Facebook by xiaopangnv


									Facebook’s Beacon

  By Michael Phelps
           History of Beacon
• Facebook application launched on November
  6, 2007
• Triggered controversy over user privacy
• Resulted in a class-action law suit
• Shut down in September 2009
                   The Basics
• Monitoring of user’s internet activity
• User’s online activity data is stored
• User activity is published on Facebook

• Partner Sites:
  – Blockbuster, Fandango, eBay, Hotwire,
    Overstock.com, Gamefly, Zappos, and more.
  – List of all partners here
                    The Process

                      Web activity
   User visits                          Data is stored
                     data is sent to
  partner site                          by Facebook

Internet activity    All this without
posted on user’s           user
  “NewsFeed”          authorization
              Privacy Issues
• Lack of notice to users
• Lack of consent from users
• Unauthorized transfers of personal
• Data always sent and stored regardless of user
          More Privacy Issues
• Opt-out set up as opposed to
  opt-in (active by default)

• Program found to be active
  despite user opt-outs

• Program active despite users
  being signed out
         Even More Privacy Issues
• Viloated multiple online privacy statutes:
     •   Video Privacy Protection Act
     •   Electronic Communications Privacy Act
     •   Computer Fraud and Abuse Act
     •   California Computer Crime Law
     •   California Consumer Legal Remedies Act
• MoveOn.org started a
  Facebook group/petition
  regarding Beacon’s privacy
• Cited the lack of user
  authorization as the most
  pressing issue
• Gained 50,000 members
  within 10 days
• Class-action law suit
• Settlement agreement:
      • Shut down Beacon program
      • Pay $9.5 million into a settlement fund
      • Facebook to start a foundation for increasing online
        privacy and security
• Class-action received and split $41k of the $9.5
  million paid to the settlement fund.
• Lawyers, not users, get a big payout
 Facebook’s Safety Advisory Board
• Composed of five organizations:
     •   Common Sense Media
     •   ConnectSafely
     •   WiredSafety
     •   Childnet International
     •   The Family Online Safety Institute
• Purpose of educating users, facilitators, and
  companies about online safety and protection.
  Similarities Around the E-World
• The Almighty Google
  – Gmail’s email scanning and ad seeding
  – Scanning of Google searches
  – Storing of private information
      The Dark Secrets of Gmail
• Every email is scanned finding key words and
  private data that are archived
• Incoming emails from non-Gmail users are
  scanned and stored
• User data is held for an indefinite amount of
                      So What?
• Gmail monitors and stores
  private information
• Private data is sold and used
  in targeted advertisements
     • Keywords are cached and
       seeded to advertisers
     • Advertisements catered
       specifically to the contents in
       your emails and your internet
              Privacy Concerns
• Concerns about general privacy
  – Gmail Users
     • Give consent by simply using service
     • No opt-out options offered
  – Non-Gmail Users
     • No consent at all
• Gmail defends scanning claiming it reduces
  spam and removes malicious content
               Access to Data
• Concerns about private
  – Recent attack on system that
    gained access to data about a
    Chinese human rights activist

• Worries about use by
  government and law
  enforcement agencies
       Use by Law Enforcement
• Warrant needed to access short term email
• More leniency about access to long term
• Abilities to subpoena data stored in Google
• Possibility of email profiling
  – 2001: FBI used in car navigation system to monitor
    in car conversations
                Critics of Gmail
• Thirty-one privacy advocate organizations
  urge Google to suspend Gmail until privacy
  issues are resolved
     • World Privacy Forum, Privacy Rights Clearinghouse,
       EPIC, and more <Open Letter to Google>
          Suggested Solutions?
1) Suspend Gmail’s email scanning and ad
2) Set clear and defined limits on length of data
              What Can You Do?
• Use another email service
     •   Rediffmail
     •   Walla
     •   Spymac
     •   Adventure-mail
• Don’t discuss your criminal activity on Gmail
     • Save that for face-to-face interactions
    Question? Comments?
Sean Lane, et al v. Facebook, Inc. et al. Case5:08-cv-03845-RS (US District Court, Northern District of CA, San
    Jose Division).

Yang, Grant. (2005). Stop the Abuse of Gmail. Duke Law and Technology Review, 14, 1-18.

Lane, et al, v. Facebook, Inc., et al FAQ. Retrieved February 1, 2010 from Beacon Class Settlement website:

EPIC, Privacy Rights Clearinghouse, World Privacy Forum, et al. (2004, April 60). Thirty-One Privacy and Civil
     Liberties Organizations Urge Google to Suspend Gmail. Retrieved February 1, 2010, from PRC website:

EPIC. (2004, August 18). Gmail Privacy Page. Retrieved February 1, 2010 from EPIC website:

Google, Inc. (2010). Google Privacy Center. Retrieved February 1, 2010 from Google website:
Berteau, Stefan. (2007, November 29). Facebook’s Misrepresentation of Beacon’s Threat to Privacy: Tracking
    users who opt out or are not logged in. Retrieved February 1, 2010 from California Security Advisor
    Research Blog:http://community.ca.com/blogs/securityadvisor/archive/2007/11/29/facebook-s-

To top