We all know that Facebook has not had the best track record in the privacy department, with employees viewing profiles for fun, showing your profile to an employer, and having reserved the right to use your information at will. But apparently a new feature goes beyond all that, and actually collects information about your activity on other websites.
The new feature is the Facebook Beacon, you may have noticed it on your feed, something of the form “Jane Doe has played Pacman at Retroarcade”. If you have played a game at any website that uses the Beacon, you would have seen a Facebook-style pop-up at the bottom right corner of the screen, telling you that it is sending the information [of what your playing] to your Facebook profile. As with most Facebook features, there is, of course, a privacy option on it.
But that, apparently, isn’t enough.
According to Stefan Berteau’s investigations, the information gathered from third party websites is sent to Facebook regardless of your privacy settings, which only control whether the data is displayed. It is also sent in enough detail that even if you are not logged in, Facebook could still tie the activity with your account. This presents a significant privacy concern where Facebook could essentially map out your online personality, which they currently use to target ads at you, but whose potentials are much greater.
So what can you do about this? Simple, block it. All the Facebook Beacon files rests in a single folder, http://facebook.com/beacon/. So all you have to do is to block this folder and Beacon will effectively be dead. Nate Weiner gives instructions on how to block it in various browsers. In Firefox, Adblock or Adblock Plus also works.
Finally, if you would like to learn the details of the Facebook Beacon, Jay Goldman provides an in-depth analysis of the JavaScript code that makes it work. A thanks to the Electronic Frontier Foundation for keeping an eye out on things that matter, as usual.