A second wave of attacks began midday Friday after much of the eastern United States was affected in the morning. Sites affected included Etsy, ...
However, some vendors don’t think the privacy breach will change consumer behaviors.
Facebook Inc. says that several applications built on the Facebook Platform were violating the social network’s policies by passing on consumers’ user IDs to ad networks. User IDs are unique numbers assigned to Facebook members that are used by the social network and its applications for identification purposes, but that ad networks can also use to identify consumers’ names.
“In most cases, developers did not intend to pass this information, but did so because of the technical details of how browsers work,” wrote Mike Vernal, a Facebook engineer, in a blog post. He added that knowledge of a user ID doesn’t enable a marketer to access private user information without explicit user consent.
“Nevertheless, we are committed to ensuring that even the inadvertent passing of user IDs is prevented and all applications are in compliance with our policy.”
Among the application developers violating the social network’s policies was RapLeaf, which had linked Facebook users’ ID information, which it had obtained from its apps, to its database of Internet users which it sells to advertisers.
“When we discovered that Facebook IDs were passed to ad networks by applications that we work with, we immediately researched the cause and implemented a solution to cease the transmissions,” wrote Jeremy Lizt, RapLeaf vice president of engineering, in a blog post. “The transmissions, when they occurred, were not a result of any purposefully engineered process by Rapleaf. Instead, they were due to broader issues concerning site referrer URLs, which are managed by sites themselves and ad networks.”
However, even if this particular issue is resolved it brings to the forefront the need for retailers to be transparent in what information is gathered and used, says Scott Silverman, co-founder and vice president of marketing for e-marketing firm ifeelgoods and former executive director of Shop.org, a trade group for online retailing.
“Anywhere retailers or their partners collect customer information, it should be clear to customers about how their information will be used,” he says. “And retailers need to honor all promises they make about the information they collect from their customers. This is no different for Facebook apps than on a retailers’ web site, in their store or anywhere else.”
Wade Gerten, CEO of ad network and e-commerce applications developer Alvenda Inc., says he doesn’t expect the privacy breach will have an effect on consumers’ behaviors—at least for retailers with respected brands. Alvenda builds applications that allow retailers such as Avon Mark and Hallmark to sell directly on Facebook.
“I think people are concerned about privacy, but I think that people trust the brands we work with,” he says. “I don’t think this will cause people to think twice about buying something from Hallmark on Facebook.”
To help allay consumer concerns, Alvenda includes a note on its checkout page that it does not share consumers’ information and that all of the purchase information goes directly to the retailer. This is only the latest in a string of privacy-related controversies for Facebook. In May the site endured a barrage of criticism over the complexity of its privacy settings. The site then unveiled streamlined settings in August. Those concerns have grown as Facebook opened up its platform to allow other sites, such as Levi Strauss & Co.’s Levi.com, to integrate the social network’s features into their sites. Doing so has allowed Levi.com to add a Like button to its site that allows a consumer’s friends to see what he likes, both on the site, as well as on Facebook, as well as create a Friends store microsite that features merchandise that a shopper’s friends clicked that they like.