If you haven't read it, there is a good review by Consumer Reports of the Facebook social networking website. The news media has focused on some of the controversial aspects of the report. For example, CNN reported, like many other news organizations, the survey finding that about 25 percent of Facebook users lie about information in their Facebook profile to protect their identity.
While lying about profile information may seem like an effective privacy strategy, the Consumer Report review of Facebook highlights the various ways Facebook tracks its members. Some Facebook members have made conscious choices to share personal data, and do so in status messages, sharing items, and commenting upon others' status messages. Yet other tracking methods exist.
The Consumer Reports review is a good reminder that its members are the products:
"... the company uses your data to help advertisers deliver ads that you may find useful. Suppose, for example, that you have “liked” the San Francisco 49ers page, or simply posted comments about football. You shouldn’t be surprised to see ads in the margins for football tickets, fan paraphernalia, and the like. Facebook does not share any of your information with advertisers that buy those ads unless you give permission. If you click the ad and purchase something, the advertiser obviously learns who you are. And even if you simply “like” a brand page, the company can automatically send posts to your account."
One tracking method is the facial-recognition software used to "tag" (e.g., identify) people (and places) in both photos and videos. Members who aren't careful to turn off the geo-tagging feature in their smart phones or tablets will provide even more personal data with photos and videos uploaded to Facebook.
Another method are the Facebook apps member use for music, news, and games -- which are loosely managed by Facebook:
"... according to Kevin Johnson, security consultant at Florida-based Secure Ideas, who has developed apps and tests their security. The sole credential needed to create an app is a verified Facebook account, including a cell phone number or credit card. And the company doesn’t have to review your source code (programming instructions) before it goes live..."
So, there seems to be little to no verification of apps for security or compliance when those apps have a privacy policy.
A method Facebook uses to track both members and non-members includes those "Like" buttons you have see on websites across the Internet:
"... Facebook keeps track of the other websites [its members] visit. That happens via the “Like,” “Recommendations,” and similar buttons that so many sites include. In addition to reporting your presence, the “Like” button sends along the date and time of your visit and your IP address, whether or not you click on it. The company has acknowledged that this happens even when Facebook users are logged out, a practice that had prompted class-action lawsuits in the U.S. If you’re logged in to Facebook, it can collect even more data. The company also said that it collects data from people who are not its users and have never visited its site..."
The review is also a good reminder of the scope of data Facebook collects:
"... thanks in large part to Max Schrems, a 24-year-old Austrian law student who managed to get a fuller copy of his personal information last year from Facebook's Dublin office, which oversees relations with users outside the U.S. and Canada. Schrems was surprised to discover, among the 1,222 pages of data covering three years of Facebook activity, not only deleted wall posts and messages, some with sensitive personal information, but e-mail addresses he’d deleted and names he’d removed from his friends list... Facebook collects the same type of detailed information on American users, as confirmed by documents it released to Boston police during their investigation of Philip Markoff..."
If you want to learn more about Schrems, visit Europe Versus Facebook. The review ends with a list of nine ways consumers can use Facebook (and similar social networking sites) safely:
"1. Think before you type. Even if you delete an account (which takes Facebook about a month), some info can remain in Facebook’s computers for up to 90 days.
3. Protect basic information. Set the audience for profile items, such as your town or employer. And remember: Sharing info with “friends of friends” could expose it to tens of thousands.
4. Know what you can’t protect. Your name and profile picture are public. To protect your identity, don’t use a photo, or use one that doesn’t show your face.
5. “UnPublic” your wall. Set the audience for all previous wall posts to just friends.
7. Block apps and sites that snoop. Unless you intercede, friends can share personal information about you with apps. To block that, use controls to limit the info apps can see."
Read the complete review of Facebook.com by Consumer Reports.