Technically, one could argue that they already violate existing laws, but incidents like these will make absolutely sure that these practices will be explicitly outlawed very soon.
It keeps surprising me how companies like Facebook and Google seem to be oblivious to the way privacy is perceived elsewhere, and are actively provoking stricter legislation than would be the case if they showed some respect. There is absolutely no question about these tracking practices being perceived as ethically unacceptable in many countries, so why provoke both negative publicity and legislation that is likely to handicap less intrusive solutions as well?
edit: wireless wiretapping scandal -> warrantless wiretapping scandal, silly me.
The country doesn't have a healthcare system for citizens outside of the military, and there's no outrage. Does this mean "there is strong evidence that USA as a nation" doesn't value not dying?
"Don't seek government help, work harder, smile more and make more money" appears to be the answer/advice to those who complain/express outrage. Then you can buy yourself healthcare, privacy or anything you wish.
> Does this mean "there is strong evidence that USA as a nation" doesn't value not dying?
No, but it does mean that the country does not value a social safety net as much as it values monetary profit for the few at the top of the healthcare insurance industry.
> "Don't seek government help, work harder, smile more and make more money" appears to be the answer/advice to those who complain/express outrage. Then you can buy yourself healthcare, privacy or anything you wish.
If you believe that, you are naive. Here are some facts for you (you can google them if you want, I don't have time)
* 75% of people who file for bankruptcy because of medical expenses (and there are a lot of them) HAVE health care insurance. That doesn't happen in any country with socialized health care.
* 40M americans are on food stamps; that is, they seek and receive government help, and unlike other government perks (like extended unemployment), these will never go away because that's what is stopping blood from flowing in the streets.
* Senators and Congressmen are, on the average, millionaires (unlike military people). They can afford the healthcare they want. And they want state sponsored health care, for life (as long as they've served two terms); what's not good for the goose is apparently excellent for the gander.
* The government takes money from you -- taxes -- essentially at gun point. You might believe it is only on income, but by debasing the currency (which the Fed has been doing very diligently since 2008, and slightly less diligently since 2000, and only just diligently since 1971), they rob the value of money you already have -- and if you hold only anything like gold that retains its value -- why, that's taxed as capital gains; you can't win.
* What the government does with this money is -- among other things -- give it to their friends on Wall Street. To the tune of trillions of dollars.
You know, I remember in 2004 I was arguing with an American friend about how americans can re-elect Bush, and his reply was "we're not stupid, it's just apathy". I see this apathy as stupidity.
And you know what? It's not that it can't be changed. It's just the everyone prefers cheap iPods to actually facing things that matters. In general, that only delays the arrival of the bill - but it is coming.
In the case of socialized health care, especially, a majority of the population is violently against it, and while I disagree with most of the arguments, they are neither unreasonable nor apathetic.
That's how it works in theory. In practice, there is one party (Lobbyists) with two representations, Democrats and Republicans. This guarantees that everyone keeps arguing about supposed merits (mostly about things like gay marriage and legal abortions, which make little difference overall, but occasionally also about things that do matter like health care), but little gets done on any argued front, while in the meantime wars and patriot acts happen.
I'm sure reasonable arguments can be made for both sides, e.g. on the health care debate. But I've listened and looked for them, and never heard them (on either side). I'm familiar with reasonable arguments on the "for" side for socialized health care. I haven't managed to find a reasonable argument for the "against" side. (By reasonable, I mean based on facts and comparison to other countries who have implemented similar programs ..... e.g. the entire western world except the US).
> a majority of the population is violently against it, and while I disagree with most of the arguments, they are neither unreasonable nor apathetic.
I remember reading about >50% support FOR one-payer system (the way Canada and the UK run theirs), before the rulers (eh, sorry, "leaders") decided it's not even on the table.
I would really like to hear some of these reasonable arguments against.
The contempt is from actually living in the US, talking to people daily who believe that they live in a democracy, or that their government is working to benefit them in any way.
Data retention is there since a long time in Europe...
As far as I know, the only privacy of records the US law cares about is health care records, through the HIPAA act.
