
Defense against the dark arts of the internet – how Facebook tracks you
We’ve already examined some of the ways Facebook tracks what you engage with on your News Feed to keep you scrolling and clicking. But how do they collect this information? In this post we’ll continue our examination of how Facebook tracks you using its dark arts. But first, let’s examine another creature from the Harry Potter world.
The Dementor, one of the most terrifying creatures you could ever imagine encountering.
“Dementors are among the foulest creatures that walk this earth. They infest the darkest, filthiest places, they glory in decay and despair, they drain peace, hope, and happiness out of the air around them… Get too near a Dementor and every good feeling, every happy memory will be sucked out of you. If it can, the Dementor will feed on you long enough to reduce you to something like itself… soulless and evil. You will be left with nothing but the worst experiences of your life.”
If there’s anything that approximates your soul on the internet, it’s your data. What you do, where you visit, what you buy. These are your thoughts, your desires, your aspirations, and they are incredibly valuable. Primarily, Facebook uses this data to connect you with relevant advertising. 85% of Facebook’s revenue in 2011 came from advertising, and it’s revenues have grown dramatically since then, particularly with mobile ads.
Facebook can track you across the internet and sucks your data out of you just like that Dementor. It can see what websites you visit even if you don’t have it open on your computer or phone.
How Facebook tracks you on other websites
When people hear this, they often imagine some hacker in a dark room who is singling them out specifically and looking at their behavior. This is not quite how it works, the information that is collected on you is aggregated with thousands of other users. It’s simultaneously not personal and incredibly personal. Advertisers use this aggregate data to target behavior patterns that indicate interest in something.
For example, using Facebook’s ad platform, you could target people in Florida over the age of 55, with low income, and who are married. This could be someone who’s interested in buying burial insurance.
If that’s not enough to outrage you, there’s more. All these trackers slow down the loading speeds on your pages. They’re profiting off of the data they collect from you and simultaneously diminishing your online experience.
How many trackers might you find on the average website? Let’s take a look at Business Insider. Not all of these are from Facebook, there’s dozens of companies that use this technology, but much of what you can do to protect against Facebook will also help you with these other trackers.
Two of the main ways Facebook tracks you outside of their platform is with the use of cookies and pixels. How can these things that sound so cute and fun follow your every move online?
What is a pixel?
Facebook offers a suite of free tools to advertisers and business owners. These tools allow them to reach people that may be interested in what they have to offer. One core tool is the the tracking pixel. This is a small segment of code that people place on their site that collects information.
This enables the owner of the site or, more accurately, whoever owns the pixel on the site to collect some basic information on you and send ads to you. The cookies that are on your browser work with this pixel to identify you and share some data.
The information that business owners get is aggregate information that details the demographic information and common interests of people who visit their site.
This pixel also makes it possible to send highly targeted ads to people that visit the site (or even specific pages on the site). This is why you start to see those eerily relevant ads appear on your feed after browsing.
What is a cookie?
A cookie is a small piece of software that web pages drop onto your computer or device. Many cookies are benign and send information between your browser and the site you are visiting. Information like your location (down to the city you’re in). What you may not expect is that many of these cookies remain active on your browser even when you don’t have Facebook open.
You can prevent most of this tracking from happening by logging out of Facebook when you aren’t using it. But even that might not be enough.
There is some evidence that Facebook can still collect data that could be used to associate you with your account as you browse even if you’re logged out. Information security specialist Nik Cubrilovic (quoted below) identified a “glitch” in how Facebook’s cookies work that allowed them to continue tracking you after you logged out. Facebook has responded to this issue and fixed it, but there are still some ways the tracking cookies can be used to follow you, even if that’s not what Facebook says they’re used for.
“These cookies, by the very purpose they serve, uniquely identify the browser being used – even after logout. As a user, you have to take Facebook at their word that the purpose of these cookies is only for what is being described. The previous a_user cookie that was fixed identified your user account and has been fixed, these cookies identify the browser and are not re-associated with your logged in account.” – Facebook Fixes Logout Issue, Explains Cookies
Facebook’s “shadow profiles”
Perhaps after all this, you think the only way to maintain your privacy is to completely abstain from Facebook, delete your profile and go back to writing letters to your faraway friends. Maybe you know someone who has held out and never created their own Facebook profile before, surely they’re safe from all this tracking right?
Sadly, no.
Have you ever used the “find my friends” feature? This feature allows Facebook to scan your contacts and collect information associated with that contact. Even if you’re a cautious social media user, and have never shared things like your phone number, address or other info online, your friends who are more “promiscuous” with their information may have shared it for you.
