Facebook Beacon

From Wikipedia, the free encyclopedia
  (Redirected from Beacon (Facebook))
Jump to: navigation, search

Beacon formed part of Facebook's advertisement system that sent data from external websites to Facebook, for the purpose of allowing targeted advertisements and allowing users to share their activities with their friends. Beacon would report to Facebook on its members' activities on third-party sites that also participate with Beacon. These activities would be published to users' News Feed. This would occur even when users were not connected to Facebook and would happen without the knowledge of the Facebook user. One of the main concerns was that Beacon did not give the user the option to block the information from being sent to Facebook.[1] Beacon was launched on November 6, 2007 with 44 partner websites.[2] The controversial service, which became the target of a class-action lawsuit, was shut down in September 2009. Mark Zuckerberg, CEO of Facebook, characterized Beacon on the Facebook Blog in November 2011 as a "mistake".[3] Although Beacon was unsuccessful, it did pave the way for Facebook Connect, which has become widely popular.[4]

Privacy concerns and litigation[edit]

Beacon created considerable controversy soon after it was launched, due to privacy concerns. On November 20, 2007, civic action group MoveOn.org created a Facebook group and online petition demanding that Facebook not publish their activity from other websites without explicit permission from the user. In fewer than ten days, this group gained 50,000 members.[5] After the class-action lawsuit, Lane v. Facebook, Inc., Beacon was changed to require that any actions transmitted to the website would have to be approved by the Facebook user before being published.[6] On November 29, 2007, Stefan Berteau, a security researcher for Computer Associates, published a note on his tests of the Beacon system. He found that data was still being collected and sent to Facebook despite users' opt-outs and not being logged into Facebook at the time.[7][8] This revelation was in direct contradiction to the statements made by Chamath Palihapitiya, Facebook's vice president of marketing and operations, in an interview with The New York Times published the same day:

Q. If I buy tickets on Fandango, and decline to publish the purchase to my friends on Facebook, does Facebook still receive the information about my purchase?
A. "Absolutely not. One of the things we are still trying to do is dispel a lot of misinformation that is being propagated unnecessarily."[9]

On November 30, 2007, Louise Story of The New York Times blogged that not only had she received the impression that Beacon would be an explicit opt-in program, but that Coca-Cola had also had a similar impression, and as a result, had chosen to withdraw their participation in Beacon.[10]

On December 5, 2007, Facebook announced that it would allow people to opt out of Beacon.[11] Founder Mark Zuckerberg apologized for the controversy.

This has been the philosophy behind our recent changes. Last week we changed Beacon to be an opt-in system, and today we're releasing a privacy control to turn off Beacon completely. You can find it here.[12] If you select that you don't want to share some Beacon actions or if you turn off Beacon, then Facebook won't store those actions even when partners send them to Facebook.

In 2008, Attorney Joseph H. Malley,(Law Offices of Joseph H. Malley, PC, Dallas Texas), filed a Federal Class Action against Facebook, and thirty-three companies, including Blockbuster, Zappos, and Overstock, due to privacy violations caused by the Facebook Beacon program. This program resulted in users' private information, obtained from third-party affiliate marketing websites, being posted on Facebook without consent. This act was referenced in the Lane v. Facebook, Inc. class action. Based on this act it is generalized to other forms of rental records such as DVDs and Video games etc.

With the emergence of new-age computing technology and devices in the early 2000's came websites, 3rd party advertising and tracking firms began using mechanisms that violated a user's privacy. While computer technology was progressing rapidly, federal and state laws had failed to be proactive, a risk to society of ungoverned technology. As such, litigation for violations was relatively non-existent. A new method to litigate Federal privacy cases was needed to protect the hundreds of millions of people violated by unauthorized tracking user's activities online.This was a formidable task since no law firms had litigated cases involving the computer technology inherent within the exchange of user data between third-party affiliated entities, thus there was no case precedent, no "blueprint" to follow. Earlier cases, such as the double-click "cookie" case in 2001, had relied on using a wiretap statute, the Electronic Communication Privacy Act ("ECPA"). While a plausible allegation, it was a weak allegation since the website user had granted such permissible use within the website’s term of service ("TOS").

Attorney Malley, who had developed a litigation strategy in the early 2000’s involving another federal privacy law, the Driver Privacy Protection Act ("DPPA"), a law related to the unauthorized access to DMV records and permitted statutory damages for privacy violations, IE., $2500.00 damage award "per person-per violation, (per company)", successfully filing numerous federal class actions against 3-400+ companies, sought a similar strategy, but needed to develop a new theory of liability for added assurance to survive a motion to dismiss.

