Ethan Zuckerman’s online home, since 2003

Facebook changes the norms for web purchasing and privacy

If you’ve got a Facebook account, try this experiment: Go to overstock.com and buy something. (I recommend Kwame Appiah’s “Cosmopolitanism” if you’re really stuck for something to purchase.) As you complete the purchase, a window appears in the bottom right of your browser window, announcing “Overstock.com is sending this to your Facebook profile”.

Okay, let the window disappear – on my browser, it takes only about ten seconds for it to disappear. Now log into Facebook. You’ve got a new item in your mini-feed, the message “Overstock.com is sending a story to your profile.”

There’s a check-off box to allow you to hide this message in the future – i.e., let Facebook post this “story” without warning to you – to turn it off, it requires you to click “See More”, then “Edit Settings”, then tell Facebook that you don’t want Overstock.com to post stories to your profile.

There’s no global opt-out – no ability to tell Facebook, “Please stop posting my purchase behavior from any third-party sites to my feed.” You’ve got to opt out from each new partner you encounter, either by clicking on the window on the purchase site, or by turning off this “feature” for each partner on Facebook.

I had two reactions when I saw a demo of this feature on Tuesday. One was “Well, that looks like a good reason to get off Facebook.” And the other, hearkening back to my days as the creator of ad-driven user-created-content websites, was “Hot damn, someone finally did it.” Because, of course, this is the sort of information that ad targeting companies would kill for.

For me, the overwhelming feeling was one of uneasiness – in my head, at least, this isn’t how the web works. When you’re doing business with a website, your interactions have consequences only on that site, not on a completely unrelated website, right? Of course, that’s not true – it hasn’t been for a while. HTTP supports the ability to load items from multiple sites on the same webpage – you’re loading this page from ethanzuckerman.com, but the badge of flickr.com pictures in the sidebar is loading from flickr.com. It’s pretty common on content websites to accept ad banners loaded from a third party, and cookies set in your browser that can be used to track your browsing behavior between different sites. (Here’s a useful tool that allows you to detect ad-tracking cookies installed on your browser and opt out of those networks.)

So why is this alliance between Overstock and Facebook any different? Well, technically, it does something that’s unfamiliar and uncomfortable for people who’ve written web programs that use cookies. A cookie is supposed to be a secret string of information written by one website to your browser and accessible only to that website. You shouldn’t be able to write a script that asks for information in a cookie set by another server. (There’s a form of cross-site scripting attack called “cookie theft” designed to do exactly this.) It looks like Overstock is somehow accessing your profile information on Facebook, which it shouldn’t be able to do.

Of course, what’s actually happening is that when you load Overstock’s “transaction complete” page, you’re also loading something from Facebook, likely an invisible image, and a script, which allows Facebook to access your Facebook.com cookie, which containts account information. Because Facebook and Overstock are cooperating in building a joint webpage, they can do something that seems… unheimlich… to those of us who’ve been playing on the web for the last dozen years.

My colleague David Weinberger has an excellent piece in the Huffington Post where he argues that Facebook is breaking social defaults on how privacy works with this new feature. “Our expectation is that our transactions at one site are neither to be made known to other sites nor made known to our friends. We may well want to let our friends know what we’ve bought, but the norm and expectation is that we will not,” he argues. This is especially important, because Facebook is huge and powerful – Facebook may change the social default on this topic, and it may become the norm to advertise your purchasing behavior to your social network of choice.

The web’s a lot more complicated than it used to be. My instinctive response to this new behavior was to turn off cookies in my browser. Of course, that also means turning off Facebook, which won’t let you log in with cookies turned off. The proper technical response may be some new sort of security alert in Firefox: “The site you’re visiting wants to send information to another site – do you want to allow this to happen?” Of course, as the wonderful Mac “security” ad points out, most of us just want to ignore these warnings. The truth is, if Facebook users don’t rebel against these new kinds of features, they’ll simply become the new default for interactions between commerce sites and social networks.

Pardon me while I switch all my embarrasing purchasing behavior over to another browser that doesn’t know anything about my social networking sites.


My colleague Wendy Seltzer has some useful thoughts on this new feature as well.

