Enter your email address:

Delivered by FeedBurner

About This Blog

Josh’s Tweet Stream

  • More tweets

« Forrester videos on social technologies from Consumer Forum 2007 | Main | Facebook Beacon to become opt-in »

November 21, 2007

Close encounter with Facebook Beacon

I put a lot of trust in sites like Facebook to do the right thing when it comes to privacy. After all, the only stuff that gets out into the public is the stuff that I actually put in.

Until now.

Earlier this week, I bought a coffee table on Overstock.com. When I next logged into Facebook and saw this at the top of my newsfeed:

Overstockbeacon I was pretty surprised to see this, because I received no notification while I was on Overstock.com that they had the Facebook Beacon installed on the site. If they had, I would have turned it off.

I used my personal email address to buy the coffee table, so I was puzzled why and how this "personal" activity was being associated with my "public" Facebook profile.

(Since I was on Facebook, I updated my status to say that I was trying to figure out Facebook Beacon. And Scott Rafer instantly messaged me that he could explain all -- which he very succinctly did. Thank you Scott!)

Facebook Beacon is merely a small piece of script that allows the partner site to put a cookie on your  browser. So when I bought the table, an Overstock cookie was created, which then transferred the information to Facebook. Facebook then checks to see that the same browser is logged into Facebook, and shows the information. I'm not sure of all of the details, but I suspect that if I had logged into my "personal" Facebook account first (yes, I have two Facebook accounts and unless you know my personal email, you won't find my truly personal Facebook profile), that Overstock activity would have been logged to that Facebook profile.

So there's no checking or verification of email address, name, etc. to verify that the activity on Overstock is being done by the same person logging into Facebook. Imagine my horror if items were added to my NewsFeed because my kids were using my computer ("Charlene played DragonFable last night for 3 hours").

So I'm joining a growing chorus of Facebook critics that Beacon has some serious problems. Facebook has made the point that Beacon isn't sharing information publically, but with your friends. That's correct, but I think both the critics and Facebook are missing the point.

The biggest problem is the lack of transparency. Facebook is right in that I would really like to have some things that I do on third party sites to conveniently appear in newsfeed, e.g. events I'm attending from Evite or eBay/craigslist listings so that my friends know about them. That's the promise of Beacon. But I need to be in control and not get blindsided as I did in the example above. I was seriously wigged out, but wouldn't have been if Overstock had simply told me that they were inserting a Facebook Beacon and given me the opportunity at that time to opt-in to Beacon.

And this is the problem for Facebook -- they aren't in control of what their Beacon partners do to notify people that this is happening. Facebook can only control this from their own interface, when the information has already been transmitted between sites, and without my explicit permission.

There's a fine line that gets crossed when behavior data slips from being a convenience to being Big Brother. This is one of those times. Give me back my control by letting me opt-in (not opt-out as is currently the case), or I'm installing the Beacon Blocker.

I'd love to hear your perspective on this issue -- and please send me examples and screenshots!

Update 11/23/07: The plot thickens. It turns out that my husband and I inadvertently both bought the same coffee table from Overstock.com on the same day (yeah, not the greatest spousal communication going on!). I suspect that the order that made it on to my Facebook profile was actually HIS order, because I had additional items in my order.

So that means when my husband purchased the coffee table, because the Facebook cookie on that machine was for my Facebook account (my husband is not on Facebook), the purchase was attributed to my profile. He also did not have any notification that Overstock.com was sending the information to Facebook.

Lastly, some of who have friended me noted that I bought Fandango tickets to Beowulf Wednesday night. I received a very clear pop-up notice at the end of the transaction, and had no problem with that information being added to my profile. Granted, I had advance notice that this would likely happen, so to some people's point, i think that this is a matter of people getting used to this feature, much in the same way that it took a while for Newsfeed to grow on Facebook users.

But remember that Facebook made some significant changes to Newsfeed after it was launched, namely, giving people the ability to control what items made it into the newsfeed, and who in your friends list could see it via limited profiles.

