Report: Facebook Tracks Visitors Who Have Opted Out, Violating EU Law 40
itwbennett writes: In a technical analysis (PDF) of Facebook's tracking practices, researchers found that Facebook tracks everyone who visits its site, including people who don't have an account, and even continues to track users and non-users who have opted out of targeted ads. The problem with these practices is that the cookies are placed without consent, which under EU law is only allowed if there is a strict necessity to do so.
Facebook disputes the report: "We have explained in detail the inaccuracies in the earlier draft report (after it was published) directly to the Belgian DPA, who we understand commissioned it, and have offered to meet with them to explain why it is incorrect, but they have declined to meet or engage with us."
Standard Operating Procedure (Score:5, Informative)
It's also why it's important to use something like Ghostery, to block the methods they're using to track people. Bottom line, if you don't see the Facebook "like" button load, you've got them blocked.
Re: (Score:2)
Even more important to provide lots of consistent but false information.
Wasn't there some kids that came up with a way to do that automatically?
Facebook can be useful if you have this problem: (Score:3)
How to avoid the abusers:
Adblock Edge [mozilla.org]
NoScript [mozilla.org]
Ghostery [mozilla.org]
Better Privacy [mozilla.org]
Cookies Manager Plus [mozilla.org] (Does not delete one particular Google cookie.)
Facebook gets a list of all websites visited. (Score:3)
Facebook Blocker [mozilla.org]
Re: (Score:2)
How can one claim to "not use Facebook" while visiting Facebook pages?
Re: (Score:1)
Every page, that has facebook like button is "visiting facebook pages". They load scripts from facebook and BAM! you are under surveilance.
Re: (Score:2)
Even if you don't use Facebook, they've built a 'shadow' profile on you using information they've gotten from your friends and family. They're certainly not the only one that does so, but they're one of the most pervasive (at least in my opinion).
No need for opinion, you are 100 percent correct. Just go to a popular website with noscript turned all on, see the blocked scripts. See who they are from - do a whois or better google the name. Enable them temporarily. Usually then a new bunch of scripts are blocked, check them out, I've seen 5 or more levels of scripts on single pages. It was a while back, but I think I've found a few pages that end up running 30 or more scripts on you.
Some of the scripts are benign, like fonting scripts to aid in the
the road goes on forever (Score:2)
Here in America (Score:3)
Re: (Score:2, Insightful)
Long since underground. Which is where we needed her decades ago.
Re: (Score:2)
Where's Thatcher when you need her...
In the deepest recesses of hell, enjoying a menage a trois with Ronald Reagan, and Nancy.
And if you're not good, you'll be sent to hell to watch.
they also.... (Score:4, Informative)
they also track everybody that visits a 3rd party site with facebook code (like button, shared login, etc) on it.. and they're tracking everybody playing a game that hooks into facebook api's.. even if that game isn't actually hosted on facebook and the player isn't signed in through it.
Call me a cynic (Score:3)
But I would trust independent researchers over facebook any day, and especially when it comes to issues concerning possibly bad behavior by facebook.
Re: (Score:2)
Government agents looking to score a big payout are not exactly independent now, are they?
How Is it Not Strictly Necessary? (Score:1, Redundant)
la la la isn't it ironic (Score:4, Insightful)
That you need a cookie so that Facebook can remember that you don't want to be tracked.
Of course that cookie could contain a single non-unique value that states, do not track me.
But of course that Facebook doesn't really care about privacy can't come as a surprise to anyone.
Re: (Score:2)
1. Stop taking your meds
2. Stalk people on slashdot for mentioning you
j. Chase the aliens in your head
%. Complain about the aliens
£. Threaten the aliens with legal action for besmirching HOSTS files
]. Go to 2.
Facebook "offered to explain why it is incorrect" (Score:2)
Pretty funny that anyone would care about Facebook's "explanation" about why the independent researchers finding all those tracking cookies are all mistaken... but to be honest, I'm pretty sure that killing off Facebook's tracking wouldn't do anything if everyone else is tracking you anyhow.
Re: (Score:3)
So block them all. Ghostery - Download Page [ghostery.com]
Google are the worst IMO.
This is why I block them at the host file (Score:4, Informative)
# Facebook
127.0.0.1 www.facebook.com
127.0.0.1 facebook.com
127.0.0.1 www.static.ak.fbcdn.net
127.0.0.1 static.ak.fbcdn.net
127.0.0.1 www.login.facebook.com
127.0.0.1 login.facebook.com
127.0.0.1 www.fbcdn.net
127.0.0.1 fbcdn.net
127.0.0.1 www.fbcdn.com
127.0.0.1 fbcdn.com
127.0.0.1 www.static.ak.connect.facebook.com
127.0.0.1 static.ak.connect.facebook.com
127.0.0.1 aps.facebook.com
127.0.0.1 www.connect.facebook.net
127.0.0.1 connect.facebook.net
Bullshit non-story (Score:4, Insightful)
OK, so we have an article claiming Facebook is tracking everyone for evil advertising purposes, even when logged out. Facebook denies it and says it's garbage.
Let's go do 30 seconds of digging and see who is right, shall we?
There are three cookies set. Two of them appear to simply encode the loaded URL and have no ids or other interesting info. The last is the "DATR" cookie. What does DATR do? Well, we know what it does because last time this garbage blew up in the press Facebook explained what it does:
(link from here) [nikcub.com]
So it's an anti abuse and security feature. Nothing to do with advertising. Also, guess what - such cookies are common across many websites. They are quite useful for detecting spammers. Presumably Facebook tried to explain this to the Belgian regulator in question, but it's just so much better politically for said regulator to pretend they caught some evil company in their terrible advertising habits red handed, than learn how large websites work.
The problem is the more time the media and government regulators cry wolf over this stuff, the more inclined I am to believe they're all harmful idiots who want to break the web.
Re: (Score:2)
I don't think so.
1) You don't see ads on Facebook.com if you aren't logged in, and DATR isn't sent for social plugins around the web.
2) They have already said they don't do that.
So we have both their own statements and technical evidence.
Re: (Score:3)
The problem is the more time the media and government regulators cry wolf over this stuff, the more inclined I am to believe they're all harmful idiots who want to break the web.
Very nice, and concise.
But most very whooshable. Now try your method on any page that has a facebook button or for that matter most any popular page that the facebook crowd goes to. Check out the scripts while you are at it.
Facebook is simply tracking everyone. No account needed. No opt-in or out needed.