All of this information is collected in what Facebook calls a “Shadow Profile”, basically a collection of information that you never submitted.
It gets crazier too. Over the past few years, Facebook has been rolling out facial recognition technology. Whenever someone uploads a photo, Facebook provides suggestions of who you can tag in the photo. It scans the faces in the photo and creates a “digital biometric template”, this is a mathematical description of what you look like.
So, even if you have never logged onto Facebook in your life, it’s possible that it still has all of your contact information and knows what you look like.
Class action lawsuits have been filed against Facebook and Google. These companies are doing what they can to halt the formation of any laws that would prevent or hinder their use of facial recognition technology. Much of this, legally speaking, is “unprecedented”, meaning governments and courts don’t have much to go off of in this discussion.
How to protect your data from the dark arts of Facebook
Your privacy is important and your data is valuable.
The most important and easiest way to protect yourself from scammers, crap journalists and cheap marketers is to be aware of what you are clicking on and what you are engaging with on your News Feed. Any time you like something or even just view it, you’re asking Facebook to send you more from that person, more of that kind of content, more of those ideas.
Limit data collection on your Facebook from third party apps
Stop logging in via Facebook: Every time you use the “Log in via Facebook” feature on sites across the internet, you are installing a tiny piece of software on your Facebook.
If you like this feature because you don’t have to remember your passwords, I recommend using a service like LastPass. They offer a free version which works great for casual users.
Review what apps you have installed: In the “Settings” section of your Facebook, you’ll see an “Apps” header in the left column. It’s common for people to have installed third party apps like games, quizzes or other forms of entertainment or information, or share content that you enjoy from the site directly to Facebook. Make sure you delete any apps that you aren’t using.
Limit what others can share about you: From the “Settings / Apps” menu, you can also control what information others using apps can share about you.
Disable third party apps: You can even turn off the third party apps all together. For some, this may be overkill, many third party apps can enhance your experience online and save you time. But if you’re not sure, turning it off until you find a good reason to turn it on is a better approach than waiting until it’s too late to turn it off.
Limit ad tracking in Facebook’s settings
In the settings menu on Facebook, you can manage how you see ads and how Facebook uses your data for ads.
Go to Settings, then click Ads in the left column.
Opt out via the Digital Advertising Alliance website
You may have noticed Facebook mentioning the Digital Advertising Alliance in the ads settings menu.
You can go to the Digital Advertising Alliance Consumer Support Page to see who is tracking you and opt out of select companies or all that appear here.
As long as your browser keeps cookies, you won’t be able to stop Facebook from tracking you. But this does limit their ability to profit from your data. Facebook may still track your activity for “security” purposes.
Manage the privacy settings on your phone
On an iPhone, go to Settings, then Privacy, then Advertising, and turn on Limit Ad Tracking.
From an Android phone’s Settings, go to Accounts, then select Google, and then Ads. There you can click “Opt out of interest-based ads.”
Note that this does not completely block tracking. Facebook can still track you through the use of other apps that partner with them. But this does prevent them from sending you ads
Install tracker blockers on your browser
There is software you can install to block these trackers on your browser. These extensions can allow you to take more control of the data you share and speed up your load times.
Ghostery – Is a popular browser extension that blocks trackers. It’s easy to use and gives you helpful tools and information to understand different types of trackers and how they impact your browsing experience.
Blur by Albine – The free version of Blur blocks trackers and also offers features like email masking and encrypted password generation that give you an extra layer of protection against trackers.
Conclusion
The unfortunate reality is that what you can do about this is limited. Controlling your privacy online is a moving target. Facebook can change their privacy policy with only 7 days notice, so you’ll need to keep sharp on what’s happening to maintain your privacy.
Geoffrey Fowler puts it best in his Wall Street Journal article – What You Can Do About Facebook Tracking.
Several settlements with governments, including one with the Federal Trade Commission in 2011, require Facebook to submit to privacy audits and to seek permission from members before changing the way their information is released.
Facebook told the FTC about its new tracking procedures, but didn’t actually have to get consent from users. Why? Because the fine print had been in the privacy policy for years. A billion users have already, mostly unwittingly, given their permission.
What you can do: Nothing, unless you and the people you care about leave Facebook. Which you won’t.
Though it seems futile, it’s worth the effort. Facebook benefits most from complacency and until more people start taking steps to secure their data and control the value it provides, companies will continue to exploit it.
Keep practicing your patronus.