23 Responses to “Facebook changes the norms for web purchasing and privacy”

  1. ismael says:

    OMG…

    (great post, indeed)

  2. matt says:

    Is there a Facebook group yet for protesting this?

  3. Kyle says:

    Requiring cookies to sign in is the thing that gets me. Wow. Enforcing the Facebook cookie in order to use the service. They are really walking the line and in this case they are definitely crossing some.

  4. Jack says:

    It seems the only difference between this and a cross-site scripting attack is that my privacy is now violated by corporations rather than by random-hacker.

  5. Ethan says:

    Matt, I’ve seen a couple of Facebook protests regarding the new contextual advertising services on Facebook, but nothing specific about cookie-sharing between Facebook and Overstock (and, we suspect, more sites in the near future…) Sounds like a good opportunity to start one up – invite me if you do.

    Jack, I think you’re on the right track there, but I think the difference is that the script isn’t injected using a XSS bug but is a choice by the cooperating companies who believe, on some level, that they’re providing a service for their users. And some of their users may well see it that way…

  6. While it isn’t as nice as a global opt-out, you can at least say no thinks on the little pop-up to opt out of it without ever having to go to Facebook to do so.

    I think it’s really a secret plot to make people stop buying embarrassing items. Imagine the hilarity that could ensue if they partnered with an online adult store.

  7. Natalie Glance says:

    The thing to keep in mind is that some people are going to love this feature. Do you think it’s possible to do this correctly, in a way that makes it possible to preserve privacy in a way that you’re comfortable with. Let’s keep in mind that initially many people were very uncomfortable with per-site cookies and now we’re all used to that. If Facebook’s mechanism were always opt-in instead of opt-out would that be sufficient to make enough people feel comfortable?

  8. Ethan says:

    It’s a great point, Natalie. I think a lot of people are going to enjoy the feature. It made me very uncomfortable, but I’m totally open to the idea that I’m likely to be in the minority. Making it entirely opt-in would satisfy a lot of my concerns – I can imagine voluntarily finding ways to sync my iTunes with Facebook so people can see what music I’ve recently added to my library, for instance. But it strikes me as very, very easy to miss what’s going on with this feature and simply ignore your way into the loss of privacy…

  9. I think this one may go the way of the mini-feed. A minor protest then it will be accepted.

  10. Ken Thomas says:

    Ethan,

    Would you see this differently if this were not implemented via cookies– which would be fairly trivial via IP/time log or another mechanism? Or would it be worse to have these companies tracking us by data exchanges… which they already are, of course?

    What if I purchase a server slot at Qwest’s SLC facility and record IP address and unencrypted traffic for Overstock, correlate with Facebook and other sites, — which essentially will give me very close to your purchase history, and more– and sell the data? Being done…

    Also, how about the likely, and likely essentially undisclosed, use of personal survey/preference/demographic data from AskVille by Amazon…?

    Alexa ? Google?

    This is why I would never have a FaceBook account…

  11. pnj says:

    A Facebook group against is a little absurd. If you think this is an invasion of privacy, just quit Facebook! That’s what I did. But I wasn’t that enchanted with it to begin with.

    Unfortunately most people are lazy, and I think Ethan is right that this may become the new norm. But it sounds pretty terrible.

    Imagine the outcry if Amazon was selling your purchase history to Google, and Google was selling the keywords from your GMail account to Amazon.

    I wonder if the deluge of product promos from people who aren’t really your friends will drive people away from the service.

    Thanks Ethan, for the clear breakdown of how the new ad system works.

  12. John Smith says:

    Thanks for the eye-opening info. I tried to delete my facebook account but I couldn’t quite do it. I hope we will get rid of these criminals.

  13. Nick P says:

    Surely this can’t be by cookie alone? If that was the case what about shared computers? I might end up buying something but it would send that information to the facebook profile of another user of the PC.

    Surely this must be a combination of cookie AND email address – i.e. the third party site uses the email address you logged in/registered with, in combination with the cookie.

    If this is the case, couldn’t you just use different email addresses to unfox this?

  14. kalley says:

    All I know is that this sucks I ordered all my Christmas gifts and the next thing I know everyone knows what they are getting. I cancled the entire order with Overstock and will no longer order from them.

