Published on October 25th, 2011 | by Mithil Bhatia1
Facebook: Researcher reveals Patent Application that tracks user who don’t have a Facebook Account
Couple of days before, we took into account that Facebook could possibly face €100,000 fine for holding data that users have deleted. Yesterday, a security expert and researcher, Bruce Schneier breaks the deck by revealing that Facebook’s patent application will track users even those who do not have an account! According to the researcher, the social network is in the process of approval of patent application that would allow tracking of users even when not logged-in. Even worse, the patent also suggests third-party monitoring are part of or even have a facebook account.
And the history is long:
Last month, the Australian Blogger Nik Cubrilovic reported on the social network Facebook explaining Facebook’s tracking of surfing habits of users even after closing the session. According to Nick, “Facebook still knows and can track every page you visit that has Facebook integrated. The only solution is to delete every Facebook cookie in your browser, or to use a separate browser for Facebook interactions”. The post recounted how each user was registered under a unique identifier that remained in the user’s hard drive and sent to the social network every time you visit a third party site that contained a Facebook plugin. Facebook responded and ended up making changes to the logout process and explaining each part of the process and the cookies that the site uses in detail.
After three weeks, a user from United States files the first lawsuit against the social network for violating federal wiretapping laws. The argument was based (according to the report of Cubrilovic) on tracking your browsing history in the network even when not connected.
Now, few hours ago, the Researcher Schneier sheds some light on these data. According to him, Facebook is in the process of approval with the patent application that allows such monitoring. The Facebook corroborates the researcher explaining that this is not a patent (as initially thought Schneier), but a patent application.
Under No. 20110231240, the patent states that:
Communicating Information in a Social Network System about Activities from Another Domain:
In one embodiment, a method is described for tracking information about the activities of users of a social networking system while on another domain. The method includes maintaining a profile for each of one or more users of the social networking system, each profile identifying a connection to one or more other users of the social networking system and including information about the user. The method additionally includes receiving one or more communications from a third-party website having a different domain than the social network system, each message communicating an action taken by a user of the social networking system on the third-party website. The method additionally includes logging the actions taken on the third-party website in the social networking system, each logged action including information about the action. The method further includes correlating the logged actions with one or more advertisements presented to the one or more users on the third-party website as well as correlating the logged actions with a user of the social networking system.
More precisely, the application would not only monitor those who are in the Facebook, but would also allow monitoring to those users who refer in other sites and even those who are not part of the network of Facebook that’s who do not have any account. Incredible, but the Facebook claims that, while they do collect information on non-users, they don’t use it for profiling.