The latest news about the privacy fiasco that happened at Facebook did leave a lot of people bewildered. This is the thing that shouldn’t have happened at all as it clearly states that Facebook will never divulge user information to advertisers. But, this was exactly what happened.
This was not only an occurrence at Facebook but it also other social networking sites like LinkedIn, Digg and Twitter. However, only one of them escaped this and that was Orkut. This was out of twelve networking sites that were looked into.
The way the private information was leaked out was in different ways. The most important was the HTTP server. This actually serves a positive impact as it allows website owners to get an insight about the working of their websites and which search engines send them maximum traffic.
Also, websites use it to be able to block access if the request comes to them from a website that they are not aware of in order to prevent bandwidth leeching. Knowing of the URL on its own is not dangerous however in the case of social networking sites it is because it has the name of the user and other information linked with the URL.
In order to overcome this concern Facebook has been always used to the URL that reconnects without divulging the real information. This ensures that Facebook does not use the same URL that has the private data on it.
Unluckily for Facebook, this is exactly what happened as it wasn’t actually doing anything for the adverts that have been embedded in the website. Every time a request was sent for the advert, the URL with the private information showed up. Since the uproar this has been fixed by Facebook. The restructured URL is bound to provide one with a stronger data defense, at least for the time being.
The next to face such an onslaught were Twitter and Digg however in their case it wasn’t as clear cut to fix the blame. Twitter uses Google Analytics to track the data. Twitter has a part of this embedded in the image hosted by Google Analytics. This is used to find out the data. At the same time, with Twitter it is not personally identifying and therefore, it saves them from leaking out personal information.
In the case of Twitter it is actually quite difficult to differentiate how this can be termed as data leakage. The third social networking site called Digg had a potential problem in the case of the cookies that were used in Digg. Digg’s stores the cookies with the user name used to log in. if a request is made to Digg. Com then it will show up as that. This was a problem as some sub-domains were able to use the cookies. But, the leakage of information wasn’t really possible due to cookies being specific.
To conclude, it is not regularly that social networking sites leak data. They are stringently looking into ways to stop this minor leakage.