Many partners in Facebook’s Beacon seem reticent to address the raging privacy controversy surrounding the ad program, resorting to terse, vague statements or opting for outright silence when asked for comment.
The partners seem to be betting that the furor over Beacon’s broad ability to track visitors to their sites will die down, and that they don’t need to elaborate on their participation in a program many see as intrusive.
IDG News Service attempted to contact most Beacon partners via e-mail, phone or both, but many either never responded or limited their remarks to prepared statements that ignored the privacy questions posed.
The lack of comment contrasts sharply with the Beacon launch a month ago, when the partner companies expressed support for an ad system that has since been pelted with criticisms from privacy watchdog groups and concerned individuals.
More than 30 organizations, including Blockbuster, Sony Online Entertainment, eBay, The New York Times and IAC, pledged to implement Beacon in 44 of their Web sites.
Over the past week or so, IDG News Service asked most partners whether they have implemented Beacon, and, if so, which actions Beacon tracks on their site or sites. They were also asked whether the privacy controversy has caused them to alter their original plans for Beacon, and, if so, how. Finally, partners were asked how comfortable they are with Beacon’s broad scope of user tracking on their sites and whether they alert their users that some of their actions will be captured by Beacon and transmitted back to Facebook.
Based on the responses of partners who cared to comment, it seems partners’ views of Beacon range from cautious optimism to open disappointment. Those who have turned on Beacon have started with very simple implementations. None seem to be embracing it wholeheartedly at this point, which brings up the question of whether Beacon will ever truly deliver the benefits to advertisers that Facebook has promised.
Part of what Facebook calls Social Ads, Beacon tracks certain actions of Facebook users on partner sites in order to report those actions back to users’ Facebook friends network. For Facebook, these notices represent what it considers an innovative and ultimately more effective form of online advertising that leverages the deep social connections of its users.
Soon after its launch, Beacon got blasted by privacy advocates who charged that the program was too confusing to manage and opt out of. As a result, Facebook has modified Beacon twice to make its workings more explicit and simplify the process of opting out.
However, Facebook hasn’t indicated that it intends to address what is probably the biggest privacy concern with Beacon right now: That Beacon tracks all users in the affiliate external sites, including logged-off and former Facebook members and even non-Facebook members, and sends data back to Facebook without alerting users nor asking for their permission. Beacon also reports back to Facebook in the case of logged-in Facebook users who declined having their actions broadcast to their friends.
These findings, later confirmed by Facebook, were initially disclosed by a CA security researcher who has been conducting independent tests on Beacon. The findings contradicted Facebook’s previous responses regarding questions about Beacon’s extent of user tracking and data reporting.
The CA findings expanded the scope of Beacon privacy concerns beyond Facebook members to potentially all visitors to the partner sites. As such, the CA research has prompted questions of whether Beacon partners have a responsibility to alert visitors to their Web sites that some of their actions will be captured by Beacon, even if they aren’t Facebook members.
“The affiliate sites have a responsibility to their own users to inform them that certain actions will result in Facebook receiving information, even if they do not have a Facebook account,” wrote CA researcher Stefan Berteau in one of his notes about Beacon.
Although the CA findings have been broadly reported for a week now, many Beacon partners contacted said they were either unaware of them or simply declined to address them.
Some partners even declined to say whether they have turned on Beacon on their sites or not, and what actions they track or intend to track. That’s the case of shoes site Zappos.com and gaming site GameFly.com.
Zappos.com provided an e-mailed prepared statement saying it has been “actively working” with Facebook on Beacon and that it has made and will make changes based on customer feedback. It didn’t reply to several requests for clarification on the changes or on the status of its Beacon implementation.
Without addressing any questions specifically, GameFly.com e-mailed a statement saying the company values its members’ privacy and security, and understands these issues are important. “We applaud Facebook’s actions to make Beacon an opt-in feature as well as the introduction of a privacy control to turn Beacon off,” the statement reads.
Meanwhile, the following partners were contacted and either didn’t reply or declined to comment on the record about Beacon: Fandango, AllPosters.com, Blockbuster, ExpoTV, Hotwire, Joost, Live Nation, The Knot, Yelp, National Basketball Association, (RED), Conde Nast’s Epicurious and WeddingChannel.com.
Among those that did offer comment, one of the most forthcoming was Overstock.com. The online retailer turned off Beacon on Nov. 21, said Judd Bagley, a spokesman for the company. “We have a specific threshold that the program needs to meet, in terms of privacy, before we’ll be turning it back on,” he said via e-mail. Until Beacon supports an opt-in both on Overstock as well as Facebook, Overstock won’t begin using it again, he said.
When contacted last week, Overstock was just learning about the CA findings, Bagley said, adding that previously the company wasn’t aware that Beacon had the ability to capture the actions of non-Facebook users.
Another company distancing itself from Beacon is online retailer Bluefly, which hasn’t deployed Beacon and isn’t committed to it, said a spokeswoman for the company. She said the company is analyzing the program to decide whether to move forward with it due to privacy concerns.
On the other end of the spectrum are partners that report satisfaction with Beacon so far. Jim Greer, CEO of Kongregate.com, a gaming site, turned Beacon on about a month ago to track one action — games people play — and has received mostly positive feedback from its members, Greer said in a phone interview.
Still, since a small percentage of users objected to the Beacon broadcasts, Kongregate.com now gives its registered users the option to turn Beacon off by modifying its privacy preferences accordingly, Greer said. In the future, Kongregate may enable the reporting of other actions besides the game a user played, such as the achievement of a high score, but it is keeping it simple for now, he said.
Regarding the tracking of non-Facebook users, Greer said that he considers it similar to what many online ad networks do, specifically those designed to do behavioral targeting of users. He is comfortable with Facebook’s pledge that it deletes the data it gets about the actions of logged-off Facebook users, former Facebook members and nonmembers.
Some companies, like Six Apart, say their deployments of Beacon are unique, and thus avoid privacy issues. “The way we implemented Beacon on [blog publishing services] TypePad and LiveJournal that makes it truly opt-in is that until the user checks the box that opts them into the program, we don’t insert the Facebook Beacon JavaScript into the page that appears when a user saves a new entry,” said Michael Sippey, vice president of products at Six Apart, which runs TypePad and LiveJournal, in an e-mail exchange. For users who don’t opt in, nothing changes on their sites, so “there is no chance of any data being sent to Facebook,” he said. Six Apart sold LiveJournal last week to Russian online media company SUP.
EBay also said its implementation, scheduled for next year’s first quarter, will avoid privacy issues. EBay will not embed any Facebook code onto eBay pages and only applies Beacon to selling activity, said Usher Lieberman, a spokesman for eBay. An eBay seller may opt in to the program so that their for-sale items will appear on their Facebook newsfeed, he said.
Other sites that were part of the original Beacon launch are somewhat cautious, if not optimistic. “Our position right now is that we think the Beacon program has tremendous potential in advancing social networking,” Dan Toporek, a spokesman for Travelocity, said in an e-mail. “We will be evaluating consumer opinions towards the new user choices and privacy protections to determine when we’re ready to launch the feature.” He said that widely repeated reports saying that Travelocity had pulled out of the program in reaction to the privacy uproar were incorrect.
“We have not launched Beacon. It was on briefly in a very limited capacity during some testing, but was never fully turned on across our site,” Toporek said via e-mail.
Another travel company, STA Travel, plans to wait to use Beacon until the latest changes to the program are made. “In light of Facebook’s recent decision to update and improve the Beacon product, we have opted to put our involvement on hold until such changes have been implemented,” said Amanda Webb, a spokeswoman for STA Travel. STA hasn’t received any complaints or concerns from customers about Beacon, she said.
Others are moving forward with their Beacon implementations as planned. The travel section of the New York Times Web site is currently using Beacon in the user ratings section, and soon the review feature on the Movies section will also use the technology, said Diane McNulty, a spokeswoman for the company.
“We are using Beacon in a very limited way,” she wrote via e-mail. “We are implementing it slowly.” The privacy controversy hasn’t altered the New York Times’ original plans for Beacon, she said. McNulty didn’t reply to additional questions sent via e-mail seeking comment about the privacy concerns.
Meanwhile, online retailer Mercantila had some unrelated technical issues that delayed its launch of Beacon, said Tom Fallows, a company spokesman. Those issues should be worked out in about two months, and in the meantime, the company will be watching the situation with plans to re-evaluate it “after the dust has settled,” he said.
IAC, which said that several of its Web sites would use Beacon, plans to continue with its efforts to implement the program, said Leslie Cafferty, a spokeswoman for IAC.
Sony Online Entertainment has also implemented Beacon and tied it to the free-play trial of its Wheel of Fortune and Jeopardy games in its Station.com site, said Courtney Simmons, a company spokeswoman. She declined to comment further and didn’t immediately reply to a set of additional questions sent via e-mail.
TripAdvisor is currently running Beacon, but didn’t answer further questions about privacy implications.