Call it the “snowball effect,” or maybe the “witch-hunt” effect. At some point, when a company is under fire for something, even the smallest piece of evidence that it might be guilty of that thing can get blown out of proportion. Exhibit A is Facebook and the recent news — reported somewhat breathlessly by the Wall Street Journal, of all places — that the social network sent personally identifiable information to advertisers, after saying that it doesn’t. As Marshall Kirkpatrick at ReadWriteWeb has noted, this story is a tad exaggerated. The fact is that lots of websites transmit information via the URL of a page, because that’s the way modern web browsers work. In some cases, Facebook seems to have accidentally included user IDs in the URL string when someone clicked on an ad, and according to the Journal has now changed the way it handles those links as a result of the paper’s inquiries.
Despite the scare-mongering from some sites about Facebook “selling your identity to advertisers,” on a scale of 1-10 privacy-wise, this is probably around a 1 or 2 — and it’s not unique to Facebook, either (MySpace uses the same method, according to the Journal). As one commenter at the Hacker News site noted, it could easily be a simple case of programmers overlooking what info is being encoded in a page’s URL. Should the network have had controls in place to prevent this? Probably. But the reality is that Facebook has become a lightning rod for such issues, and therefore even the tiniest speck of incriminating behavior gets sucked into the maelstrom of attention.
In other words, privacy is clearly the new black. Whether it’s concern over Facebook’s transmission of data through URLs or Google’s accidental capturing of Wi-Fi data, consumers and advocacy groups and government agencies are increasingly concerned about what large web companies are doing with consumers’ data. Google has had complaints filed against it with the Federal Trade Commission and is being investigated by German authorities, while Facebook is the subject of letters of complaint and calls for federal inquiries stateside. High-profile users are canceling their Facebook accounts and others are pointing to CEO Mark Zuckerberg’s allegedly aggressive stance on the issue of personal privacy.
Could privacy be Facebook’s Waterloo? As I argued in a recent GigaOM Pro report (subscription required), the company has to start getting serious about privacy if it wants to continue the momentum that has gotten it to 500 million users and a private market value estimated at some $20 billion. One thing it needs to do, as Liz pointed out recently, is to speak clearly on the issue and make its policies and settings as understandable as possible. It’s easy to show that Facebook is still growing, and therefore come to the conclusion that users don’t care about privacy, but that would be a mistake. Once the snowball effect is underway, it can quickly become an avalanche, and by then it’s too late.
Related content from GigaOM Pro (sub req’d): Why New Net Companies Must Shoulder More Responsibility
This article also appeared on BusinessWeek.com