  15. Andy Merrett says:

    PNJ: So are you saying that every time a service that you like does something you don’t like, you should just quit instead of trying to do something about it?

    I think you’ve hit your personal nail on the head — you don’t particularly like Facebook.

    For those of us who do like Facebook, but would prefer that these things don’t get added as standard, default behaviour, there seems nothing wrong in trying to do something about it.

    There’s an irony in starting a Facebook group about it, I agree.

    I *really* hope the “most people are lazy” comment isn’t levelled at those of us who have found a social network on which a lot of our friends and colleagues reside, and don’t want to leave.

    Yes, I could find another network and encourage all my contacts to come with me, and perhaps we wouldn’t be “lazy” then (though we could be accused of poor use of time, when there are so many more important things to do). But why should I? And who’s to say that the new network won’t violate privacy at some point in the future? Or that, some other service, online or offline, won’t (for those that simply say “don’t use social networking services”)

  16. heavyboots says:

    This is why I don’t mess with cookies. ALL cookies flush each time I quit the browser. See something weird? Cmd-Q and come back again with renewed anonymity.

    Did you know some websites will charge you *more* if you are a repeat customer for a specific product? I’ve had that happen too when Safari changed where they were storing their cookies (you now have to change the cookies folder to read-only rather than locking a cookie file).

  17. Julian Bond says:

    One way to deal with this is to refuse to buy from companies that partner with Facebook in this way and to drop a line to their support desk stating this. It may only take a few such complaints to get them to change their mind about implementing it. But then like most similar protests, it may have no effect at all.

  18. shh says:

    This happened to me with overstock and facebook. I am so angry about it! I want to cancel my facebook account and I won’t buy from overstock ever again!!!!

  19. Nii says:

    The guys who run FB need to come clean on exactly how intrusive the site can be. I understand they can use some pretty stealthy ways of tracking users when they are not even logged on

  20. The stories of Facebooks insane abuse of personal information always make me laugh. More so considering the sheer traffic that website has with a minuscule percentage aware of what Facebook is actually doing with all that data.

    The funny thing is, with that kind of traffic they could easily make good money without resorting to this horrible big brother style treatment.

  21. Bluemashi says:

    I simply wished to let you understand that your blog doesn’t present up properly on the BB browser, I added it to my bookmarks and have simply checked from the desktop

