Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Google Facebook Privacy Apple

Google Should Be Logging In To Facebook 95

Frequent Slashdot contributor Bennett Haselton writes "Facebook indirectly accused Google of creating dummy accounts to log in and spider information from their site, and Google denied the charge. But if Google wants to help users discover what strangers can find out about them, then spidering Facebook with dummy accounts is exactly what they should be doing." Read on for the rest of his thoughts.

In the dust-up over the revelation that Facebook had paid a PR firm to plant negative stories about Google indexing Facebook's site, one point was often overlooked: the allegation that Google had been creating dummy Facebook accounts, and using them to log in to Facebook and spider information that was only available to Facebook users. This was denied by Google and never proven, but the denial obscures a more important point. Paradoxically, rather than hurting user privacy, it would have helped to protect user privacy in the long run if Google actually had been logging in to Facebook, spidering the information that was available to members, and making that information available in Google search results.

To review the facts not in dispute: When you create a Facebook profile, Facebook by default makes certain categories of information viewable to other users. Most of your personal information (in particular, your contact information) is viewable to other members that you confirm as your Facebook friends. A narrower set of information — usually including your name and your interests, but not including your contact information — is viewable to other Facebook members who are signed in to Facebook, but who are not in your friends list. (Let's call this the "Facebook stranger" version of your profile.) Finally, since 2007 Facebook has made an even smaller subset of information available in a "public search listing," which can be viewed without being logged in to Facebook or even having an account. Facebook explicitly stated that one reason for creating these public search listings was to make the profiles more easily findable by Google.

Now, the op-ed that Burson-Marsteller was trying to plant in the press strongly suggested that Google was using tactics like creating fake Facebook accounts in order to log into Facebook and scrape the "Facebook stranger" version of people's accounts, and not just the public search listings. (For one thing, the op-ed accused Google of likely "violating the Terms of Service" of Facebook. While scraping the public search listing obviously doesn't violate the TOS, creating dummy accounts to log in to Facebook and spider content automatically certainly does — and that's the only thing Google could do on Facebook beyond spidering the public search listing.) Of this allegation, Wired senior writer Steven Levy wrote:

This information is a lot easier to unearth from inside Facebook, but actually logging into Facebook to purloin information would indeed be troublesome. For one thing, it would violate the terms of service agreement. Is Google doing this? One of the Burson operatives implied that it is. But Google says the company does not go inside Facebook to scrape information, and I find this credible. (If Facebook has logs to prove this serious charge, let's see them.)

But why is this such a scurrilous charge anyway?

When you search for a person's name on Google, you might be looking for information about that person, or you might be doing research on what other people in the world can find about that person (particularly if that person is yourself). If a certain fact about you — for example, the members of your Facebook friends list — is viewable to anyone with a Facebook account as long as they're logged in to Facebook, then anybody in the world can obtain that information about you anyway, by getting their own Facebook account. So it's perfectly legitimate for Google to report that as a fact that anyone can find about you, if you Google your own name. You may not like the fact that Facebook exposes that information about you to anyone with a Facebook account, but it's Facebook, not Google, that makes the information available to anyone. If you Google your own name and Google tells you that that some piece of information is available to any Facebook user, Google is doing you a favor.

For that matter, it's not that easy to view your own "stranger Facebook profile" on Facebook, to see for yourself what other users can see about you. You can't just click your own profile while signed in, since that will show you all of your own personal information. You can't sign out and then click your own profile, since that will show you your public search listing (which is shown to non-logged-in users). You would have to, instead, create a second dummy Facebook account (already a violation of Facebook's TOS), which usually requires creating a second email address that you can tie to your second Facebook account, then signing in with your second account and trying to view your "real" one... How many people — even the most privacy-conscious ones who pore over every article about Facebook allegedly exposing their data — have ever tried that experiment? Having the information already spidered by Google would make it much easier.

