This is an old archived post from my former blog The Idea Shower. It's where I cataloged my product explorations and releases, one of which ultimately became Pocket.

This post was published back in 2007. It may not function as originally intended or may be missing images.

Facebook Beacon: Two Weeks Later

November 22, 2007

It's been two weeks since my post about how to block Facebook Beacon and a lot has happened.

  • Newspaper and networks are beginning to cover the response to Beacon.
  • Om Malik called for a protest of all participating companies.
  • MoveOn.org has created a petition demanding a blanket opt-out system.
  • The post has been viewed over 80,000 times.
So I felt that with all that is being said that I needed to make my stance on the matter clear.

I think people in general are missing the point.

Asking for a blanket-opt-out feature is as effective at protecting your privacy as covering your eyes to hide from a charging bear. Just because you can't see it, doesn't mean the bear is not there. Likewise, just because you say 'don't show this data', the mere fact that you can switch it back to 'show this data', means that it is still in Facebook's database.

Compare it to this. When you read articles on most news websites, such as the New York Times, alongside the article there is an icon to share the story you are reading on Digg, Newsvine, Del.icio.us, Facebook, etc. The Beacon system should be no different than how that functions. Right now, Beacon simply is clicking that share button for you.
And that is what should be the real concern here. Especially with the number of growing stories about Facebook releasing user's data upon request without permission or a warrant.

Currently, the system is employed on only 44 partner sites. But as indicated on Facebook's website, they have every intention of allowing any site be a Beacon partner. And as the system expands, Facebook will be able to collect data about you from more and more sites.

The question you should ask yourself is this: Would you find it acceptable for someone to stand behind you while you surf the internet, write down everything you look at, and then keep those notes for themselves? Would you trust that person to safeguard your data?

Facebook's Response vs. User Response

Facebook has brushed off the response over Beacon as "fairly muted". And they are probably right....so far.

Facebook users will remember the outrage in 2006 when Facebook first introduced the mini-feed. Groups were made, petitions were filed, fists were raised. Users were upset because their activity inside the Facebook site was now made visible to all of their friends. And within days Facebook had made changes to privacy settings and Facebook had publicly apologized.

But the response over Beacon will be slow and gradual. This is because, unlike the mini-feed, which every user was presented with immediately upon logging in, users will only slowly begin to interact with Beacon over the course of the coming weeks and months.

But if I were Facebook I wouldn't so casually brush aside the growing response. Because if Facebook users freaked out when the mini-feed shared their internal Facebook activity, how are they going to react when they find out their activity from outside of Facebook is being stored and shared?

Some Solutions

Well with everything that I do on this site I try to offer solutions to problems, so this scenario shouldn't be any different.

First off, for the user, they can block Beacon until Facebook gets it together.

Now for Facebook, they have a number of solutions. I don't think they should scrap Beacon. As I said before, I think it's a great idea and a boon to advertising. Unfortunately, this is another example of Facebook implementing a new feature without an initial consideration for their users feelings of privacy.

Most importantly, sign-ups to the system need to be reversed. No data should be transferred, requested, or stored until a user has verified that they are cool with it. That should be the clean slate that they start with.

They could offer a blanket opt-out system, if and only if, they were able to prove that when you said 'don't show this data' it also meant 'don't store this data'. So that when a participating site sent a request to Facebook to see if the surfer was a Facebook user, Facebook makes no log of that transaction what-so-ever.

If they aren't willing to do that, then there should be an additional step made in how the transaction between a user, a partner site, and Facebook occurs.

An example of the current process as is:

  1. User goes rents a movie from Blockbuster online
  2. Blockbuster Online asks Facebook, is this person a Facebook User?
  3. Facebook says yes (log could be made of transaction)
  4. Blockbuster sends the movie user rented to Facebook.
  5. Facebook stores data
This could all go away by simply adding a first step on Blockbuster's end that says: 'Are you a Facebook user? And if so, would you like to share the movie you rented with your Facebook friends?'

And if you choose to, THEN the transaction to Facebook could be made. And if not, Facebook hears nothing and everyone is happy.

Compare it to this. When you read articles on most news websites, such as the New York Times, alongside the article there is an icon to share the story you are reading on Digg, Newsvine, Del.icio.us, Facebook, etc. The Beacon system should be no different than how that functions. Right now, Beacon simply is clicking that share button for you.

For the merchant, adding a 'share' button alongside your user's transactions would also let you expand your influence past Facebook. Just sayin'.