  22. Tammy Edmond says:

    i think facebook will make our life different.
    -Guccioli Charm

Trackbacks/Pingbacks

  1. Wendy’s Blog: Legal Tags » Facebook: Privacy versus cross-context aggregation - [...] Ethan Zuckerman gives detail on the sequence and some privacy thoughts of his [...]
  2. contentious.com - links for 2007-11-15 - [...] …My heart’s in Accra » Facebook changes the norms for web purchasing and privacy “There’s no global opt-out to …
  3. rexblog.com: Rex Hammock’s weblog » Blog Archive » links for 2007-11-16 - [...] Facebook changes the norms for web purchasing and privacy | Ethan Zuckerman Quote - If Facebook users don’t …
  4. Changing the norms for web purchasing & privacy « Project Kali - [...] Changing the norms for web purchasing & privacy November 16, 2007 Filed under: Uncategorized — quangtran @ 6:46 am …
  5. Facebook Beacon: A Test of Web Users - The Unofficial Facebook Blog - [...] Beacon was simply in beta and they were testing out the response of users. As Ethan Zuckerman has pointed …
  6. Facebook discloses its users to 3rd party web sites » alexander kirk » Blog Archive - [...] gist is this: when you buy something at a participating web site (Ethan Zuckerberg shows how it is done …
  7. Linkit 16.11.2007. at Ilja Suvanto - [...] Facebook changes the norms for web purchasing and privacy - …My heart’s in Accra Ethan Zuckerman havaitsi Facebookin ja …
  8. Adam Crowe - links for 2007-11-17 - [...] My heart’s in Accra - Facebook changes the norms for web purchasing and privacy “There’s no global opt-out - …
  9. Rants, Raves, and Rhetoric v4 » Blog Archive » links for 2007-11-17 - [...] Facebook changes the norms for web purchasing and privacy Alliances with shopping web sites can allow Facebook friends to …
  10. Scripting News for 11/24/2007 « Scripting News Annex - [...] Ethan Zuckerman explains, with screen shots. [...]
  11. FaceBook The New Spyware? : Smoke Rings, Coffee Stains - [...] a big ass long thing I was going to post about this on another site, but I’ll leave you …
  12. EU ser kritisk på Facebook - dSeneste - [...] Ethan Zuckerman: Facebook changes the norms for web purchasing and privacy [...]
  13. Fresh Vision Media - Blog Archive » Facebook vs. MoveOn.org - [...] Zuckerman provides a good example of this. Ethan displays a wonderful rundown of what happens with the new Facebook …
  14. Das mit dem Datenschutz | gekow.net - [...] Facebook changes the norms for web purchasing and privacy [...]
  15. » The Social Gene Pool : Whose Data Is It Anyway? Money.Power.Wisdom: Which Do YOU Want? - [...] Ethan Zuckerman - Facebook changes the norms for web purchasing and privacy [...]
  16. Το Facebook, λίγο πριν το κλικ - [...] μια ιδέα για την κατάσταση: | Calacanis | Doc Searls | Dave Winer | Ethan Zuckerman | Jeff Jarvis …
  17. Cross-web sharing between applications at Rage on Omnipotent - [...] move by Facebook to team up with retailers and share information: automatically updating your Facebook profile with purchases you …
  18. Sammelbecken 27.11.07 at Johannes Kleske - tautoko weblog - [...] dem Titel ‚Beacon‘ betrachtet und vor allem kritisiert. Joshua Porter, David Weinberger und Ethan Zuckerman geben jeweils einen guten …
  19. FreewareBB » Blog Archive » Digging into the latest Facebook privacy issue - [...] Ethan Zuckerman explains, with screen shots. “Pardon me while I switch all my embarrasing purchasing behavior over to another …
  20. Now I Simon › Facebook - [...] even more interesting, and here are couple of articles that explaining the issue a little better: Facebook changes the …
  21. E se facebook… « oh my marketing! - [...] pare di capire, dal post di gone verbose del 24/11 che, da alcuni giorni è così (i tuoi acquisti …
  22. Webgrrls Wisdom » Are Companies Sharing Your Purchase Habits With Your Friends? - [...] Today someone sent me a blog post that discusses how some e-commerce sites are automatically broadcasting information about your …
  23. Joshua Porter: Facebook’s Brilliant but Evil design « Scientia Potentia Est - [...] a good explanation with screenshots of how it works by Ethan Zuckerman. Read his whole piece, and read David …
  24. think twice » Blog Archive » The things we take for granted (addendum) - [...] I just read a recent Ethan Zuckerman post on a similar issue of gradually making objectionable practices seem normal: …
  25. wayneandwax.com » E-cologies & High Resolutions - [...] like to blur, and — perhaps more important — because of its radical and sometimes shady reshaping of privacy …
  26. the Library Channel » Blog Archive » Big Brother is watching you on Facebook? - [...] caused a huge outcry, reported throughout the traditional media and throughout the blogosphere. This outcry only intensified when MoveOn.org …
  27. …My heart’s in Accra » Bye, bye Beacon… and other bad ad ideas - [...] in November of 2007. Introduced in time for that year’s Christmas shopping season, Beacon used a cookie set on …
  28. How your purchases could end up on FB. « myweku.com - [...] excellent expos by Ethan Zuckerman on how our presumably private purchases could end up being “boadcasted” on Face Book …
  29. Scuba-net.org » Blog Archive » Steve Fraser just purchased… - [...] My hearts in Accra Facebook changes the norms for web purchasing and privacy. Posted on March 21st …
  30. Facebook Beacon: A Test of Web Users - AllFacebook - [...] Beacon was simply in beta and they were testing out the response of users. As Ethan Zuckerman has pointed …
  31. Facebook’s Brilliant but Evil design - […] a good explanation with screenshots of how it works by Ethan Zuckerman. Read his whole piece, and read David …

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

 

Powered by WordPress | Designed by Elegant Themes