The online advertising industry, in association with analytic companies, had begun using video ads to conduct its ubiquitous tracking, consumer's attention shown to be drawn to such as opposed to written content, In later years, these tracking methods would expand to photos and audio, IE., In 2008, cell phones were re-designed to include a new method of tracking, the use of social apps to collect photos, a process which now permitted a one step "click" process to uploading a photo as opposed to the previous six steps, thus consumers were now more inclined to upload photos in mass. This allowed content to be provided for free and which formed the basis for the tracking, IE., EXIF data. Such acts were captured when Attorney Malley used software applications to log HTTP/HTTPS traffic between a computer's web browser and the Internet, analytic tests using two computers interfaced, producing indisputable evidence of such activities: moreover, detailed reports of any and all parties involved in such nefarious activities, IE., "tracking the trackers". In the continuing research of the Industry's business practises in order to determine it's monetization interests, such revealed the incorporation of complex graphics within online ads, and the exchange of data derived from video ads not confined to an internal network, used via a TCP/IP protocol. This unauthorized activity would become the core allegation.

Extensive research and case analysis of Federal and State laws, regulations, and Court Opinions, yielded limited assistance. An adaptation of the law was needed to litigate this new computer technology involving the unauthorized access to online consumer's data. Attorney Malley seized on an archaic law written concerning the technology of the 1980's involving video cassettes, VHS, and Betamax, the Video Privacy Protection Act (“VPPA”), 18 U.S. Code § 2710 - Wrongful disclosure of video tape rental or sale records, (1988),  eenvisioning that the websites, and any affiliated third-parties, which used the audio and/or video within its marketing ads were "video-providers"; moreover, this content, ads and online games, merely a video; moreover, the essential functionality of the illegal transfer, a “wrongful disclosure”, (core elements needed to prove-up a VPPA violation). The use of the VPPA law in regard to this new-age computer technology would set precedent, and become the new "blueprint" used in Federal privacy litigation.

The lawsuit alleges the release of the information was a violation of the Video Privacy Protection Act, Electronic Communication Privacy Act, Computer Fraud and Abuse Act, California Consumer Legal Remedies Act, and the California Computer Crime Law.[13][14]

On September 21, 2009, Facebook announced that it would shut down the service.[15][16]

On October 23, 2009, a class action notice was sent to Facebook users who may have used Beacon.[17] The proposed settlement would require Facebook to pay $9.5 million into a settlement fund. The named plaintiffs (approximately 20) would be awarded a total of $41,000, the remainder consisting of legal fees.


Facebook Beacon worked through the use of a 1x1 GIF web bug on the third-party site and Facebook cookies.[18] Clearing Facebook cookies from the browser after explicitly logging off from Facebook prevented the third-party site from knowing a user's Facebook identity.

Lawsuit and settlement[edit]

As part of a class action settlement, Facebook terminated Beacon. Facebook was also required by a court order to notify its users of the settlement. Facebook set up a $6 million[19] fund to establish an independent non-profit foundation that will identify and fund projects and initiatives that promote the cause of online privacy, safety, and security. Facebook also set up a website about the lawsuit. Under the contingency fee arrangement with the plaintiffs, the law firms that filed the case would get a fee, likely to be $3–$4 million, but the average Facebook user would receive no monetary award. Facebook notified its users about the court order.

Facebook received intense criticism because of Beacon. The case was ended by a permanent termination of the system and an establishment of a Privacy Foundation. Before Beacon terminated, 19 people against Beacon organized a class action lawsuit. Settling the case, Facebook finally paid $9.5 million in total to resolve the privacy concerns around its users. It established a non-profit foundation called Digital Trust Foundation with $6.5 million, aiming to "fund and sponsor programs designed to educate users, regulators and enterprises regarding critical issues relating to protection of identity and personal information online".[20] Around $3 million was distributed to the original plaintiffs and attorneys. One of the class action organizers made an objection to the Supreme Court, arguing that members from the class action received little money from the settlement as a result of donating to a newly founded charity. The person also raised the issue that the settlement was unfair because Facebook still controlled the foundation since an employee from Facebook was in charge of it. In response to the challenge of the settlement, Facebook explained that direct payment would not be a wise decision comparing to setting up a foundation. Each potential plaintiff would only share a tiny amount of money as it being divided by a huge number of the class action members. Thus, the money used in founding a relevant non-profit organization to educate people about privacy issues seemed to be a better-off deal serving the same interests.[21]


Beacon, as “a recommendation from a trusted friend”[22] referred by Mark Zuckerberg, raised ongoing concerns regarding user privacy on social media sites and outraged privacy advocates. Beacon hurt Facebook’s reputation by violating its Software Engineering tenets and disrespecting the privacy rights of its users.[23] Since the failure of launching Beacon, Facebook has been mired in controversy in terms of privacy issues. The Beacon stories allowed Internet surfers to believe that Facebook and other profit-oriented social networking sites are “large Internet-based surveillance machines”.[24]

