iPhone app iPad app Android phone app Android tablet app More

Facebook Logout Tracking: Privacy Concerns Arise Over Alleged Cookie Snooping

The Huffington Post     First Posted: 09/26/2011 9:50 am EDT   Updated: 11/26/2011 5:12 am EST

**SEE UPDATE AT BOTTOM OF POST**

Is Facebook tracking which websites users visit even after they've logged out of the service?

According to hacker and blogger Nik Cubrilovic: Yeah, it is. In a post to his personal blog, Cubrilovic writes that "[e]ven if you are logged out, Facebook still knows and can track every page you visit," pointing to Facebook cookies that remain active even after the user signs out. In his mind, this defeats the purpose of logging out of Facebook and presents a major privacy concern.

Cubrilovic goes on to write,

With my browser logged out of Facebook, whenever I visit any page with a Facebook like button, or share button, or any other widget, the information, including my account ID, is still being sent to Facebook. The only solution to Facebook not knowing who you are is to delete all Facebook cookies.

This is all important because of Facebook's new frictionless apps, unveiled recently at Facebook's f8 Developer's Conference and rolling out now on the social network. Websites can write apps whereby all activity on their pages can be shared automatically to a user's Facebook profile. The aim is to make sharing more convenient, so that Facebook members can more easily browse what their friends are interested in and start conversations about common interests and activities.

Cubrilovic penned his post in response to another blog post by Dave Winer, in which Winer claimed to be "seriously scared" of the disclosures these apps would automatically make and that the only solution was to log out of Facebook when browsing.

Cubrilovic's post was a warning that logging out was not enough.

In a comment on Cubrilovic's blog, a reader identifying himself as Gregg Stefancik ("an engineer who works on login systems at Facebook") refuted "some of the incorrect conclusions," stating that "Facebook has no interest in tracking people" and that Facebook's cookies "aren't used for tracking." Though Facebook could see when one of its users visited a partner site, Stefancik said, it could not see which user it was and that the only information sent back to them was the user's language, country and browser. Since Facebook "doesn't have an ad network and [doesn't] sell people's information," the logged out cookies were used for:

- Identifying and disabling spammers and phishers - Disabling registration if an underage user tries to re-register with a different birth date - Helping people recover hacked accounts - Powering account security features, such as login approvals and notifications - Identifying shared computers to discourage the use of “Keep me logged in.”

According to an answer of a commonly asked question in Facebook's Help Center, when one of its users visits a site with a Facebook social plug-in, whether logged in or logged out, Facebook receives information about "the date and time you visited, the web page you came from (commonly known as the referrer URL), and other technical information about the IP address, browser, and operating system you use."

"This is industry standard data," the Help Center answer continues, "that helps us optimize your experience depending on which browser you are using or whether or not you are logged into Facebook."

Essentially, Facebook is indeed tracking where its users go after they log-out, but it is claiming to do so for benign reasons.

Facebook, of course, is constantly battling against privacy concerns. Recently, the social networking giant has fought back against worries over its new auto-tag feature in early September, "epidemic levels" of bullying amongst teens on its site and its ability to make cyber-stalking easier.

UPDATE: Facebook emailed us the following statement, reiterating much of what Gregg Stefancik wrote in his comment on Cubrilovic's blog:

Facebook does not track users across the web. Instead, we use cookies on social plugins to personalize content (e.g. show you what your friends liked), to help maintain and improve what we do (e.g. measure click-through rate), or for safety and security (e.g. keeping underage kids from trying to sign up with a different age). No information we receive when you see a social plugin is used to target ads, we delete or anonymize this information within 90 days, and we never sell your information.

Specific to logged-out cookies, they are used for safety and protection, including identifying spammers and phishers, detecting when somebody unauthorized is trying to access your account, helping you get back into your account if you get hacked, disabling registration for underage people who try to re-register with a different birth date, powering account security features such as second factor login approvals and notification, and identifying shared computers to discourage the use of "Keep me logged in."


Facebook recently revamped its own privacy settings for users who are logged in to the site. Take a look at the slideshow (which originally appeared here) to see the most important changes you need to know now.