When would you actually derive some privacy benefit from not having your "Facebook stranger" profile information listed in Google? Really, only if you're being looked up by a particularly lazy stalker who searches your name on Google — but then doesn't even bother signing in to Facebook and searching for your name on Facebook. If they're motivated enough to find you on Facebook and view your "Facebook stranger" profile there, then you've gained nothing by blocking that information from Google.

Notice this argument does not extend to some general principle that webmasters shouldn't be able to tell Google not to index parts of their website. Many websites have specified, using the Robots Exclusion Standard, that they don't want Google indexing certain documents on their site. (The Robots Exclusion Standard allows webmasters to create a file called robots.txt on their website, which tells search engines not to index any files listed in the robots.txt file. It would be technically possible for a search engine to ignore that directive and index the documents anyway, but virtually all search engines do follow it.) In that scenario, even if a document listed in robots.txt contains personal information about someone, there's no argument that "someone could find it anyway by searching, so Google is doing you a favor by listing it," because nobody would be able to find it by searching unless Google lists it. What makes Facebook a special case is that (a) it has its own search function, and (b) more importantly, it's already the place that everybody knows to go looking if they're searching for a person. These two facts mean that people can find you on there without Google's help.

That might sound unfair to Facebook — that simply because they've achieved success, different rules should apply to them, and Google ought to be allowed to violate their TOS by logging in to their system and spidering people's Facebook-stranger information. But it's the only way for Google to display honest answers, if a user comes to Google to ask: What can strangers on the Internet find out about me?

P.S.: I received many useful suggestions in response to a previous article, in which I described an algorithm for crowdsourcing the abuse-complaint-review process on Facebook, and offered a $100 prize split between users who sent in the best criticisms or improvements. So I'm going to do it again in a more free-form approach: I'll offer a $50 prize to be split between readers who email me the best negative comment or counterargument to the argument that I've just made here. Entries have to be submitted by email, although of course you can and should post your thoughts in the comment threads as well. Email bennettSPAMMERS at SUCKpeacefire dot org with "googlebot" in the subject. You can also donate your winnings to a charity of your choice.

This discussion has been archived. No new comments can be posted.

Google Should Be Logging In To Facebook

Comments Filter:
  • And In Other News (Score:5, Insightful)

    by MightyMartian ( 840721 ) on Tuesday June 14, 2011 @11:30AM (#36437666) Journal

    Who the fuck cares...

    • by rwa2 ( 4391 ) *

      Well, it /is/ a refreshing break from Sarah Palin coverage :-P

      So... are there any good programs Facebook users can use to spider their own accounts to make plots of degrees of separation from famous people?

      I'm also kinda interested in seeing some stuff like what ircstats used to generate: http://humdi.net/~vergo/a-radio/ [humdi.net] (example)

      Still waiting for all this "new tech" to catch up to where we where a decade or so ago...

    • by cubicle ( 121759 )

      Everyone should while I neither agree or disagree with this articles points it is about privacy It does show that our privacy right are disappearing, and the worse part is we John q. Public are giving them away to Facebook and others including Google

    • >>>Who the fuck cares...

      I care. I liked the author's suggestion of creating a Dummy Account, just so you can view yourself and see what's visible to strangers. Ideally nothing but your name, but who knows for sure? What exactly is visible to Google, Bing, and other search engines? I'd like to know.

      • >>>Who the fuck cares...

        I care. I liked the author's suggestion of creating a Dummy Account, just so you can view yourself and see what's visible to strangers. Ideally nothing but your name, but who knows for sure? What exactly is visible to Google, Bing, and other search engines? I'd like to know.

        I think the point was that making a Dummy Facebook Account is against the Terms of Use - so you can either risk your account or find out what Facebook is really sharing about you.

        Obvious Solution Is Obvious - Facebook simply needs to supply a simple method for users to see what their "stranger" profile looks like. Tada.

        • But Facebook does the opposite -- it even lies to the users. For example, if someone is blocked, and tries to look up the user who blocked him while logged in, Facebook will pretend that profile does not exist. Log out, and profile of blocking user is clearly visible again.

          I consider this as a serious insult to the user.