In general, Beacon was viewed as a mistake because it appeared to be too explicit about the intentions inscribed in its protocol.[25] By learning from its unsuccessful experience, Facebook has been seeking other ways to monetize their user database through social advertising. Unlike Beacon, the process of commercialization tends to happen in the back-end system thus becoming invisible to the users.[26] In this way, a lot of resistance from the user population could be largely removed. To be more specific, some argue that Facebook Beacon had paved way for its subsequent service, Facebook connect, both adopting the idea of utilizing third-party data.[27]

See also[edit]


  1. ^ [1]
  2. ^ "Leading Websites Offer Facebook Beacon for Social Distribution". Facebook Press Room. 2007-11-06. Retrieved 2007-12-03. 
  3. ^ Zuckerberg, Mark. "Our Commitment to the Facebook Community". Retrieved 6 January 2016. 
  4. ^ [2]
  5. ^ "Petition: Facebook, stop invading my privacy! (Facebook group)". Retrieved 2007-12-03. 
  6. ^ Farber, Dan (2007-11-25). "Facebook Beacon update: No activities published without users proactively consenting". ZDNet. Retrieved 2007-12-03. 
  7. ^ Perez, Juan Carlos (2007-12-01). "Facebook's Beacon More Intrusive Than Previously Thought". PCWorld. Retrieved 2007-12-03. 
  8. ^ Berteau, Stefan (2007-11-27). "Facebook's Misrepresentation of Beacon's Threat to Privacy: Tracking users who opt out or are not logged in". Archived from the original on 2007-12-17. Retrieved 2007-12-03. 
  9. ^ Stone, Brad (2007-11-29). "Facebook Executive Discusses Beacon Brouhaha". Bits (blog). New York Times. Retrieved 2009-10-30. 
  10. ^ Story, Louise (2007-11-30). "Coke Is Holding Off on Sipping Facebook's Beacon". Bits (blog). New York Times. Retrieved 2009-10-30. 
  11. ^ Zuckerberg, Mark (2007-12-05). "Thoughts on Beacon". Facebook Blog. Retrieved 2009-10-30. 
  12. ^ privacy control
  13. ^ Vijayan, Jaikumar (2008-04-18). "Blockbuster sued over Facebook Beacon information sharing". Computerworld. Retrieved 2009-10-30. 
  14. ^ Gohring, Nancy (2008-08-13). "Facebook faces class-action suit over Beacon". networkworld. Archived from the original on 2010-02-12. Retrieved 2009-10-30. 
  15. ^ Metz, Cade (2009-09-23). "Facebook turns out light on Beacon". The Register. Retrieved 2009-09-24. 
  16. ^ Albanesius, Chloe (2009-09-22). "Facebook Partners With Nielsen, Ditches Beacon". PCmag.com. Retrieved 2009-09-24. 
  17. ^ "Class Notice" (PDF). Archived from the original (PDF) on 2010-04-01. Retrieved 2009-12-04. 
  18. ^ "Privacy Policy - Third Party Advertising". Retrieved 2007-12-04. 
  19. ^ http://www.readwriteweb.com/archives/facebook_settlement_gets_judges_ok.php
  20. ^ Pete Williams; Helen Popkin. "Supreme Court won't review Facebook's notorious 'Beacon' case". NBC News. Retrieved 22 May 2014. 
  21. ^ Kendall, Brent. "Facebook's Settlement on 'Beacon' Service Survives Challenge". The Wall Street Journal. Retrieved 22 May 2014. 
  22. ^ Louise Story; Brad Stone. "Facebook Retreats on Online Tracking". New York Times. Retrieved 22 May 2014. 
  23. ^ Blizard, Katherine. "Facebook, Beacon and Your Privacy" (PDF). True-reality.net/. Retrieved 11 June 2014. 
  24. ^ Fuchs, Christian (Mar 1, 2011). Foundations of Critical Media and Information Studies. Oxford: Taylor & Francis. p. 1. ISBN 1136825312. Retrieved 11 June 2014. 
  25. ^ Dijck, Jos ̌van (2013). The culture of connectivity : a critical history of social media. Oxford: Oxford University Press. p. 48. ISBN 0199970785. 
  26. ^ Ganaele Langlois; Fenwick McKelvey; Greg Elmer; Kenneth Werbin (2009). "FCJ-095 Mapping Commercial Web 2.0 Worlds: Towards a New Critical Ontogenesis". The Fibreculture Journal (14). ISSN 1449-1443. 
  27. ^ Catone, Josh. "Facebook Connect is Beacon Done Right". Sitepoint. Retrieved 22 May 2014. 

External links[edit]