One of the clearest lessons learned is that once these things take root, they are incredibly hard to dislodge. When they do go, it's only due to truly cataclysmic change. What naive Americans may regard as absurd hyper-sensitivity or a hopeless lack of technical sophistication is often an acute awareness that never letting it happen again means banning a lot of stuff that young innocents casually dismiss "as just being how the internet works".
Evgeny Morozov (author of "The Net Delusion" http://amzn.to/nOOxzQ) observes that casual openness is exactly how the web can be used to work against you. He makes the point that while folks safely ensconced in California should be grateful for their freedom from truly abusive government, they should also be a lot more sensitive to the concerns - and outright trauma - still found in places that haven't been so lucky.
Of course, I'm over-simplifying his argument a bit. If you want a more complete (and much more entertaining) introduction, RSA did an especially good animation of a talk he gave, which you can see here: http://www.youtube.com/watch?v=Uk8x3V-sUgU
With ad block it cleans pages up like you wouldn't believe. Many sites actually become readable :O
So, if you only want Facebook gone, by all means use FBB. If you don't want trackers in general (Google Analytics etc), use Ghostery.
I will have a new version out at the end of this weekend
I think it is time to kill all third-party requests. If you want to show users an ad, host it from your own server.
I have disconnect installed, and, looking at the source, it checks a resource's URL on a beforeload event, and cancels the load if the domain has a match on the blacklist. Where is the problem?
Proper resource blocking support is in development last time i checked, but it isn't done yet, which is why Ghostery, Disconnect, HTTPS Everywhere, etc aren't available/don't work on chrome.
Of course, Ghostery will still give you a list of trackers, but it won't always succeed in blocking all of them.
If it hadn't occurred to you yet that Facebook cares far
more about the "Like" buttons that you don't click than
about the ones that you do -- there you go.
Besides, this solution with the two clicks is very clever, and privacy friendly. In addition, it speeds up page loading. It speaks for itself that the only measure Facebook has is trying to sue with a very broadly formulated policy, which I doubt applies in this case anyways:
if such use could confuse users into thinking that the
reference is to Facebook features or functionality.
It's standard that widget publishers require to use their widget "as is". That's basically what Facebook is saying. Not only do you not know what any custom modifications will necessarily do but it's a completely valid argument that you want a consistent user experience with your widget.
As for user tracking, this is basically an inevitable byproduct of Facebook hosting the widget, a situation I'm sure they're not unhappy about, but this really isn't a big deal in the context of how the Web works.
The story here (IMHO) is trust. Most pages have a Google Analytics tracking script on them. Do you trust Google? I do (disclaimer: I work for Google). Protecting user data and privacy are key priorities here. It's why Google+ has relatively simple privacy controls and allows you to export your data at any time.
Do you trust Facebook? I don't. Then again, there aren't many companies I do trust. But Facebook's track record seems to be to befuddle the user and trick or opt them into sharing things wider than they understand or want.
I don't trust either.
I have blocked Google Analytics along with Facebook, Digg, Twitter, and a bunch of other "services".
Needless to say, I don't have an account with any of them. The "free" services they provide are of very dubious value compared to my privacy and information about my friends, interests, and online activity I'd be giving up by using them or allowing them to track me.
Just like Google did with Buzz
That was such a clusterfuck that for most people Google is in the same bucket as Facebook when it comes to 'caring about user privacy'
To the contrary, I always felt FB knew exactly what it was doing, and was operating in a very calculated way. Three steps forward and (maybe) one step back.
Are you saying that the product designers at Facebook want to design interfaces and settings that intentionally confuse users into laxer privacy settings? Turning this discussion into a rather presumptuous smear at Facebook in the face of many privacy failures by Google is rather childish.
Perhaps you're saying Google's privacy missteps were accidental, and thus tolerable. But what makes them more accidental than Facebook's? Bugs are accidental, sure, and are addressed as quickly as possible (last summer my mentor was locked in a room with a bunch of people for a week trying to fix the bugs that came up, and come up with long term solutions). As a result all privacy settings are as explicit as possible--especially with the most recent launch, the privacy settings of every single item is clear.
