The raging privacy controversy surrounding Facebook’s Beacon ad program has left its partners reticent, with many resorting to terse, vague statements or opting for outright silence when asked for comment.
The partners seem to be betting that the furor over Beacon’s broad ability to track visitors to their sites will die down, and that they don’t need to elaborate on their participation in a program many see as intrusive.
IDG News Service attempted to contact most Beacon partners via e-mail, phone or both, but many either never responded or limited their remarks to prepared statements that ignored the privacy questions posed.
The lack of comment contrasts sharply with the Beacon launch a month ago, when the partner companies expressed support for an ad system that has since been pelted with criticisms from privacy watchdog groups and concerned individuals.
More than 30 organizations, including Blockbuster, Sony Online Entertainment, eBay, The New York Times and IAC, pledged to implement Beacon in 44 of their Web sites.
Over the past week or so, IDG News Service asked most partners whether they have implemented Beacon, and, if so, which actions Beacon tracks on their site or sites. They were also asked whether the privacy controversy has caused them to alter their original plans for Beacon, and, if so, how. Finally, partners were asked how comfortable they are with Beacon’s broad scope of user tracking on their sites and whether they alert their users that some of their actions will be captured by Beacon and transmitted back to Facebook.
Based on the responses of partners who cared to comment, it seems partners’ views of Beacon range from cautious optimism to open disappointment. Those who have turned on Beacon have started with very simple implementations. None seem to be embracing it wholeheartedly at this point, which brings up the question of whether Beacon will ever truly deliver the benefits to advertisers that Facebook has promised.
Part of what Facebook calls Social Ads, Beacon tracks certain actions of Facebook users on partner sites in order to report those actions back to users’ Facebook friends network. For Facebook, these notices represent what it considers an innovative and ultimately more effective form of online advertising that leverages the deep social connections of its users.
Soon after its launch, Beacon got blasted by privacy advocates who charged that the program was too confusing to manage and opt out of. As a result, Facebook has modified Beacon twice to make its workings more explicit and simplify the process of opting out.
However, Facebook hasn’t indicated that it intends to address what is probably the biggest privacy concern with Beacon right now: That Beacon tracks all users in the affiliate external sites, including logged-off and former Facebook members and even non-Facebook members, and sends data back to Facebook without alerting users nor asking for their permission. Beacon also reports back to Facebook in the case of logged-in Facebook users who declined having their actions broadcast to their friends.
These findings, later confirmed by Facebook, were initially disclosed by a CA security researcher who has been conducting independent tests on Beacon. The findings contradicted Facebook’s previous responses regarding questions about Beacon’s extent of user tracking and data reporting.
The CA findings expanded the scope of Beacon privacy concerns beyond Facebook members to potentially all visitors to the partner sites. As such, the CA research has prompted questions of whether Beacon partners have a responsibility to alert visitors to their Web sites that some of their actions will be captured by Beacon, even if they aren’t Facebook members.
“The affiliate sites have a responsibility to their own users to inform them that certain actions will result in Facebook receiving information, even if they do not have a Facebook account,” wrote CA researcher Stefan Berteau in one of his notes about Beacon.
Although the CA findings have been broadly reported for a week now, many Beacon partners contacted said they were either unaware of them or simply declined to address them.
Some partners even declined to say whether they have turned on Beacon on their sites or not, and what actions they track or intend to track. That’s the case of shoes site Zappos.com and gaming site GameFly.com.
Zappos.com provided an e-mailed prepared statement saying it has been “actively working” with Facebook on Beacon and that it has made and will make changes based on customer feedback. It didn’t reply to several requests for clarification on the changes or on the status of its Beacon implementation.
Without addressing any questions specifically, GameFly.com e-mailed a statement saying the company values its members’ privacy and security, and understands these issues are important. “We applaud Facebook’s actions to make Beacon an opt-in feature as well as the introduction of a privacy control to turn Beacon off,” the statement reads.
Meanwhile, the following partners were contacted and either didn’t reply or declined to comment on the record about Beacon: Fandango, AllPosters.com, Blockbuster, ExpoTV, Hotwire, Joost, Live Nation, The Knot, Yelp, National Basketball Association, (RED), Conde Nast’s Epicurious and WeddingChannel.com.
Among those that did offer comment, one of the most forthcoming was Overstock.com. The online retailer turned off Beacon on Nov. 21, said Judd Bagley, a spokesman for the company. “We have a specific threshold that the program needs to meet, in terms of privacy, before we’ll be turning it back on,” he said via e-mail. Until Beacon supports an opt-in both on Overstock as well as Facebook, Overstock won’t begin using it again, he said.
When contacted last week, Overstock was just learning about the CA findings, Bagley said, adding that previously the company wasn’t aware that Beacon had the ability to capture the actions of non-Facebook users.
Another company distancing itself from Beacon is online retailer Bluefly, which hasn’t deployed Beacon and isn’t committed to it, said a spokeswoman for the company. She said the company is analyzing the program to decide whether to move forward with it due to privacy concerns.
On the other end of the spectrum are partners that report satisfaction with Beacon so far. Jim Greer, CEO of Kongregate.com, a gaming site, turned Beacon on about a month ago to track one action — games people play — and has received mostly positive feedback from its members, Greer said in a phone interview.
Still, since a small percentage of users objected to the Beacon broadcasts, Kongregate.com now gives its registered users the option to turn Beacon off by modifying its privacy preferences accordingly, Greer said. In the future, Kongregate may enable the reporting of other actions besides the game a user played, such as the achievement of a high score, but it is keeping it simple for now, he said.
Regarding the tracking of non-Facebook users, Greer said that he considers it similar to what many online ad networks do, specifically those designed to do behavioral targeting of users. He is comfortable with Facebook’s pledge that it deletes the data it gets about the actions of logged-off Facebook users, former Facebook members and nonmembers.
Some companies, like Six Apart, say their deployments of Beacon are unique, and