Facebook is giving members of its social network the ability to completely decline participating in the company’s controversial Beacon ad system, a reaction to intense criticism that Beacon is too intrusive and compromises people’s privacy.
The announcement was made in an official blog post by Facebook founder and CEO Mark Zuckerberg on Wednesday morning, in which he also apologized for missteps in the design and deployment of Beacon.
“We’ve made a lot of mistakes building this feature, but we’ve made even more with how we’ve handled them. We simply did a bad job with this release, and I apologize for it,” Zuckerberg wrote.
The ability to skip Beacon altogether is the second major modification to the program. Last Thursday, Facebook gave members more control over Beacon and made the way it works clearer so that people could manage it properly.
Beacon, part of the company’s new ad platform, tracks certain actions of Facebook users on some external sites, like Blockbuster and Fandango, in order to report those actions back to users’ Facebook friends network.
The idea is to generate advertising that is more effective because it is intricately combined with people’s social circle, so that products and services are promoted in a more organic way via the actions of friends and family.
More than 40 Web sites have signed up for Beacon, although not all have implemented the system. Off-Facebook activities that can be broadcast to one’s Facebook friends include purchasing a product, signing up for a service and including an item on a wish list.
Still, Zuckerberg’s blog posting doesn’t directly address the findings of a CA security researcher that have fueled the privacy controversy over Beacon in recent days.
Stefan Berteau found that Beacon tracks users even if they are logged off from the social-networking site and have declined having their activities broadcast to friends.
In this case, users aren’t informed that data on their activities at these sites is flowing back to Facebook or given the option to block that information from being transmitted, according to Berteau, senior research engineer at CA’s Threat Research Group.
If a user has ever checked the option for Facebook to “remember me” — which saves the user from having to log on to the site upon every return to it — Facebook can tie his activities on third-party Beacon sites directly to him, even if he’s logged off and has opted out of the broadcast. If he has never chosen this option, the information still flows back to Facebook, although without it being tied to his Facebook ID, according to Berteau.
Moreover, Berteau also found that Beacon doesn’t limit its tracking to Facebook members. It actually tracks activities from all users in its third-party partner sites, including from people who have never signed up with Facebook or who have deactivated their accounts.
In those cases, Beacon captures detailed data on what users do on these external partner sites and sends it back to Facebook along with users’ IP (Internet Protocol) addresses, although there is no Facebook ID to tie to the data.
The information captured by Beacon in these cases includes the addresses of Web pages visited by the user and a string with the action taken in the partner site, Berteau said.
Facebook’s response to Berteau’s research has been a brief statement in which it confirms the findings, but says that in the case of logged-off users, deactivated accounts and nonmembers, Facebook deletes the data upon receiving it.
In Wednesday’s blog posting, Zuckerberg made an apparent, passing reference to the CA findings.
“If you select that you don’t want to share some Beacon actions or if you turn off Beacon, then Facebook won’t store those actions even when partners send them to Facebook,” he wrote.
That would seem to indicate that Beacon will continue to track users and send data back to Facebook, leaving it up to Facebook to decide which data it keeps and which it deletes.
Facebook didn’t immediately reply to a request for comment about Zuckerberg’s blog posting.