– Online social networks including Facebook and MySpace (NYSE: NWS) have been including
personally identifiable data, such as usernames and profile ID numbers, in the
information they share with advertisers — in potential violation of their own privacy
policies, The Wall Street Journal reported. Such data could potentially be used
to source a person’s real name, age, hometown and occupation.
contacted by The Journal, large ad firms like DoubleClick and Right Media said
they were unaware they were in possession of the data, and haven’t made use of
In addition to Facebook and MySpace, LiveJournal, Hi5, Xanga and Digg were
found to be passing personally identifiable information to advertisers.
the sites feature architectures where a user ID or username are typically
included in the URL of a user’s profile.
After being made aware of the issue,
Facebook and MySpace told The Journal they would take steps to obfuscate
personally identifiable information in the data they share with advertisers,
and Facebook has already rewritten some of the offending code.
recently made aware of one case where if a user takes a specific route on the
site, advertisers may see that they clicked on their own profile and then
clicked on an ad," a Facebook spokesman told The Journal. "We fixed
this case as soon as we heard about it."
School professor Ben
Edelman told The Journal sent a letter to the Federal Trade Commission tis
week, asking it to investigate Facebook’s practices specifically in the matter.