Want To Change How You're Tagged? Here's How
1  of  6
PLAY
FULLSCREEN
ZOOM
SHARE THIS SLIDE 
First, navigate to the "Privacy Settings" tag which appears under "Account" at the top right-hand side of Facebook.com.
MORE SLIDESHOWS NEXT >   |   < PREV
RATE IT!   |  
VOTE
CURRENT TOP 5 PICK YOUR OWN TOP 5
USERS WHO VOTED
NEW! CREATE YOUR OWN SLIDESHOW

FOLLOW HUFFPOST TECH

Related News On Huffington Post:
 

Facebook Privacy In Question: Irish Regulators To Probe 'Frictionless Sharing' And More Facebook Charging In 2011: Chain Letter Spreads False Rumor (PICTURES) New Facebook Profile, Apps Want You To Share Everything You Have Ever Done, Ever Facebook Timeline Lets You See Which Friends Have Unfriended You (PICTURES) Spotify Invites No Longer Needed, Service Now Open For Free Signups In USA Facebook's 'New Class Of Social Apps' Could Be Big Business For Site, Big Burden For Users How To Get The New Facebook Timeline Profile (VIDEO) F8 2011: Facebook's 7 Biggest Announcements From The Event Andy Samberg Opens F8 Keynote Impersonating Mark Zuckerberg (VIDEO, PHOTOS) Facebook's New Profile 'Timeline' Debuts At f8 2011: 7 Things You Need To Know The New Facebook Privacy Setting You Need To See--And The Tagging Tweak You Need To Know
Read more from Huffington Post bloggers:
Sean Donahue

Sean Donahue: Why 2012 Is Shaping Up to Be the 'Verb' Election

Far too often, Washington falls behind the eight ball when it comes to technology adoption. 2012 will be different. Gone are the days when launching a Website and joining a social network was enough.
Anne Hill

Anne Hill: It's Not Just About Privacy: Facebook's Growing Problem

Facebook is in danger of becoming the DMV of social networking sites: we go there because we have to, not because we want to.

What's Your Reaction?
Inspiring
 Funny
 Obsolete
 Scary
 Must-Have
 Amazing
 Innovative
 Nerdy
 
 
  • Comments
  • 214
  • Pending Comments
  • 0
  • View FAQ
Comments are closed for this entry
View All
Favorites
Recency  | 
Popularity
Page: 1 2 3 4 5  Next ›  Last »  (7 total)
photo
HUFFPOST SUPER USER
SHIRLEY CARR
optimist with experience sez
509 Fans
01:11 PM on 09/30/2011
Well, even if I'm logged out of FB, cleared all the stupid cookies and their crumbs, and turn the whole computer off, the next morning, I have no less than ten new emails from God knows where. Somebody is keeping track somehow 'cause it ain't me. I gave up. Do with me what you want; I surrendered a long time ago.
Permalink  |
Sharon S92
0 Fans
10:00 PM on 09/29/2011
I hear G+ and Sharelendar are coming soon. With these privacy and user control issues, they can't come fast enough for me!
Permalink  |
Rachel S
0 Fans
10:17 PM on 09/29/2011
G+ was available on the 20th. And Sharelendar is in beta phase. Very different products. Get ready for some serious choices soon!
Permalink  |
photo
AmandaRoberts1
0 Fans
 
01:07 AM on 10/20/2011
and when you get tired of that rat race come on over to AutumnsList and help them out, they are advertising that they are bringing privacy back for us. I believe they are privately funded, so don't expect it to run as fast as fb, but i'm sure once they get really rolling it will be really good, they got my vote, cause the rest are all the same and want to follow fb. They just dont get it, but AutumnsList seems to be on our page. I like it so I would recommend it. here is my link to my profile page on there so you can see what i am talking about. It might take a second to load, but thats prob because of the background i chose -- autumnslist.com/community/amanda I think i did that link right.
Permalink  |
photo
HUFFPOST SUPER USER
NeverRetro
"...go the way your blood beats."
535 Fans
09:34 PM on 09/27/2011
Even when you log off of Facebook, you're not really logged out. You are constantly "jacked in" to their data feed. There must be two versions of the new timeline styled profiles. One the user can view, and the other profile about you is exclusive to the advertiser.
Permalink  |
mhweb
0 Fans
08:25 PM on 09/27/2011
Regardless users you always be concern about their privacy and there is a great article that tell you how stop Facebook from tracking you on the web for Chrome and Firefox users.
http://pureinfotech.com/2011/09/27/how-to-stop-facebook-from-tracking-you-on-the-web-all-you-need-to-know/
Thank you.
Permalink  |
photo
HUFFPOST SUPER USER
ResearchtheFacts
Alert, awake & paying attention to the details.
2455 Fans
03:35 PM on 09/27/2011
I am probably one of the few who doesn't get why many would flock to one site on the internet to be profiled, sold, bought, aggressively advertised to, waste time, when there is an entire internet to explore.
Permalink  |
This user has chosen to opt out of the Badges program
photo
jetscan
312 Fans
06:55 PM on 09/27/2011
Well said. Fanned & faved.
Permalink  |
photo
MarsAmbassador
Per angusta ad augusta
2825 Fans
01:36 PM on 09/27/2011
"The aim is to make sharing more convenient, so that Facebook members can more easily browse what their friends are interested in and start conversations about common interests and activities."

