presumably private purchases could end up being “boadcasted” on Face Book […]

    Pingback by How your purchases could end up on FB. « myweku.com — January 28, 2010 @ 6:36 pm

  49. […] My hearts in Accra Facebook changes the norms for web purchasing and privacy. Posted on March 21st 2010 in bookmarks […]

    Pingback by Scuba-net.org » Blog Archive » Steve Fraser just purchased… — March 21, 2010 @ 12:44 am

  50. The stories of Facebooks insane abuse of personal information always make me laugh. More so considering the sheer traffic that website has with a minuscule percentage aware of what Facebook is actually doing with all that data.

    The funny thing is, with that kind of traffic they could easily make good money without resorting to this horrible big brother style treatment.

    Comment by How to Hack Facebook — August 8, 2010 @ 2:59 pm

  51. I simply wished to let you understand that your blog doesn’t present up properly on the BB browser, I added it to my bookmarks and have simply checked from the desktop

    Comment by Bluemashi — September 30, 2010 @ 6:05 am

  52. i think facebook will make our life different.
    Guccioli Charm

    Comment by Tammy Edmond — May 8, 2011 @ 11:21 pm

  53. […] Beacon was simply in beta and they were testing out the response of users. As Ethan Zuckerman has pointed out, the response may not be that great and ultimately their new Beacon service could ultimately […]

    Pingback by Facebook Beacon: A Test of Web Users - AllFacebook — April 10, 2012 @ 4:45 pm

  54. […] a good explanation with screenshots of how it works by Ethan Zuckerman. Read his whole piece, and read David Weinberger’s piece […]

    Pingback by Facebook’s Brilliant but Evil design — July 3, 2014 @ 7:58 am

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

Powered by WordPress