        • I think the point was that making a Dummy Facebook Account is against the Terms of Use - so you can either risk your account or find out what Facebook is really sharing about you.

          Well, I think I may need to create a dummy account just so I can violate their terms of service. I might even make it fairly obvious.

          Except for specific instances, I bet if Facebook went through and tried to identify any profiles with invalid information ... they'd likely end up clearing out a vast amount of stuff. What fraction

          • Except for specific instances, I bet if Facebook went through and tried to identify any profiles with invalid information ... they'd likely end up clearing out a vast amount of stuff. What fraction of Facebook information is real?

            For persons with the same name as me, there's not much real on Facebook. I made several accounts with my (somewhat unusual) name, all with throwaway email addresses and not much other information. This was to protect me against potential character smearing by someone creating a defamatory profile with my name. Now I can point out that there are dozens of "Ibrahim Chong O'Dwyer-Nguru" [not exactly my real name] profiles on FB, so if one of them is scurrilous, its content is unlikely to damage me.

            I expect a

          • Facebook probably secretly loves all those dummy/fake/unused/abandoned accounts. It increases the numbers. If say half the accounts is not used for whatever reason (a number that wouldn't surprise me), they would suddenly look a lot smaller. Still big, but not that big. And it'd have an impact on the company's market value.

        • I think the point was that making a Dummy Facebook Account is against the Terms of Use - so you can either risk your account or find out what Facebook is really sharing about you.

          It may be against the Terms of Service, but really, so what? How would Facebook's admin even know that you have a second account if they have completely different information?

          The only way anyone would find out is if you yourself go blabbing everywhere that, "Hey! Check this out! I'm on Facebook as both dejathoris@helium.net and tarstarkas@thark.net and they are none the wiser. Hee hee. Isn't that cool?"

          If you just keep quiet and don't have the two accounts interact, then everyone else will still think

        • I haven't revisited the signup TOS trends across the net in a while. I think there is another angle here on why creating spinoff accounts would be against TOS at all. After all, we have different email addresses and they keep trying to equate Facebook to All Thing InterTubez.

          By this point I have a modest little net brand built under this handle. I found the other day that a different fellow seems to have borrowed it for FaceBook and Twitter and possibly Youtube. What effect does that have on the "dummy" acc

      • i thought i saw a facebook option that is something like 'view your profile from X's view'. isnt this kind of the same thing?
      • by caluml ( 551744 )

        I care. I liked the author's suggestion of creating a Dummy Account, just so you can view yourself and see what's visible to strangers. Ideally nothing but your name, but who knows for sure? What exactly is visible to Google, Bing, and other search engines? I'd like to know.

        Why not let some strangers know your ID? And let them tell you? Maybe on some sort of forum. Such as Slashdot...?

        Slashdot: The place where strangers exchange Facebook accounts to "nmap" their Facebook details.

    • How is this insightful?
    • I think the approximately 1/12th of the world's population using Facebook might be interested.

    • by Fri13 ( 963421 )

      Did you even read the whole article?

  • Can't you just look at your Facebook settings to see what information is available to other people who are logged in to Facebook?

    • Yes. You can even preview your profile through the eyes of a non-friend or any one of your friends (though not friends of friends or people in your network, who might see more info than a total stranger). Most people won't know about this, due to Facebook's Byzantine privacy settings. But those people probably won't Google it either.
    • Yes.

      Privacy > Customise Settings > Preview my Profile [facebook.com].

      By default it shows what "most people" (i.e. strangers) see. You can then customise it for individual friends on your list.

    • by Shimmer ( 3036 )

      > Can't you just look at your Facebook settings to see
      > what information is available to other people who are
      > logged in to Facebook?

      Yes, if you trust Facebook to show you *exactly* what other people see. Personally, I would prefer a 3rd party to do this.