It is unfair to claim that Google values privacy and demonize Facebook for its privacy-related product decisions. If anything, privacy nuances are what prevented the new privacy features from launching for multiple months, as we iterated on details that an organization that cared less about privacy would have overlooked.
Here's an interesting comparison: Everything Facebook knows about me is something I or my friends entered (i.e. via tagging). In contrast, Google knows so much more about me than I told it. How did it automatically link my Quora, Twitter, etc accounts without my knowing or permission?
No. If person x is logged into facebook, they (or rather you, as it seems you work for facebook) get an indication of every page person x is browsing that has a "like" button, whether that person presses it or not. Furthermore, even if you're logged out of facebook, there's still a couple of facebook cookies identifying the computer you've logged in from.
I'm not sure I would you believe the claim that Facebook is not using any of that info right now, but I'd probably call you an outright fraud if you said that this data is never ever going to be used for anything.
Same way for Google, BTW - they've had a better track record of not abusing the data they have, but it is possibly because we haven't heard the gory details yet, and it is not going to stay that way when their profits take a dip if they ever do - they are in it for the money, and that data is worth a lot of money.
For those reasons, my firefoxen run ABP, RequestPolicy and/or Ghostery, AND I have multiple users for job / personal / porn browsing (and other measures), and multiple browsers (chromes, firefox versions) for de-panopticlicking.
OK, fair enough. I meant the stuff I or my friends see. Facebook doesn't display a list of "pages that had like buttons that orijing visited but did not like" although that would be interesting.
This is so very different from
> Everything Facebook knows about me is something I or my friends entered (i.e. via tagging).
As to be irrelevant - I don't have a single status update or biographic detail in my facebook account, and I remove tags of me from pictures -- and yet, facebook has a damn good idea of the websites I browsed before installing ghostery.
Almost certainly, yes. Since that's how they derive revenue from users.
> Turning this discussion into a rather presumptuous smear at Facebook in the face of many privacy failures by Google is rather childish
Somehow, privacy UI changes at fb almost always lead to more rather than less confusion and more rather than less sharing. We could either assume the designers are incompetent or decide this is by design. Occam's razor says by design.
The copyright issue is a red herring. Facebook could create an official "data:..."-url based "like" button that has the original image instead of linking to their server. It would be better for everyone involved, including facebook's bandwidth and the site's loading speed -- except that facebook would lose their tracking data.
The other thing that they would be unable to do would be to change the look of the image (because it would be _in_ the link); but I think it is a good thing that they (or a hacker) can't put a penis on every page that has a like button.
Really, the copyright thing is a PR deflection, not the real issue.
I'm happy to hear you trust Google, but trying to warp this into a smear on Facebook (my employer) about trust is in poor taste.
"[2. Update: Mittlerweile äußerte sich erneut Tina Kulow von Facebook Deutschland. In einem Tweet schrieb sie: "Um es klar zu stellen: 2-klick-Button ist nicht ideal - aber kein Problem. Nur ein Like-Button der grafisch so tut als ob er einer ist, ist nicht ok. Das ist alles." Nachdem heise online dem Button für den ersten Click, der die Like-Funktion aktiviert, ein verändertes Design gegeben hat, sollte demnach der weiteren Nutzung des 2-Click-Buttons durch heise online und andere Websites auch von Seiten Facebooks nichts mehr im Wege stehen.]
So it says the two click button is not ideal, but not a problem. Though the graphic on the Like-Button is not okay, and so on.
Firstly, what if they just don't want to confuse users? I see people confused all the time of when you need to click and when you need to double-click, every time I see someone using the computer — I'm sure I do this myself, too. What does allowing someone to introduce uncertainty as to what's required here do, especially when their click-through buttons look just like Facebook's normal ones on other sites? I'd say it'd just confuse people. I don't have an issue with Facebook doing that, I'd actually rather have them enforce, this, so you know what is going on when you see a standard Like button.
(As a few other comments have noted, just replacing the button with a custom-styled one would solve this issue. It'd also solve user confusion, since it no longer appears to be Facebook requiring a double click.)
So, maybe they're not just after destroying privacy, after all? Maybe?
