Last night the Wall Street Journal published about a new Facebook “privacy loophole” that resulted in user information being shared with advertisers. The information that was often shared by Facebook was the username of the person who clicked on the ad as detailed by Ben Edelman. While Facebook has become the subject of security attacks in recent weeks and has come under fire for legitimate concerns, your username has always been for sale, and not by Facebook.
A number of companies in the “social media” space are in the business of selling your data to third parties. Interestingly enough, many of these companies already have the profile data of the majority of Facebook users. That information has been systematically collected through applications as well as public resources found through Google. Trust me, the advertiser who could have theoretically collected your username through ads (even though they probably didn’t realize this was possible), would have paid more for your data by purchasing Facebook ads than going direct to third-party data sales companies.
The irony of the recent Facebook privacy debacle is that Facebook is actually attempting to give users more control, while third-parties are simultaneously stripping users of it. Yes, Facebook has overstepped their boundaries with the new “Instant Personalization” program in my own opinion, however most of your data has been accessible as long as you’ve been on the site.
Most likely that information was shared through third-party applications, but even if you chose not to use those applications, new data sales companies will create profiles of you based on the data you placed across multiple social networks. While we could dive into more details about the business of data sales the main point is this: having your Facebook username shared with advertisers is the tip of the iceberg.
The best way to protect your information is to avoid posting online anything you don’t want public. While I support users’ right to privacy, it’s best to assume your data is already available to other parties the moment you put it online. While I think we’re in the midst of a greater debate over the future of user privacy on the web thanks to the latest Facebook changes, the users already had control the moment they put their information into the ether.