Home > Awareness, Data Protection, Facebook, Privacy, Social Media > Facebook and private businesses: risks

Facebook and private businesses: risks

During the past week this blog has presented which could be the privacy risks related to Internet usage, how cookies could monitor a user, how the employers can  use Facebook for making employment decisions, how profiling and targeted advertising could be delivered through Facebook’s Like button, what Places and Location Based Services mean for users’ privacy, and what photo tagging means.

As part of the same awareness campaign, today E-Crime Expert is presenting the associated risks of  users’ available information on Facebook in relation with private business. Digital technology providers including Facebook, generate much more data than any other kind of classic broadcasting, and as an effect, the value of that data will be extremely considerable because that information is user direct related. This blog will address the following questions arising from this are: who will collect that data (who could use it), what will the data be used for, who owns the data, who exploits the data, who is the gatekeeper and who is making money from of it?

Nonetheless that the data would be very important for advertisers, because it will allow advertisers to know precisely about demographics, gender, working fields, interests, products, preferences rather than assuming as is occurring in today’s market pools where the subject could be honest, or could just lie. By analyzing the data the answer will be as accurate as possible, because when the preferences are expressed among users (thinking that the discussion is private) they are more likely to be honest as they are confessing to people they trust such as family or friends, rather than a total stranger interviewing them on the street (I assume this depends on the individual, age, family relations, education). For example, today, marketers are assuming that if a person is rich (i.e. by consulting Forbes magazine), they would buy exclusivist goods such as very rare watches. In this case, the watch seller will send them offers, but they cannot be sure that the person, based only on his wealthy status, is interested in rare and expensive watches. Contrarily, by reading the data, one will know exactly who is a collector for rare watches, even if he is not rich, but still has a hobby in this regard. This is an example of how by reading, having access to, and collecting personal data, better-targeted advertising could be delivered. It is based on behavioral purchasing of a user who previously bought certain objects, goods, and services. The most common techniques a private business or advertiser could employ to obtain users preferences and characteristics (i.e. demographic, sex, race) is by employing behavioral advertising and targeting techniques. While employing these methods, risk regarding users’ personal data occurs as explained in the section.

The relation with Facebook is that people post their private data on this platform, even though let’s assume the data is not accessible to other users, but to the Facebook service providers. The SNS has access to the data anyways and “knows” what a particular user likes and owns, where they traveled to, and is in a relationship with. Furthermore, if a certain user, let’s presume a teenager, has a predilection for BMW cars, and this is noticed or made available to a BMW dealership by the SNS, based on this user’s posts, pictures, videos, and discussions regarding that particular brand of car, the BMW dealer will know exactly that the user has a predilection for BMW and could build a consumer relationship with him by sending catalogues, diecast cars, inviting him to BMW events, and ultimately cultivating his predilection for this brand in order to purchase it later. How is this accomplished? By monitoring the users behavior, preferences. It is not necessarily negative when a user is provided with magazines, test drives and other marketing tools regarding a certain product (i.e. BMW cars), but sometimes these marketing tools could become disturbing due to the frequency and/or quantity (when a BMW car dealer calls every month for promotional reasons). Moreover, this advertiser’s business model brings to the advertisers monetary value while users might get disturbed (as explained above). In addition, if one looks at this situation, it could be said that advertisers in collaboration with SNS are trying to provide the users/costumers with tailored products and services in order to help save users’ time and money. A closer look at this “benign” situation could show deeper, continuous and more severe implications. The problem is that the users do not always know they are monitored, and as a direct effect, their privacy could be breached because of the various hidden features the users are unaware of.

Facebook’s business model is built on behavioral advertising, providing its advertisers with all the necessary users’ information and infrastructure (Facebook platform) for economic profit.  Facebook claims under “Controlling how you Share. Advertising” field:

We never share your personal information with our advertisers. Facebook’s ad targeting is done entirely anonymously. If advertisers select demographic targeting for their ads, Facebook automatically matches those ads to the appropriate audience. Advertisers only receive anonymous data reports”.

However, I argue that the data is not completely anonymous because the “Like” button’s technical capabilities accurately identifies where a certain user browsed, or liked and preferred (identified by his unique Facebook id connected to a Cookie):

“…If you [the Advertiser] include Open Graph tags on your Web page, your page becomes equivalent to a Facebook page. This means when a user clicks a Like button on your page, a connection is made between your page and the user. Your page will appear in the “Likes and Interests” section of the user’s profile, and you have the ability to publish updates to the user. Your page will show up in same places that Facebook pages show up around the site (e.g. search), and you can target ads to people who like your content”.

Here there would not be any problem as the user pressed the “Like” button on a certain web page, knowing that is preferences will be posted on his Facebook Wall. But in reality, as explained by Arnold Roosendaal in his recent Article, the situation is different:

Since data about the user are sent to Facebook regardless of whether the Like button is actually clicked upon, users are often not aware of this fact. Nevertheless, the cookie contains the unique user ID and therewith facilitates the information on browsing behavior to be connected to the account. Even though the user is not involved, Facebook can collect far more individual data then the data made available on the profile page only”.

This means that even though the “Like” button is not clicked, Facebook is notified (through the Cookie) which user visited a certain website. Facebook claims to keep its users’ data anonymous and just for statistical purposes, but also the user is not notified (by Facebook) that his visit on a particular website was acknowledged by Facebook in order to register that user’s behavior and web browsing habits. Contrarily, when the user voluntarily clicks the “Like” button, the advertiser is notified and the user is notified as well (on his Facebook Wall). The advertiser is provided with the information that a certain user (based on his unique Facebook ID), visited and liked his website or product on his website. Therefore, by legitimately knowing the visitor’s Facebook ID, one could have (less legitimate) access to more data than just the user’s name (searching a username or Facebook ID using https://graph.facebook.com, advertisers could get more users’ personal information than the anonymous information for statistical purpose).

To conclude, the users’ preferences are very important to advertiser for their business as they pay Facebook to find out who visited their website, when they visited, how much time they spent on their website and what they liked (i.e. the “Like” button). The issue is that users are assured (i.e. Facebook terms and conditions above) that their information is made available anonymously, which is not true because an advertiser that has a “Like” button on his website, is informed about who visited his website (i.e. the advertiser is provided the user’s ID assigned to his individual cookie), and by having access to his user ID, other private information could be obtained regarding that user (i.e. gender, location, name just to name few) which is far from being anonymous data.

Any questions can be submitted to:


Additional information can be found at: www.e-crimeexppert.com

Did you know this? Have you received unwanted advertising while using your Facebook account? Have you received specific adrevtising taillord on your exact needs/interests? Would you be interested in checking the new Facebook privacy settings?

Hit the “subscribe” button in order to be notified when new videos and Articles are posted on this blog.

  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: