This Blog
Syndication
Recent Posts
Tags
Calendar
Archives
CA Security Advisor Research Blog
Find out what our research team is saying about the latest security threats in the CA Security Advisor blog
Update: A Statement From Facebook
Following the publication of the last two blogs about Facebook's Beacon program and the data we observed being sent to facebook.com, we have received the following statement from Facebook corporate communications, which addresses the use of the data:
"When a Facebook user takes a Beacon-enabled action on a participating site, information is sent to Facebook in order for Facebook to operate Beacon technologically. If a Facebook user clicks "No, thanks" on the partner site notification, Facebook does not use the data and deletes it from its servers. Separately, before Facebook can determine whether the user is logged in, some data may be transferred from the participating site to Facebook. In those cases, Facebook does not associate the information with any individual user account, and deletes the data as well."
About Stefan Berteau
Stefan Berteau is a senior research engineer with CA's Anti-Spyware Research team. He holds a B.S. in Multimedia Design and Development from American University, where his studies concentrated on machine learning and graphics programming. Stefan's research-related interests include automated identification and behavioral analysis of threats, analysis of the complex systems created by botnets, modeling the economics of malware, and cryptography.
Print
Email
Rate
Comments
Rob said:
Ok Facebook, now show us that you delete it....considering that Facebooks whole business is based around advertising I do not believe for one second they delete information that can be extremely valuable for their Beacon partners and therefore Facebook.
Brian said:
They use the present tense the entire time. Did it operate differently before they were called out on it? Also, will it ever operate differently in the future?
William Sievers said:
Sounds like Facebook management should review the lessons to be learned form the SONY DRM fiasco.
Tech For Novices said:
Thanks for the clarity.
Facebook's Misrepresentation of Beacon's Threat to Privacy: Tracking users who opt out or are not logged in. - CA Security Advisor Research Blog - CA said:
Pingback from Facebook's Misrepresentation of Beacon's Threat to Privacy: Tracking users who opt out or are not logged in. - CA Security Advisor Research Blog - CA
CA Security Advisor Research Blog said:
In addition to the statement we received this past Friday, we have received further communications from
Frank said:
I just visited Epicurious and there is no mention at all about Facebook, even in their privacy policy. Seems to me that partner sites need to be transparent, too and should share some of the blame. Why don't partner sites disclose that they are using Facebook javascript code that is sending user data? Visitors to those sites should have the (permanent) option to disable or otherwise not use this code.