  • by InsaneMosquito ( 1067380 ) on Tuesday June 14, 2011 @11:36AM (#36437772)
    Using this logic, Google should be given an account to every forum, every blog, every tube site, every system with a login so that users can see if they are talked about some where on the internet. Sounds like a stupid idea. Why should they be able to log into Facebook when they can't log into that small little web forum?
    • by delinear ( 991444 ) on Tuesday June 14, 2011 @12:00PM (#36438148)
      I guess because that small little forum is sharing your information with 12 other people and Facebook is sharing it with 600 million other people. The consequences of giving out more information than you intended are clearly much greater with the latter, although I don't know why this is supposed to be Google's responsibility rather than the individual user's.
    • by recoiledsnake ( 879048 ) on Tuesday June 14, 2011 @12:47PM (#36438752)

      Many of the types of sites you just mentioned allow the Google bot in without logging in, to drive hits.

    • I think the key to preventing people from seeing too much of your information on Facebook, is not to provide that information in the first place. Problem solved.

      My two cents, keep the change.
    • Most of those forums require you to log in to be allowed to post. They generally do not give access to more personal information about users than what they give to a general visitor.

      Facebook gives you access to more information about total strangers when you log in, compared to a visitor who is not logged in at all. That's the big difference. If Facebook would present the exact same information to a general visitor as to a logged in visitor without any connection to you, this whole article would have been

  • After all, many of them are just fake accounts to help generate credits for facebook games.

    And then you have to add the multiple shill accounts that companies like my former employer, starmedia [starmedia.ca] created and used in what must be one of the lamer attempts to create "buzz".

    Throw in the bot accounts, that you can get to "follow you" for under a penny a piece in bulk (search for "buy facebook fans" - another of their scummy practices that I had to laugh at)

    Last, we have the "real dummy" accounts - you know, the ones that are used to post all sorts of inanities, and the reason why most facebook posts are never seen by human eyes.

  • by bluefoxlucid ( 723572 ) on Tuesday June 14, 2011 @11:45AM (#36437924) Homepage Journal

    In that scenario, even if a document listed in robots.txt contains personal information about someone, there's no argument that "someone could find it anyway by searching, so Google is doing you a favor by listing it," because nobody would be able to find it by searching unless Google lists it.

    Which is why you download robots.txt when you want to hack a site. Oh, look, this file contains the root password? ssh ... oh that worked. :D Yes this has happened a lot.

  • But I am. Have been for months.
    It's fun and easy kicks for the whole family, and it sure beats going through the trouble of doing things properly.

  • You probably could do this using wget an a script. Create a c script or a bash script. login into the account and spider passing the information through a grep pipe. You could probably mine a lot of data this way. I am not doing it or encouraging other to do this. I am concerned that information is this available and that it would be so easy to acquire. My advice if post only what you would say in a public auditorium. The fact a dumb ass like me can think this up means lots of people can and probably are da

  • But if Google wants to help users discover what strangers can find out about them, then spidering Facebook with dummy accounts is exactly what they should be doing.

    I may commit a crime and hurt people. So if government wants to prevent harm from my possibly criminal, future actions, then monitoring and controlling my actions and thoughts is exactly what they should be doing.

    • by Anonymous Coward

      If only making a bad analogy was considered a crime.

    • Good point! But at least people aren't stupid enough to enter every detail of their life into a massive database that could describe the network of people that you associate with, along with photos of you and said people. Or couple such information to their portable GPS enabled electronic devices that can be remotely enabled and tracked at any point in time. That would just be stupid! Who would do that! BTW whats your facebook name I'll hit you up from my phones facebook app!
  • Logical fallacy (Score:5, Insightful)

    by fusiongyro ( 55524 ) <faxfreemosquito@yaho[ ]om ['o.c' in gap]> on Tuesday June 14, 2011 @12:12PM (#36438300) Homepage

    If a certain fact about you — for example, the members of your Facebook friends list — is viewable to anyone with a Facebook account as long as they're logged in to Facebook, then anybody in the world can obtain that information about you anyway, by getting their own Facebook account. So it's perfectly legitimate for Google to report that as a fact that anyone can find about you, if you Google your own name.