WRONG! The aim is to be the most efficient data-collector in the world, tricking users into a barrier-less surfing experience in which to track and extract all their specific personal information to sell. Facebook serves no other purpose. Anybody else notice that nearly all corporate websites are Facebook dot com slash company now? It's an Internet within the Internet, where ALL your personally identifying and differentiating marketing information makes your specific habits worth far more due to being individualized, as opposed to the old way where they didn't have the specific information about who was doing what and going where. Facebook did an IPO in the spring that was only open to megacorporations and overseas investors, regular users couldn't even participate. That was Wall Street officially taking over the business plan and enacting what we're seeing now...unbridled PERSONAL access to you and everything you like, watch, do, your friends, what they like/watch/do, etc. Anybody that doesn't see it for this is missing the forest for the trees.
Permalink  |
photo
HUFFPOST SUPER USER
chaserblue
Shaving my legs with Occam's razor
528 Fans
01:29 AM on 09/27/2011
I find it amusingly disturbing that every time the tech demons at FB try to make something more "convenient" it ends up r-ping and pillaging your privacy... I knew there was a reason I hated and avoided FB.
Permalink  |
photo
HUFFPOST SUPER USER
Christine Shackleton
22 Fans
05:11 AM on 09/27/2011
Good morning madam we are from the new social police . We have some old facbook posts of yourelay s.. You have a choice -- come with us and work on the red or white canal, or delay and you can catch a bus to our nice holiday camp at belsen
Permalink  |
Sharon S92
0 Fans
10:01 PM on 09/29/2011
This is the reason why my friends switched to G+ and Sharelendar.
Permalink  |
photo
HUFFPOST SUPER USER
3Nox
Turns into a hedgehog when messed with
89 Fans
11:17 PM on 09/26/2011
Too far Zuckerberg, too far. I tried modifying my profile page to see what it looks like for strangers, and it USED to be easy, but I gave up after 15 minutes. It's gotten way too complicated now.
Permalink  |
HUFFPOST SUPER USER
lulubelle1956
1093 Fans
11:25 PM on 09/26/2011
I agree. Fb started by stating it was only available to friends you chose to befriend, but somehow, colleges and others, including hackers are able to access it and steal -mail addresses and other things. I'm getting rid of it for those reasons and because fb is now starting a super PAC for conservative issues, mainly their own goal of monopolizing the market with GOP/tp help. No thanks fb. Not with my info.
Permalink  |
photo
HUFFPOST SUPER USER
3Nox
Turns into a hedgehog when messed with
89 Fans
12:39 AM on 09/27/2011
I finally figured out that I have to go through each thing on my profile and set it to whatever privacy setting I want. And that took too long. People want something that's easy to navigate, and FB is really straying from that.
Permalink  |
Rachel S
0 Fans
10:28 PM on 09/29/2011
I agree. That's why so many of my friends are testing G+ and Sharelendar. So far I find G+ is like FB but with more user control. Sharelendar is for 'everyday' friends. They actually have a small limit on your friends. Less than 100, but I think you could request more.
Permalink  |
photo
AmandaRoberts1
0 Fans
 
