Information on how Facebook tracks its users behaviors both on and off site has been released. Most worrisome is that Facebook keeps a running log of the sites a user has visited in the past 90 days.
Facebook Tracking Details Released
The information on how data is tracked was compiled by USA Today, with sources including Facebook representatives Arturo Bejar (Facebook's engineering director), Gregg Stefancik (Facebook's engineering manager), Andrew Noyes (Facebook spokesman), and Barry Schnitt (Facebook corporate spokesman).
Facebook's tracking begins when you visit Facebook for the first time. If you register for an account, you get two cookies: a browser and a session cookie, the first of which allows Facebook to show an alternative message the next time you arrive and the second of which declares which account you're using. If you don't register for an account, you'll only get the browser cookie.
This alone is hardly worrisome; basic session cookies are very common. However, every page that has a Facebook plugin, including a Facebook "like" button, will then manipulate your cookies. Since the cookie stores information on every page that you visit that has a Facebook plugin, and a huge number of pages have such plugins, Facebook is able to keep an accurate log of which sites you've visited. This information is stored by Facebook for 90 days.
If you visit a site while not logged in but with the cookie in your browser, your system IP address, screen resolution, operating system, and other basic system information are stored. If you're logged into your Facebook account at the time that you visit a site that has a plugin, your basic personal information (name, email, friend information, etc.) are also stored.
How the Information Is Used
According to everything Facebook has indicated and all known uses of the data, the company is using the personal information only to get an accurate idea of how plugins are performing, how much the site is used, what browsers are popular, and ways the the social network can improve its appeal.
The issue is in the potential use of the data. Since Facebook has a log of the sites you've visited, it can gain unintended insight on a user's medical conditions, sexual orientation, religious beliefs, political preferences, and much more. Should Facebook then sell that information or use it to the benefit of advertisers, it would – in the minds of many users, including yours truly – constitute a serious breach of privacy.
This would be less concerning if Facebook didn't have a patent on using the tracked data for just such a purpose. While Facebook corporate spokesperson Barry Schnitt stated, "We patent lots of things, and future products should not be inferred from our patent application," his statement did little to alleviate user concerns.
How do you feel about the cookie tracking? Do you think Facebook will abuse the tracked data? How should users respond? What government regulation, if any, should be implemented? Leave your thoughts in the comments, below.