Silicon Insider: Has Facebook Gone Too Far?

Do you want your grandmother to know you bought porn? Well learn to opt out.

Nov. 29, 2007 — -- It's time to opt out of opting out.

I never thought I'd agree with arch-lefty group MoveOn.org about anything, but this time those folks are on to something worthy of all of our support.

MoveOn's Civic Action division, which as near as I can tell is like Ralph Nader's old PIRG operation, has embarked on a campaign against Facebook and its new "Beacon" advertising feature. MoveOn claims that Beacon "sullies" social networking and infringes user privacy. I would add that it sets a very bad precedent, and if not stopped now by users will slowly infect all community sites on the Web.

The best description of how it works was written by Vauhini Vara in the Wall Street Journal -- but simply put, when a Facebook user makes an online purchase of a product or service that is affiliated with Beacon (Fandango and Blockbuster, for example), that user's Facebook page will briefly list that purchase and ask if you want to share that fact with your Facebook friends list.

So far, so good. Like most people, I'm willing to allow a Web site I like to steal a few seconds of my time in exchange for content so that it can earn some advertising revenues. To paraphrase Milton Friedman, There's no such thing as free ware, and that includes online content. If we are going demand that everyone from record companies to bloggers give away their content for nothing, then we have to allow them to earn their revenues in some other way.

And that brings us back to Beacon. Because here's what happens: if you ignore that 'opt-out' button for about thirty seconds, it disappears. Vara tried it with Fandango tickets and found that it took four separate clicks on two different sites (Fandango and Facebook) to stop that information from being shared with scores of Facebook 'friends.'

The argument made by Facebook in support of this is disingenuous, and uses that old trick I learned in my PR days of isolating one error in the opponent's claim and using that to dismiss their entire argument. In this case, Chris Kelly, Facebook's "chief privacy officer" (one of those new corporate titles that's going to come back and bite companies) told the New York Times that MoveOn is "misstating the way this process works." In particular, he said, the purchase is only shared with confirmed friends and on the user's own profile, not to the "world." At the same time, he does confirm, that if the user ignores the notification and fails to opt out, the purchase information will be automatically displayed.

And this coming from the Chief Privacy Officer of Facebook.

Just on this information alone, you can already predict what's happening to Facebook users around the world. You go online to, say, Overstock.com, and buy a Christmas present for your wife. Or you drop into Blockbuster to rent a sexually explicit or homoerotic film. You're racing through the Web, as usual, you've got pop-up and streaming ads racing across every page you visit, and you happen to miss those two 'don't display' buttons that have been cleverly designed and carefully placed so as not to get your attention and next thing you know, you're wife has just learned of her Christmas present on Dec. 4 and your elderly grandmother and all of the people at your office now know you just rented Convict Girls in Love.

This might be an amusing Fark.com entry if it apparently wasn't happening right now to numerous people all over the world. Sure, once burned Facebook users will quickly learn to search for and quickly punch the No Beacon key, no matter how well it is disguised. And no doubt, many Facebook users will find it an easy way to share additional, shopping-related, information with friends.

But that isn't the point. Web companies are desperately searching for that one magic key to maximizing advertising revenues while minimizing impact on their users. They've tried static ads, pop-up ads, keywork links, scrolling ads, flash movies … all to varying degrees of success.

None has proven as powerful as the Google revenue -- i.e., keep the user experience pure and untouched, and bury the advertising operation beneath -- and therefore everyone is trying a variant of it. Beacon is just the last incarnation: in theory, at least, you just go on with your life, and it automatically shares your purchase choices with the people you are most likely to influence, your Facebook friends. And aren't social networks about sharing?

So the real problem is philosophical. And this is where MoveOn gets it right. Facebook is trying out Beacon in the belief that its potential revenues will outweigh any added discomfort to its user base. It's a very careful balance. The barriers to market entry are extremely low in the social networking world -- look at how easily Facebook stole the march from MySpace -- so Facebook is betting that it can implement Beacon, earn its added revenues, and train its users not to use the 'opt out' key and not create a mass mutiny in the process.

You can also be sure that this is only the beginning. If Facebook is successful with Beacon, two things will occur: It will begin to implement a whole raft of other 'opt out' functions on the site -- meaning that Facebook users in the future will have to, every time upon signing on, click out of a whole string of Beacon-like programs; and flush with its success on Facebook, Beacon will migrate its business to a whole bunch of other social networking sites.

What's the best way to respond to this? I'm wary of the MoveOn approach, because I'm not entirely sure this represents a legal violation of privacy. But there is nothing to keep Facebook users -- and all of the rest of us who encounter this type of program anywhere on the Web -- from the pocket veto of always opting-out. Learn to spot that button and hit it every time. Don't complain afterwards that you didn't want to share that information; nip it in the bud. Programs like Beacon, because they can generate so much money, are largely immune to public resentment and anger – what they can't survive is a lack of usage.

So opt out. Always. Facebook will find another, less nefarious, way to take your money.

The Internet is evolving rapidly, and will accelerate in the years to come as a billion more users come on-line and most of us begin to shift from computer displays to cell phones and other so-called "Third" screens. But the trajectory of this evolution can be channeled in directions we like, and away from paths we don't. This is one of those times. I've long said that e-commerce needs a voluntary code of corporate ethics -- and the newest entry to that code should state that no service shall be automatically added to a user's experience without prior warning, and that any such service shall allow the user to opt-in, not opt-out.

TAD'S TAB

For every wannabe hacker, or any others so inclined, http://www.i-hack.org/computer/internet/browse-any-password-protected-site-without-register.html gives an in depth guide on how to fool password-protected sites into letting you see inside. To summarize, i-hack gives you the proper tools, including the Firefox application, that convinces locked servers that you are a googlebot, and that your only interest is categorizing the site for the search engine. Along with some simple editing tricks, you can visit virtually any site on the web.

This work is the opinion of the columnist, and in no way reflects the opinion of ABC News. Facebook and ABC are partners in a political content application.