TalentZoo.com |  Flack Me |  Digital Pivot |  Beneath the Brand Archives  |  Categories
Is a Social Media Scandal Afoot?
By: Jeff Louis
Bookmark and Share Subscribe to the Digital Pivot RSS Feed Share

One of the best qualities of The Wall Street Journal is investigative accuracy. Although the paper has been subject to some scrutiny, it has been an accurate, reliable source since Fair.org wrote "20 Reasons Not to Trust the Journal Editorial Page."

Many of the paper's articles affected society and went on to win a multitude of awards before transforming into bestsellers that tackled the fall of RJR Nabisco ("Barbarians at the Gate"), the practice of insider trading ("Den of Thieves"), and the financial rape of Enron ("24 Days").

The Wall Street Journal recently broke a story on social-networking sites that despite their claims to the contrary, send data to advertising companies "that could be used to find consumers' names and other personal details" unbeknownst to users without any consent.

Large online advertisers, like DoubleClick (Google) and Right Media (Yahoo!), receive data that identifies a user's name or ID number when an ad is clicked. Since this data is tied to our personal information, it's possible that any information displayed publicly  (name, age, location, occupation, etc.) is being sent to online advertisers. 

The concept isn't new; the more planners know about their target audience increases their success rate. However, there are rules to the game; planners typically don't take information without the consumer's knowledge.  

In this case, both the data "senders" (Facebook and MySpace) and "receivers" (DoubleClick, Right Media) deny awareness of this "extra" data. DoubleClick and Right Media both claim that since they didn't know of the data, it couldn't be used for targeting. 

The problem, according to a computer science professor at Worcester Polytechnic Institute, has been present since social networking's inception; social media sites have never obscured user names or ID numbers from advertisers, or on their sites. (Each profile has a specific URL ID or, in some cases, PURLs, or personalized URLs.) 

According to the article, denial isn't a good excuse: "The sites may have been breaching their own privacy policies as well as industry standards, which say sites shouldn't share and advertisers shouldn't collect personally identifiable information without users' permission. Those policies have been put forward by advertising and Internet companies in arguments against the need for government regulation."

Other sites involved in this "breach" of security include Twitter, LiveJournal, Hi5, Xanga, and Digg. An August 2009 research paper outlining the flaw depicted several routes advertisers could use to access private information from 12 social networks.

The paper, researched by AT&T Labs and Worcester Polytechnic Institute, didn't receive much notoriety when published. Now, due to user's concerns regarding privacy and the federal government's steps to regulate the industry, the paper's resurfaced. For social networks, it couldn't have come at a more inopportune time. 

While adding to fears surrounding privacy, the paper isn't a knockout blow. No, the research team delivers the haymaker.

After publishing their findings, researchers contacted the concerned social networks, alerting them to the problem; none of the sites moved to address the issue -- until yesterday. 

Facebook has reportedly remedied the error, stating that information-sharing practices now mimic other advertisers on the Internet. MySpace and others claim because they don't require users to publish real names, there's no identifiable information being sent to advertisers.

However, in past months, MySpace introduced PURLs and also started asking for users to submit their real names. Allegedly an effort to make "friend finding" easier, the site's search engine asks if you're searching for friends using their real name, user name, or mixture of both. A warning follows, and it notifies users that once done, the PURL or personal e-mail address cannot be changed.

MySpace claims advertisers cannot make use of any profile information other than identify on which page the ad appeared. Despite this claim of anonymity, MySpace is "currently implementing a methodology that will obfuscate the 'FriendID' in any URL that is passed along to advertisers."

All parties, as mentioned above, claim to be unaware of the problem, yet the social media sites were notified. Google states they don't "seek in any way to make any use" of user names or IDs, and Yahoo! prohibits advertisers from sending of personally identifiable information; if it's accidentally sent, Yahoo! does not search for it.    

Neither company definitively states this data was not and will not be used.

Unacknowledged items most certainly can't be "used." It's goes against all logic, like that time the Soviet Union didn't know about those missiles in Cuba.


Bookmark and Share Subscribe to the Digital Pivot RSS Feed Share
blog comments powered by Disqus
About the Author

Jeff Louis: Media Planner, Brand Project Manager, blogger, and aspiring writer. Please leave a comment or get in touch with Jeff on Twitter. As always, thank you for reading!

Beyond Madison Avenue on

Advertise on Beyond Madison Avenue
Return to Top