This morning I stumbled upon (in the un-trademarked sense of the phrase) this article on Search Engine Watch, German State Bans Facebook Pages, Like Buttons. The German Independent Center for Privacy Protection has required local (German) websites/businesses to take down their Facebook pages and remove Facebook “like” buttons from their own websites. Why?
ULD Commissioner Thilo Weichert for the northern German state of Schleswig-Holstein, said “the social network’s plugin, which allows Internet users to express their appreciation of something online, illegally puts together a profile of their Web habits.”
The complaint is that these plugins and pages track users for up to 2 years, recording users interactions with web pages, where they go beyond the initial page and what they do on all pages visited.
Search Engine Journal goes on to comment that this puts companies operating in Germany in an unfair disadvantage to their International competitors. As Frank Watson writes, “Having the government restrict this is not only dangerous, but restraint of trade. When the profits of businesses drop, they pay less taxes and employ less people, further depleting their own economy.”
While Facebook states that there are compliant with EU privacy laws, clearly these types of services social networking services should give us more pause, and this action on behalf of the German state begs the question: why isn’t there a U.S. group watching out for our privacy? Why is e-commerce more important then protecting my private information?
Earlier this month, Forbes published an article about this very issue: Facebook’s Privacy Issues Are Even Deeper Than We Knew. It’s not just what Facebook, or any other social media network, will do with your information that’s the problem, it’s what these platforms enable others to do with your information that is potentially more intrusive to you. As mentioned in the article, Facebook has essentially become a photo identification database.
As reported in various privacy and security outlets like Kashmir Hill’s Forbes blog and Paul Roberts at ThreatPost, and demonstrated at last week’s Black Hat conference, the CMU researchers relied on just Facebook’s public profile information and off-the-shelf facial recognition software. Yet the CMU researchers were able to match Facebook users with their pictures on otherwise anonymous Match.com accounts. The researchers also had significant success taking pictures of experimental subjects and matching them to their Facebook profiles.
Drawing upon previous research, they were also relatively successful at guessing individuals’ Social Security numbers. From there, of course, it is just an automated click to your Google profile, LinkedIn work history, credit report, and many other slices of private information. (See the FAQ to the research here.)
Squirming in your chair yet? Just in case you’re not, consider this: Google’s Eric Schmidt is infamously quoted as saying that “Google policy is to get right up to the creepy line and not cross it.” For clarification, he was talking about chip implants, not, say, Google Plus, but his sentiment has an especially eerie echo these days.
The U.S. policy on user/comsumer protection is clear: corporations are innocent until proven guilty, and the onus is on the user/consumer to prove foul play (if said user/consumer can afford to do so, that is). While the EU strives to protect consumers from toxic cosmetics and questionable Internet privacy policies, the U.S. offers us none of these protections, which encouraging over consumption and over-sharing.
So, be careful out there in cyberspace. Don’t take candy from a stranger, or Facebook…