Tweet, Like and Google +1 buttons: lessons in privacy

There are two articles that are essential reading for anyone who has a news site or blog, and interesting to anyone who cares about the data they are sharing online.

It is something we have written about in the past: Like and Tweet buttons – what news sites need to know about dropped cookies.

The first is this excellent article by James Cridland, managing director of Media UK. In his post “It’s a matter of privacy” he explains why his site has stripped out code and moved away from the official Twitter and Facebook buttons.

Whenever you see a tweet button, that means that site owner has added a small piece of code from Twitter onto their page. Load the page, and, whether you like it or not, Twitter is aware that someone has just loaded that page. If you’re signed in to Twitter, Twitter know that you’ve visited it. You don’t have to hit the tweet button or do aything else.

The same goes for the Facebook like button. Any page which uses it loads code from Facebook: and if you’re logged in (or even if you’re not), Facebook knows that you’ve seen that page – regardless of whether you click on the like button.

And the same goes for the Google +1 button. While there’s no evidence that Google Analytics knows who you are even if you are signed into your Google Account, Google +1 certainly does. Once more, simply by loading a page with a Google +1 button on it, you signal back to Google that you’ve looked at that page.

Cridland also points out that the collection of data slows the page loading time too.

Privacy is also a theme also taken up by the Guardian in the article, which first appeared on developer Adrian Short’s blog headlined “Why Facebook’s new Open Graph makes us all part of the web underclass“.

Short argues that by relying on social media sites business, including news sites, are poor tenants ruled by the whims our rich landlords. He too discussed how all social media sites pose privacy questions to sites and illustrates why Facebook, which launched a new type of Open Graph apps last week, is worth studying.

Facebook’s abuse of its Like button to invade people’s privacy is much less publicised. We all think we know how it works. We’re on a website reading an interesting page and we click the Like button. A link to the page gets posted to our wall for our friends to see and Facebook keeps this data and data about who clicks on it to help it to sell advertising. So far, so predictable.

What most people don’t know is that the Like button tracks your browsing history. Every time you visit a web page that displays the Like button, Facebook logs that data in your account. It doesn’t put anything on your wall, but it knows where you’ve been. This happens even if you log out of Facebook. Like buttons are pretty much ubiquitous on mainstream websites, so every time you visit one you’re doing some frictionless sharing. Did you opt in to this? Only by registering your Facebook account in the first place. Can you turn it off? Only by deleting your account. (And you know how easy that is.)

The article goes on to explain that most users accept the dropping of cookies and the collection of data as a necessary part of browsing. However, Short highlights an important point:

What Facebook is doing is very different. When it records our activity away from the Facebook site it’s a third party to the deal. It doesn’t need this data to run its own services. Moreover, Facebook’s aggregation and centralisation of data across all our disparate fields of activity is a very different thing from our phone company having our phone data and our bank having our finances. Worst of all, the way Facebook collects and uses our data is both unpredictable and opaque. Its technology and policies move so quickly you’d need to be a technical and legal specialist and spend an inordinate amount of time researching Facebook’s activities on an ongoing basis to have any hope of understanding what they’re doing with your data.

Short recognises that business – including news sites – rely on social media for their success. And he doesn’t offer any solutions.

Perhaps the first step is to follow BBC News and Media UK in using unofficial Twitter and Facebook buttons.

Update: The Next Web has today (27 September) published a post stating that Facebook has confirmed is collects data from Like buttons.

The post states:

Facebook has confirmed that the way it collects information from its users may result in the transmission of user data from third-party websites, even when they are logged out, but has asked for users to trust the company and will fix a total of three cookie-related issues within the next 24 hours.

Leave a Reply