Social Networks like Facebook, LinkedIn, FriendFeed, MySpace and Twitter all hope to create a feeling of loyal warmth and human companionship — but is something more nefarious lurking just out of sight beneath the surface intimacy?
Each of these tracking companies can track you over multiple different websites, effectively following you as you browse the web. They use either cookies, or hard-to-delete “super cookies”, or other means, to link their records of each new page they see you visit to their records of all the pages you’ve visited in the previous minutes, months and years. The widespread presence of 3rd party web bugs and tracking scripts on a large proportion of the sites on the Web means that these companies can build up a long term profile of most of the things we do with our web browsers.
Given how much tracking firms know about our browsing history, it’s worth asking whether these companies also know who we are. The answer, unfortunately, appears to be “yes”, at least for those of us who use social networking sites.
A recent research paper by Balachander Krishnamurthy and Craig Wills shows that social networking sites like Facebook, LinkedIn and MySpace are giving the hungry cloud of tracking companies an easy way to add your name, lists of friends, and other profile information to the records they already keep on you.
The main theme of the paper is that when you log in to a social networking site, the social network includes advertising and tracking code in such a way that the 3rd party can see which account on the social network is yours. They can then just go to your profile page, record its contents, and add them to their file. Of the 12 social networks surveyed in the paper, only one (Orkut) didn’t leak any personally identifying information to 3rd parties.
There are some interesting technical details in how the social networking sites leak this data. In some cases, the leakage may be unintentional, but in others, there is clever and surreptitious anti-privacy engineering at work.
It’s just a little terrifying how discretely and earnestly we’re being attacked and tracked and moderated and “database-ized” for the purity of profit from people we don’t know and will never meet.