Facebook vows to fix online privacy breach
|29 Sep 2011 12:06 BST||Back|
Also in the news
Facebook has been tracking users after they have logged out of the social networking site.
Australian blogger, Nik Cubrilovic noticed that rather than deleting its tracking cookies once the user has logged out, the site modifies them.
Facebook claims that this privacy breach is an honest mistake. A spokeperson told the BBC that there was no security or privacy breach and that Facebook did not store or use any information it should not have.
Facebook did confirm that: “Three of these cookies on some users’ computers inadvertently included unique identifiers when the user had logged out of Facebook.
“However, we did not store these identifiers for logged out users. Therefore, we could not have used this information for tracking or any other purpose. In addition, we fixed the cookies so that they won't include unique information in the future when people log out.”
The Australian privacy commissioner is said to be investigating the matter, while in the US two congressmen have asked the Federal Trade Commission to investigate this.
Facebook was able to obtain this information when users visited websites connected to Facebook through devices such as the ‘Like’ button. According the to the two US congressmen (Edward Markey and Joe Barton), 905,000 sites have the ‘Like’ button.
In a follow-up blog on 26 September Nik acknowledged the steps Facebook had taken to fix the cookies glitch.
“Facebook has changed as much as they can change with the logout issue. They want to retain the ability to track browsers after logout for safety and spam purposes, and they want to be able to log page requests for performance reasons etc.
“I would still recommend that users clear cookies or use a separate browser, though. I believe Facebook when they describe what these cookies are used for, but that is not a reason to be complacent on privacy issues and to take initiative in remaining safe.”
Here in the UK, the Information Commissioner’s Office (ICO) has given UK businesses until May 2012 to comply with the new cookies regulations.
Click here for more about the cookies regulations.