I think that Facebook Beacon will have to undergo some significant retooling -- it has a lot of potential in terms of tying together aspects of my online life, but as I wrote above, I need to be able to have total transparency and control on when this is happening. Reigning in and policing partners like Overstock.com will be an essential -- and tough -- thing to do, especially if Facebook switches Beacon to be opt-in.

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d8341c50bf53ef00e54f8a4bc38833

Listed below are links to weblogs that reference Close encounter with Facebook Beacon:

» Metagg is tracking this post from Metagg
Find out what Social News Sites are discussing this post over at metagg.com [Read More]

» Getting the turkey ready forThanksgiving from Alexander van Elsas's Weblog on new media technologies and their effect on social behavior
A lot of fuzz this morning about Facebooks SocialAds and Beacons. Charlene Li from Forrester got her first personal, unexpected and unwanted encounter with Facebook ads as she found to her surprise that in her Facebook newsfeed there was a refer... [Read More]

» Facebook Beacon lights a firestorm in ateacup? from Marketing Nirvana
Summary: Beacon lights a fire storm of privacy issues Word-of-mouth marketing or misplaced advertising? Why Matthew Ingram and Justin Smith are wrong on the Beacon issue Moveon.org is targeting Facebook Beacon as an invasion of priv... [Read More]

» Some Thoughts on the Facebook Beacon from Dare Obasanjo aka Carnage4Life
[Read More]

» Inside//Out: Facebook Beacon; a marketing catch 22? from Techno//Marketer
Wow, when those Facebook guys launch a new service, they really know how to create some buzz. Their latest addition is a service called Beacon. [Read More]

» Is Facebook's Beacon Strategy to Piss us Off? from The Immigrant Song
Charlene Li makes an interesting parallel to the launch of newsfeed, which I remember well, in her post about Beacon. She notes (as I did below) that the element of control is key to success of a technology like this.* [Read More]

Comments

Todd Mintz

I think it's inevitable that a retailer of "adult" products decides to use Facebook Beacon which will end up causing serious embarassment and justifiable anger to the product purchaser.

Perry Mizota

I'm with you, Charlene. This is quite disturbing. This past weekend, I purchased some tickets on Fandango and was asked if I would like the transaction to be sent to my Facebook profile. I said, "no". I was spooked by this a bit but fortunately, and unlike your experience with Overstock, I was given the chance to say "no".

Mark

charlene,
When it showed up in my NewsFeed that you had bought several things from OverStock, I wasn't annoyed in the least to see this (probably because of the novelty of it, I figured this was Beacon in action!).
Over time I can see where there may be issues (imagine if you have a bunch of friends that are "shopoholics!), but if my NewsFeed doesn't become overwhelmed, I'm pretty tolerant of the fact that the folk at Facebook have gotta pay the rent, somehow.

Justin Smith

Hi Charlene,

I actually disagree with you. In my post on this topic at Inside Facebook, I explain why:

http://www.insidefacebook.com/2007/11/21/beacon-concerns-like-news-feed-concerns-of-a-year-ago-will-fade/

Best,
Justin Smith

notatoad

you're wrong, facebook does have control over what their partner sites do. just because they don't have technical control over what happens, doesn't mean that they can't have some sort of TOS that says "you have to tell your users when you send something with beacon"

and that cookie thing is retarded. i always thought it was all done by recognizing a common email.

joeadams

Beacon is stupid and doomed. It's one tragic purchase away from a congressional investigation and by the way, when everybody's profile is filled with this information, people will just start to hate facebook. "once every 100 years a company with an amazing market opportunity really blows it".

I've already had two people tell me they're deleting their fb accounts before they do their holiday shopping so that their friends can't see the gifts they're buying (since they aren't sure where beacon lives and where it doesn't).

Making it opt in doesn't work since what person is going to opt-in to this? Frankly, I can't believe this was their big idea....it's so stupid and infantile that it's really hard to believe the board of directors didn't hear the pitch and think "plan b, let's sell this sucker now".

