Facebook admits it does track non-users, for their own good
Oh that snitch-code? It's just a little thing to make the web more convenient ... for Facebook and its advertisers
Facebook's apology-and-explanation machine grinds on, with The Social Network™ posting detail on one of its most controversial activities – how it tracks people who don't use Facebook.
It's no real surprise that someone using their Facebook Login to sign in to other sites is tracked, but the post by product management director David Baser goes into (a little) detail on other tracking activities – some of which have been known to the outside world for some time, occasionally denied by Facebook, and apparently mysteries only to Zuck.
When non-Facebook sites add a “Like” button (a social plugin, in Baser's terminology), visitors to those sites are tracked: Facebook gets their IP address, browser and OS fingerprint, and visited site.
If that sounds a bit like the
datr cookie dating from 2011, you wouldn't be far wrong.
Facebook denied non-user tracking until 2015, at which time it emphasised that it was only gathering non-users' interactions with Facebook users. That explanation didn't satisfy everyone, which was why The Social Network™ was told to quit tracking Belgians who haven't signed on earlier this year.
Baser gave a pinky-promise that this kind of non-user tracking is all about functionality: “knowing your IP address allows us to send the Like button to your browser and helps us show it in your language. Cookies and device identifiers help us determine whether you’re logged in, which makes it easier to share content or use Facebook to log into another app.”
Then there's the tracking that advertisers perform on behalf of the news-groomer: “An advertiser can choose to add the Facebook Pixel, some computer code, to their site. This allows us to give advertisers stats about how many people are responding to their ads — even if they saw the ad on a different device — without us sharing anyone’s personal information.”
In other words, it's data-gathering for advertisers, rather than for Facebook: an advertiser who plants the Facebook Pixel on their site gets an easy way to identify someone who bought something, so they can “reach this customer again by using a Custom Audience.”
Have you ever wondered why advertisers think you're a perpetual customer for a product you just bought? Wonder no more (we're aware that the Tweet below relates to Amazon, but you get the picture).
Dear Amazon, I bought a toilet seat because I needed one. Necessity, not desire. I do not collect them. I am not a toilet seat addict. No matter how temptingly you email me, I'm not going to think, oh go on then, just one more toilet seat, I'll treat myself.— Jac Rayner (@GirlFromBlupo) April 6, 2018
Facebook Analytics and Facebook Audience Network are the other key items in today's mea non culpa.
Facebook Analytics, the post said, “gives websites and apps data about how they are used”, with IP addresses offering geolocation, browser/OS fingerprints (developer information, promise!), and cookies dishing up “aggregated demographic information” about site visitors or app users.
The Facebook Audience Network links non-Facebook sites and apps to Facebook advertisers, and honestly, The Social Network™ only needs all that data it gathers for technical reasons like making sure the ads display correctly (fingerprints again), to encourage victims visitors to sign up to Facebook, and to hammer people with ads for similar products to the advertiser they viewed/clicked on.
If you don't like all this, it's your fault: you didn't use Facebook's preference menus (until recently hidden as if it were “in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying 'Beware of the Leopard'”) to manage your news and advertising management.
Neither of which, of course, will be as effective as just blocking Facebook's cookies. ®
Sponsored: Becoming a Pragmatic Security Leader