    There's a jump here: that just because anyone with a Facebook account can find this fact about you, this justifies anyone at all finding you on Facebook just because they're using Google.

    I see two ways to support this notion. The first is that Google has a right to presume that you have your own Facebook account, or are willing to get one to view a search result. The second is that information that is available to anybody with an account on a site ought to be considered public. In other words, either there is something special about Facebook, or there is no difference between restricting something to a huge group that it is easy to join and not restricting it at all.

    While I agree with the author that it could help expose Facebook's failure to protect users' privacy, I don't think I feel strongly enough about that to grant either form of the supposition that public in Facebook is equivalent to public. Facebook is not a public utility. I deleted my account, as can anyone else (provided you follow their rather arcane instructions). And I don't want Google to have some kind of "information imminent domain" right that makes it OK for them to anonymously spider sites that require login from everyone else. Google is also not a public utility.

    The solution to Facebook sucking should not be granting unnecessary power to Google.

    • There's a jump here: that just because anyone with a Facebook account can find this fact about you, this justifies anyone at all finding you on Facebook just because they're using Google.

      Just because you have a browser and CAN find any pages publicly viewable as long as you know where their URLs, doesn't justify Google presenting them in your search results in a convenient way.

      See the jump here?

    • by he-sk ( 103163 )

      I don't think I feel strongly enough about that to grant either form of the supposition that public in Facebook is equivalent to public. Facebook is not a public utility. I deleted my account, as can anyone else (provided you follow their rather arcane instructions). And I don't want Google to have some kind of "information imminent domain" right that makes it OK for them to anonymously spider sites that require login from everyone else. Google is also not a public utility.

      I feel differently, once it's on Facebook, it's essentially in the public record. My reasoning is that deleting your account only stops someone from scraping your (previously available) information in the future. Before you deleted your account anyone could have accessed your data, thus you have already lost control over it.

      One might make the distinction between information viewable to "Facebook strangers", i.e. the public part of Facebook, and information shared with your friends. The problem with that

      • by tlhIngan ( 30335 )

        One might make the distinction between information viewable to "Facebook strangers", i.e. the public part of Facebook, and information shared with your friends. The problem with that argument is that Facebook in the past has on its own accord changed the distinction between the public and private parts of Facebook. More and more data has become publicly viewable, leading me to the conclusion that Facebook wants that information public. But they also want to restrict accessibility. That's a contradiction, it

    • While you do need an account, there are no restrictions on who can have one, making it still essentially public information. There's only about a 2 minute inconvenience of account creation to gain access to the site.
      • While you do need an account, there are no restrictions on who can have one,

        There is. Sock puppets aren't allowed by the T&C's. That doesn't mean it's easily enforceable, but the restrictions are there. Moreover, not being easily enforceable against all transgressors in the world is one thing, it may well be easily enforeable against a single transgressor (ie Google in this case).

  • by bogaboga ( 793279 ) on Tuesday June 14, 2011 @12:14PM (#36438312)

    I mean...They (Google), should be focussing on marketing their services in authentication using OAuth [oauth.net].

    As it stands now, what I see are more and more websites asking potential contributors to use Facebook, Yahoo, AOL or Hotmail. As for Google, it's no where to be seen!

    One wonders whether Google is just a sleeping giant or whether these sites are engaged in a conspiracy to sideline Google.

  • [...] if Google wants to help users discover what strangers can find out about them [...]

    IF that's what Google wants to do, sure. But why on Earth would Google want to do that?

  • It's impressive how annoyingly hard it is to find older information someone on your friend list can be to find.
    Imagine "site:facebook.com weiner joke" returning results from your friend stream from facebook, assuming you login to facebook using the same account you login to google with.

  • Comment removed based on user account deletion
    • What about not Google, but Bing? And what about not Facebook, but any other site where you need to login to see content like a bank?

      What bank are you using that allows you to see personal information of OTHER account holders (not yourself) after you log in?