Anil Dash

This is really interesting -- to their credit, Facebook was very adamant about partners having to be clear about disclosure when implementing Beacon. For example, on TypePad here, you have to go to TypePad Home > Your Weblogs > Your Blog > Configure > Publicity and check the box to opt-in.

I think to some degree this might be a case of Facebook providing the opportunity with the (obviously wrong) assumption that people would do the right thing. Just like Google not anticipating that PageRank would eventually lead to link spam, this is symptomatic of Silicon Valley culture thinking of what tech *could* do, without thinking of what bad actors (or relatively good actors who are being sketchy) will do with that freedom.

Is it Facebook's fault? Kinda. But it's also every company's responsibility to be mindful of their obligation to their users. Sounds to me like Overstock was overzealous here.

Filiberto Selvas

We (Social Media Professionals) need to put the customer in control of his/her behavior and activity data (or risk a terrible backlash). I am very much in agreement with Paul Greenberg’s comments on the VRM initiative (here: http://the56group.typepad.com/pgreenblog/2007/11/vendor-relation.html) and I have captured my own thoughts here: http://selvascano.spaces.live.com/blog/cns!D7439E6DC600CAE9!1459.entry

Filiberto Selvas

John Howard

Leave Facebook, there'll be another social site along soon.

alanp

@ Joe Adams - actually, I suspect this is part of "lets sell this sucker now" ;)

PS good article Forrester, I was fairly unimpressed with what you guys did when this was all announced - this is far more impartial and fact based.

Niamh Kiernan

This is alarming. I jokingly tell Sainsburys staff that I don't have a reward card because I don't want the government to know what I am eating. Well I don't want the world to know what I've bought either or where I have been. A great tool for the jealous partner I suppose.

Shama Hyder

Charlene,

I just posted yesterday about how when marketing on Facebook, one should create communities and let people CHOOSE their preferences. I consider the Overstock ad spamming in a sense.

-Shama

Dennis Howlett

This was something I warned about at around the time some of Charlene's colleagues were blithely bigging up what a great advertising platform Facebook is morphing into. So why are people surprised this is happening? What else did anyone expect?

laura

I read your post and agree with everything you said. While this hasn't yet happened to me (and so i can't send you screenshots), the implications of Beacon are a little frightening. And, i think i need to explain here, i am not overly paranoid, but i am cautious. i do not list "interests" in facebook and i try to leave minimal information so that my actual friends can find me. beacon is a farse disguised in the form of word-of-mouth advertising, because true word-of-mouth is based on an evaluation of a product through usage. Beacon cites the products that have been bought, but there cannot be a recommendation without actually experiencing whether we like or dislike the product. i don't want me purchases displayed for everything to see and apparently, the opt-out function has been getting missed by a lot of people.

DotComNote

This is the type of privacy violation I expeced and blogged about it in my blog the day Facebook announced their Social Ads.

I don't have a problem businesses using private data for providing convenience to their customers (e.g. Amazon uses my buying pattern to suggest stuff I may be interested in) but tracking online usage from site to site and announcing that to your my entire social graphs is unacceptable.

What we have seen in the last few weeks is just the tip of the iceberg. This is setting a very dangerous precedent with grave consequences.

One immediate soultion, as you siggested, is to provide an opt-in (default opt-out) offer at every online point of purchase. But this solution may not be a very attractive proposition for the merchants.


Neil Napolitano

Why is anyone surprised at this? You knew this was going to happen once Bill G. started showing interest in the site. I agree with DotComNote above - this is just the tip of the iceberg.

Kevin Hillstrom

Given what is all going on in marketing, we all spend a highly disproportionate amount of time talking about Facebook, don't we?

Toby Ward

Wow! Thanks for highlighting this for us Charlene. I've just written a post on how Facebook could threaten the corprate intranet and corporate security and confidential information on www.IntranetBlog.com. I reference your post and this fascinating story.