(I don't work for Facebook, or even know anyone who does. I just like to try and see both sides of something like this.)
I just like to try and see both sides of something like this.
The default setting ought to be that connections to 3rd party sites are done in incognito mode. This would disallow tracking by looking up the referer and sites like Facebook couldn't also tell who's login cookies the browser is storing. You could then whitelist connections on a per-site basis.
But that was my half-thought-through answer. Of course they're perfectly able to track me even without being logged in. So the real answer is I need to be sure I'm not loading cross-site img and iframes... My Omniweb install I'd already configured to do that, but setting up proper privacy countermeasures on my Firefox install just jumped way up the priority list.
With Facebook cookies everywhere, you don't need to be logged in for them to track you. And in my case, even if I used a different browser for logging into Facebook, they could (in theory---I have no idea if they actually do this or not) still track me based on the IP address alone.
Google is just as scary. A few months ago I did a few searches for local casinos (I was helping a friend of mine get a job at one) and now, I see ads for casinos on about a third of the webpages I visit. It's most annoying, and quite scary when I think about it too much.
You should be able to remove that from your ad targeting here: http://www.google.com/ads/preferences/ It lists all the categories Google thinks you're interested in and allows you to add or remove categories.
When you are using your non-FB browser and visit a website with the FB buttons installed, FB gets click data about you.
You need to use a blocking extension in your non-FB browser in order to effectively implement your technique.
The world is not some cute friendly little place. It is equally as barbarous today as it was in the dark ages. The TVs have convinced everyone otherwise it seems. Evil people are using machines to take over the world.
My point is that to make such widgets illegal, widgets that service three consenting parties, is completely retarded.
However, I think a better approach is to educate each other on how the Internet works, so that blanket measures can be avoided.
AFAIK Google+1 doesn't, as of yet, have such an URL where you can share. Sharing seems to go through the +1 button. I'd really like a share url for Google+ for technical and privacy reasons and keep everything one-click to share.
I know that sharing on Facebook is different from liking, but I feel sharing is more valuable from a marketing POV.
It supports five or six like buttons.
When using the browser that is logged in, I get 15 "+1"s for google like-like button. however, when using the other browser that's not logged in, I get 0 "+1"s.
Can anyone explain?
Actually, I had other problems with them, and what they did is just plainly banned my application and blocked my website from using facebook API.
I'm never clicking a facebook like button again until I can turn off user website tracking.
There, problem solved.
If your startup isn't social and free, it isn't hip. If you don't have a Facebook page and seven shades of "Like" buttons, you are destroying your business. Just stop.
Stop putting that social media flare (crap) on your website. Your users don't care, because sharing a link is not an unsolved problem.
First, they are a SOCIAL network, this data helps them figure out the engagement level with different brands that participate on the Facebook social platform. Second, in this case, the use of 2-click solution creates a disconnect with the expected behavior of the Facebook Like widget which means users going across different sites will not know whether they need to make one or two clicks to enable a "Like". Third, when you don't use the Facebook Like widget, you don't get any insight into your connections with your social graph unless you click on the Like button which defeats the purpose of being able to see that "4 of your friends like this".
There are real privacy concerns that we should consider but I'm tired of reading EU Privacy office statements that show a lack of understanding of how the web works and without regard to the impact to the monetization ecosystem which is the lifeblood of many web publishers. What bothers me more is that there's a lack of consideration that there are legitimate reasons a certain level of data is collected in order to make the web more social.
It isn't for making the web more social. It's for making (e.g.) Facebook more all-knowing, which is a task on the way for more profit.
Just like the tobacco industry should be regulated against making cigarettes more addictive, privacy should be regulated -- either by attaching a mouse-over saying "warning: facebook tracks you on every page you visit that has a like button", or by limiting what and how they can collect.
The copyright issue is a red herring. Facebook could create an official "data:..." url like button that has the original image instead of linking to their server. It would be better for everyone involved, including facebook's bandwidth and the site's loading speed -- except that facebook would lose their tracking data.
Non-sequitur. What does their knowing the "engagement level" with a brand have to do with social networking? In what way would Facebook be less social if you eliminate the entire like-button feature (for the sake of argument)?