  • When you search for a person's name on Google, you might be looking for information about that person, or you might be doing research on what other people in the world can find about that person (particularly if that person is yourself). If a certain fact about you — for example, the members of your Facebook friends list — is viewable to anyone with a Facebook account as long as they're logged in to Facebook, then anybody in the world can obtain that information about you anyway, by getting thei

  • Facebook is just confused, because so many google employees have no friends :(
  • by GameboyRMH ( 1153867 ) <gameboyrmh.gmail@com> on Tuesday June 14, 2011 @01:43PM (#36439538) Journal

    Google should not be spidering private Facebook information. Now I'd love nothing more than to shock Facebooktards with a summary of how much info they're spilling, but my reason for disagreeing has nothing to do with that.

    Private Facebook data shouldn't be indexed for the same reason info behind a paywall shouldn't be indexed. Because it's information that the organization doesn't want to make available to non-members. And on the Internet, the price of exclusivity should be obscurity. It would just be false advertising (benefiting only the content provider) and a disservice to searchers otherwise, like showing a paywalled news article in a search result.

    Also the price for presenting useless information should also be obscurity. A facebook teaser page that says "look, we found the person you're looking for! Just sign up to get access!" is useless info, and like the various content farming sites, should likewise be relegated to the later pages of search results with the other low-relevance junk.

  • Facebook's response was to ask Google users for their passwords in order to scrape e-mail contacts in violation of Google's TOS. Oh wait.

  • Google has a "Page" on Facebook, so presumably they have some "dummy" account that whoever manages that page logs into to use. They probably just left that session open on a spiderbot server on "accident" and ended up spidering Facebook with a "dummy" account!
  • Paradoxically, rather than hurting user privacy, it would have helped to protect user privacy in the long run if Google actually had been logging in to Facebook, spidering the information that was available to members, and making that information available in Google search results.

    I wouldn't have to lock my door if you and others like you would stop breaking in then telling me I should lock it.

  • What could this potentially do to search results? I don't want dozens of hits from random Facebook walls popping up in search results, just because there was a post about something I'm searching for.
  • Since Facebook will give an account to anybody, there is no privacy difference for the user between "everybody with a Facebook account" and "everyone with or without a Facebook account" However, for Facebook itself there is a difference. If they allow Google to spider and publish "public" data then Facebook loses their exclusive right to profit from user supplied data. Facebook has an economic interest in making as much data as possible public but not accessible to Google.

  • You shouldn't blame Google for the large numbers of fake FB accounts - it's mostly the FBI and people like myself who are doing oppo research on campaigns that do this.

    FB needs to wake up and realize very few FB people are real.

  • if Google wants to help users discover what strangers can find out about them

    Why would google want to do this? They're a search / advertising company - making people nervous about privacy issues helps neither

  • Seriously.

    Has anyone actually asked for Google to search their friend's facebook updates?

    When I am looking for information on Google, the ABSOLUTE LAST THING I want it to return is a bunch more blog spam crap about useless regurgitated information, or requests to buy corn for their farm.

    I don't get this whole "social search" trend going on. Am I the only one who really does not give a crap what my Facebook or Twitter friends are looking at? If I wanted to look at it, I would have clicked it when it showed u

  • The main philosophical problem I have with this kind of argument is that Google is being treated as a human being. The argument goes, any human being could do such and such, therefore Google should be allowed to do it too.

    Well, I disagree. Google isn't a human being, it's a rich collective whose sole purpose for existence is profit. It's a tool of its shareholders. Does it make sense to afford the rights and privileges of a human being to a tool? Should cars be allowed to vote in presidential elections? N

  • If you are editing your Facebook privacy settings, there is a button to "Preview My Profile", which will show "how your profile looks to most people on Facebook".

    You can also see how it looks to a particular person.

  • Has anyone ever gone to the privacy settings tab and used the "what my profile looks like to X" feature? The author of this piece as well as everyone here should do that. No need to violate TOS etc etc etc. Just go to that page and it shows how your profile is visible to Friends of Friends, etc. You can even type in the name of a person and see how it looks like to them.

"Inquiry is fatal to certainty." -- Will Durant

Working...