Ellen Gerstein

My babysitter came over yesterday. I asked why she wasn't wearing the purple women's jacket she purchased from Overstock.com. She freaked out, not knowing how I knew. I showed her Facebook's feed that told me all about all the stuff she got from Overstock, including, as it turns out, a Christmas present for my daughter. That's another great flaw of including this stuff on FB,although it's certainly not as disturbing as the privacy invasion factor.

Wait till some woman sees her man buying something...except it's not for her ...

Jonathan Trenn

Charlene

You write a very telling piece here. What happens when someone buys something more personal than a coffee table? This is a disaster waiting to happen. My thoughts are here:

http://marketingconversation.com/2007/11/24/facebook-beacon-inst-in-the-users-interest-that-means-you/

Will

The reason that I stumbled upon this blog entry was because I was googling
for anything related to how my overstock order details somehow were published _without my consent or knowledge_ on my facebook newsfeed.

Here is why I am completely livid about this:

I purchased a diamond engagement ring set from overstock in preparation for a New Year's surprise for my girlfriend. Please note that this was something meant to be very special, and also very private at this point (for obvious reasons). Within hours, I received a shocking call from one of my best friends of surprise and "congratulations" for getting engaged.(!!!)

Imagine my horror when I learned that overstock had published the details of my purchase (including a link to the item and its price) on my public facebook newsfeed, as well as notifications to all of my friends. ALL OF MY FRIENDS, including my girlfriend, and all of her friends, etc...

ALL OF THIS WAS WITHOUT MY CONSENT OR KNOWLEDGE.

I am totally distressed that my surprise was ruined, and what was meant to be something special and a lifetime memory for my girlfriend and I was destroyed by a totally underhanded and infuriating privacy invasion. I want to wring the neck of the folks at overstock and facebook who thought that this was a good idea. It sets a terrible precedent on the net, and I feel that it ruined a part of my life.

bill

facebook needs to make beacon opt-in, and to incent users to participate by sharing their ad revenue.
http://bbb.typepad.com/billsdue/2007/11/zuckerburg-says.html

Tripp Fenderson

No surprise...

On more than one occasion, Facebook has shown that they're not interested in creating a sound privacy system.

I opted out of Facebook when they announced the Beacon.

You should consider doing the same.

Honestly, do you get more out of the service than you're giving up in terms of your privacy and your marketing data?

Satya

I had my first beacon encounter on Fandango and agree that the experience was troubling.
http://venturegeneratedcontent.com/2007/11/13/close-encounters-of-the-facebook-beacon-kind/

flash menu maker

Good article. But I cannot find any info about installation of the Beacon code to my site f-source.com. Could anyone help?

ziggy

I think facebook period is dumb. Oh, please be my friend and be interested in me! Why does anyone other than teenagers use it?

Jim H

I am a some what new user to Facebook and have a business friend that has trying to work with the executives in the company and provide them technology that may help with the issues of privacy such has been seen here. Here is an excerpt from the e-mail that he received from a Facebook employee..."I apologize for the miscommunication between me and XXXX, but these emails need to stop. You will not succeed in getting us to value your technology by spamming Facebook employees. We have tried being polite; we have tried ignoring you; I will say it once again and then will write to our IT department and ask them to block all emails.. but we’re not interested in pursing a partnership at this time.

Should we become interested, we will certainly be in contact with you. In the meantime you must stop emailing us in this manner....."

This from a company that wants to do the right thing??? I am not sure if the employees believe the same thing the executives are trying to say to us the customers.

Any thoughts? By the way the the names of the employees have been removed since one was an EVP an the other a Director level.

Fard Johnmar

Charlene:

This is disturbing in more ways than one. Imagine the implications for health -- especially for people with sensitive conditions who are purchasing content online. What if this private information was shared with the masses? See my post about this issue here: http://www.healthcarevox.com/2007/11/on_privacy_facebook_healthcare.html

Corey Mathews

It's especially annoying when you share a home computer with someone else. My wife post some hotel reviews on Tripadvisor the other day, and it appeared on my Facebook feed because I was logged in at the time. Grrr.