01:35 AM on 10/20/2011
do you really think google is not gonna data mine your info????? They are the data mining king along with facebook!!!!!
People, people you need to wake up. Your trading one evil for another evil who is gonna do the same exact thing! Google = advertisements = tracking you already. Has nobody read all the privacy shit they have screwed up?????
If you want to get away from all the bullshit, then make sure you read their privacy policy and TOS first.
Nobody jumps into the pool without making sure there is water in it, we need to smarten up!
Permalink  |
This user has chosen to opt out of the Badges program
OliveColored
Real Progress No More BushBamas!
173 Fans
09:57 PM on 09/26/2011
Everyone knows fb does this, just no one seems to care.
Permalink  |
photo
HUFFPOST SUPER USER
Christine Shackleton
22 Fans
05:00 AM on 09/27/2011
yes they do. but excitement and then seriousness set the education courses for eg North Western university who in turn influences USA and oversees Uni,s and hence agenda curriculim for our future peoples who will run our country-- the use of intra - internet is important part of these. Headmasters are already asking parents to stop their children or adult eg night school students as well as political science students will have to question a lineal thinking here . Curriculums and demomocracy on web discussions will have to be radically altered
Permalink  |
photo
HUFFPOST SUPER USER
llen
160 Fans
09:45 PM on 09/26/2011
Facebook has become to much trouble, dam, everytime I log in its different and I can't find anything. I also don't want to spend hours trying to figure out "privacy" issues. I'm not interested in a collecting friends, the friends I have in the real world are real friends, don't need make believe ones.
Permalink  |
Rachel S
0 Fans
10:23 PM on 09/29/2011
My friends and I are testing G+ and Sharelendar now. G+ is like FB and Sharelendar would be good a good choice for you. They are for 'real' friends. Good luck.
Permalink  |
HUFFPOST SUPER USER
AntoninK
101 Fans
06:42 PM on 09/26/2011
Zuckerberg has said that privacy shows a lack of integrity, and FB personnel have stated that they think Mark doesn't believe in privacy very much. To me these almost monthly new privacy concerns seem like a slow, incremental easing into transparency like the old frog in boiling water tale.
"I feel Mark doesn't believe in privacy that much, or at least believes in privacy as a stepping stone. Maybe he's right, maybe he's wrong." - Charlie Cheevers, early engineer
"Mark really does believe very much in transparency and the vision of an open society and open world, and so he wants to push people that way. ... He hopes you'll get more open, and he's kind of happy to help you get there. So for him, it's more of a means to an end. For me, I'm not as sure." - Sheryl Sandberg, COO
And of course there's the alleged IMs of Zuckerberg offering a friend info on students who gave them personal info, calling them dumb...
Permalink  |
photo
AmandaRoberts1
0 Fans
 
01:53 AM on 10/20/2011
The real joke is that he doesn't even use the service that he so heartedly believes in, just take a look at his profile page and other "page" or whatver they call it now. The posts that are on their look fake and by somneone other than him!
O Mr Zuck they misnamed you at birth, the Z should have been a S, cause you really do Suck and the masses are starting to wake up, you better sell out why you have the chance like Tom did with MySpace.
Permalink  |
This user has chosen to opt out of the Badges program
photo
phatemu
235 Fans
06:14 PM on 09/26/2011
Facebook L8m3rs - Whe Are You Gonna Learn?

This punk is eating your lunch every day and you keep packing him another for tomorrow!
Permalink  |
HUFFPOST SUPER USER
verylargehat
1225 Fans
06:10 PM on 09/26/2011
Facebook and Mark Zuckerberg suck. And not necessarily in that order. I hope that the backlash is swift and fierce. And not necessarily in that order, either.
Permalink  |
Sharon S92
0 Fans
10:06 PM on 09/29/2011
LOL! That's why my friends are trying to get me to switch to G+ and Sharelendar. "And not necessaril­y in that order, either."
Permalink  |
photo
HUFFPOST SUPER USER
Irvin Spencer
Corporate America Rocks
277 Fans
 
06:07 PM on 09/26/2011
Their is very little privacy anymore, everything is online and hackers can access any information they want on anyone, so who cares
Permalink  |
photo
HUFFPOST SUPER USER
plaidsportcoat
1110 Fans
06:16 PM on 09/26/2011
Only intelligent people, don't worry your lil thing on your shoulders and neck.
Permalink  |
Sunzuki
10 Fans
06:03 PM on 09/26/2011
I hope their will be a backlash against companies like Facebook and Google for doing things like this.

Whats the next step if this is allowed to pass? Facebook or Google tracking your location through your smartphone?
Permalink  |
This user has chosen to opt out of the Badges program
ema123
512 Fans
06:52 PM on 09/26/2011
As long as they continue to make money it wont matter the backlash, with 750 million users many dont mind. Its value is based on thier ability to let merchants target market thier products to you personally, its the whole premise of thier business model. same is true of discount cards at your grocers, they track everything you buy and use that information to sell you more. You bet smart phone will be used the same way, walk past a starbucks, and suddenly you get a starbucks ad on your smartphone, anynone that thinks they created thses sites for anything other than to make maoney is delusional.
Permalink  |
photo
HUFFPOST SUPER USER
Christine Shackleton
22 Fans
05:03 AM on 09/27/2011
Question again . What merchants. ninety percent of goods sold at Wal mart are from Asia (not blaming Asia at all) and two thirds at least of every dollar at the till leaves and goes overseas. Does this has a familiar ring about certain totalatarian elites
Permalink  |
photo
MarsAmbassador
Per angusta ad augusta
2825 Fans
01:39 PM on 09/27/2011
iPhone's have been tracking people by their location since it's inception.
Permalink  |
Page: 1 2 3 4 5  Next ›  Last »  (7 total)