Dan G.

I keep reading this as "Close encounter with Facebook Bacon".

Tim W.

This person has just purchased 'Living with AIDS' from Amazon.com.

Mike Cassidy

I like what you had to say about Beacon. One of the great things about the Internet is that it allows you to research, learn and engage in an anonymous environment. People want the ability to be able to buy someone a gift and keep it a surprise, to uncover what a certain medical diagnosis means, or to engage in online dating via a controlled platform.

Social networking is about sharing on your terms, not when Facebook deems it appropriate. Now this might sound contrary to how an advertiser uses remarketing or behavioral targeting technology but it is not. Because again, this is about one company communicating with one individual; not an individual having to share all of his/her habits and interests with others who know the personal identifiable information of that person. That’s the distinction I make when trying to judge which advertising programs seem appropriate versus the ones that do not.

Malcolm Kass

Where is the balance between responsibility and privacy? If you a member of facebook, do you not have some of the responsibility to find out about this service? Just because we are lazy doesn't mean we are innocent. The most sure-fire way to prevent others knowing that you purchased something you wish to remain private, then don't purchase that product.

Some of these posts that complain about big brother's oversight shouldn't demand big brother's swaddling and diaper changing either. You can't have it both ways.

Malcolm Kass

Oh, and I just love it when I read commentary like "troubled" and "distrubed" from others about their own horrendous coffee table-ish experiences. These people must have the most privleged life imaginable if this shakes them at the roots their soul.

Geez.

mehmet poyraz

thank you for your useful article.

gayathriherath

The new distributed viral forum/blog/wiki/classified/etc advertising engine is here. We can spread the word about your site in short amount of time to millions of people and help with your SEO process by using backlinks. Start your campaign today! http://widecircles.com

dennis

Wow Those FaceBook guys know how to get the word out, amazing.
http://bigloanguide.com

tommy

thanks for the great info
http://www.bigloanguide.com/debt-relief.html

donna

Awesome Information, thanks alot
http://findadietplan.com

Teresa

I use Facebook all the time and have had no problems with it at all.
http://elovemagic.om

MGH NOW

Charlene, thanks for sharing your story. It is great that you took the time to explain this issue to people using social networks. This has been an ongoing controversy and people do not seem to be responding well to what has been interpreted as an invasion of privacy. Check out our MGH NOW blog to take a closer look at Beacon ads and the affect it has specifically on the Facebook community: http://now.mghus.com/?p=173.

Norm Silverman

Use Facebook all the time. Keeps me in touch with fellow Steve McQueen and Carroll Shelby vintage auto racing fans.

www.a2zracergear.com

Thomas

Great post. I use Facebook many times.

kuri

Social networking is about sharing on your terms, not when Facebook deems it appropriate. Now this might sound contrary to how an advertiser uses remarketing or behavioral targeting technology but it is not. Because again, this is about one company communicating with one individual; not an individual having to share all of his/her habits and interests with others who know the personal identifiable information of that person. That’s the distinction I make when trying to judge which advertising programs seem appropriate versus the ones that do not.

Cpt Barnacle

"publically"? Eeugh. If you can't bother to learn how to spell, at least learn how to use spellcheck.

eyeglasses

Important what is your favourite that you can go to the very much faster ways around [url=http://www.52eyeglasses.com]eyeglasses[/url].HO

alexa

Seems like overstock.com has stopped participating in Beacon and as per my previous post Coca Cola is relooking at its facebook strategy.
water softening

Jonathon

i love facebook and i didnt even know overstock had a widget i like the store though them and
http://www.tycromedia.com

Kacy

yea i know its anoying at time tycromedia had one on there but i guess they took it down

tungsten ring

Its good you got a feedback about this,this very important matter,thanks guys.

by:P.jew

The comments to this entry are closed.