At Least It's Getting Press: Facebook And Other Scams
The Market Ticker - Commentary on The Capital Markets
Logging in or registering will improve your experience here
Main Navigation
Display list of topics
Sarah's Resources You Should See
Sarah's Blog Buy Sarah's Pictures
Full-Text Search & Archives
Legal Disclaimer

The content on this site is provided without any warranty, express or implied. All opinions expressed on this site are those of the author and may contain errors or omissions.


The author may have a position in any company or security mentioned herein. Actions you undertake as a consequence of any analysis, opinion or advertisement on this site are your sole responsibility.

Market charts, when present, used with permission of TD Ameritrade/ThinkOrSwim Inc. Neither TD Ameritrade or ThinkOrSwim have reviewed, approved or disapproved any content herein.

The Market Ticker content may be sent unmodified to lawmakers via print or electronic means or excerpted online for non-commercial purposes provided full attribution is given and the original article source is linked to. Please contact Karl Denninger for reprint permission in other media, to republish full articles, or for any commercial use (which includes any site where advertising is displayed.)

Submissions or tips on matters of economic or political interest may be sent "over the transom" to The Editor at any time. To be considered for publication your submission must include full and correct contact information and be related to an economic or political matter of the day. All submissions become the property of The Market Ticker.

Considering sending spam? Read this first.

2018-04-16 08:35 by Karl Denninger
in Technology , 133 references Ignore this thread
At Least It's Getting Press: Facebook And Other Scams
[Comments enabled]


SAN FRANCISCO (Reuters) - Concern about Facebook Inc’s (FB.O) respect for data privacy is widening to include the information it collects about non-users, after Chief Executive Mark Zuckerberg said the world’s largest social network tracks people whether they have accounts or not.

I'm shocked, shocked I tell you, that Reuters actually printed this.

Of course the company tried to push back on it...

Facebook gets some data on non-users from people on its network, such as when a user uploads email addresses of friends. Other information comes from “cookies,” small files stored via a browser and used by Facebook and others to track people on the internet, sometimes to target them with ads.


“This kind of data collection is fundamental to how the internet works,” Facebook said in a statement to Reuters.

That's a lie.

Yes, it is fundamental to how the Internet works that when you send a request to a site the site the request is directed at gets the "referring page" -- that is, the page on which the request came from, if it's not the "root document" you're looking at.  So if you have a button from "" on page "" facebook will get the exact page on this site that requested the button.

But it is not fundamental for you to store and process that, it is not fundamental for you to send back a cookie with a document so you have a persistent tracking device across other web sites and pages other than as an authenticator (e.g. a login) and it is definitely not fundamental to use such cookies with things like static images (e.g. "like" upturned fingers) nor is it fundamental to use eTAGs and similar as tracking devices, which are intended to reduce traffic for things you've already seen.

In short it is not "fundamental" to pervert these mechanisms as a means of tracking people -- THAT IS RAW AND INTENTIONAL ABUSE.

Nor is it fundamental to place one-pixel transparent images all over the place for the specific purpose of tracking people from other pages you do not own, and to which you can also attach cookies and eTAGs to obtain both the referenced page and a unique identifier you can link to individual persons.

And finally, it is not fundamental to how the Internet works that you store, process, correlate and sell that data, whether directly or indirectly via "ad targeting."

At a minimum, “Facebook is going to have to think about ways to structure their technology to give that proper notice,” said Woodrow Hartzog, a Northeastern University professor of law and computer science.

There is no way to give "proper notice" when the tracking happens before you can possibly consent.

You can give consent on a site when you sign up for an account and are using that site, provided the consent is (1) reasonably understandable, (2) honestly outlines what is collected, when it's collected, how long its retained and what it is used for, and that use extends to nothing else.

You cannot give consent to collection "off the site" because there is no possible way for you to know the links, buttons, one-pixel beacons and similar are there prior to viewing the page.  Further, there is no possible way for you to revoke such consent or refuse because the tracking happens before the page is displayed and thus before you could give consent.

This sort of "tracking" is similar to grabbing a woman in a bar, tearing off her clothes, having sex with her and then claiming that she must have consented after the fact because it is inherent in going out while nicely dressed and entering a place that serves adult beverages -- that is, doing so fundamentally means she wants to screw.  That, of course, would be a damned lie.

Such actions and tracking are inherently abusive for this reason.  They are inherently unfair, dishonest and ought to be felonious just as tearing off said woman's clothes would be.  They are already illegal under the FTC's general rule of "unfair and dishonest trade practices" since you can't consent, you can't opt out and you have no way to know that it will or has happened until after the fact, never mind that ****book and Zuckerpig have repeatedly lied by obfuscation not only as to what they collect and why but how it is used.  Said abuses include "responding" to a government subpoena that was so ridiculously broad it may have included data on millions of Americans for which they have never explained nor been held to account for, and which was blatantly unconstitutional.  It also includes the outrageously illegal (under federal election laws) "assistance" given to the Obama re-election campaign without charge, which is not only a violation of your privacy rights it's flat-out illegal as corporations cannot contribute to federal campaigns at all.

This firm and its executives -- all of them -- must be completely destroyed along with any other firm doing the same thing and this practice must be not only stopped but those who engage in it must be imprisoned.

Go to responses (registration required to post)

User: Not logged on
Login Register Top Blog Top Blog Topics FAQ
User Info At Least It's Getting Press: Facebook And Other Scams in forum [Market-Ticker]
Posts: 5989
Incept: 2007-10-08

Report This As A Bad Post Add To Your Ignored User List
With facebook logic you can email an unseemly picture it to your Governor from a fake email account, and then arrest the Governor for viewing child pornography.
Posts: 627
Incept: 2015-01-29

Report This As A Bad Post Add To Your Ignored User List
So who is facebag's bribery agent, err, I mean lobbyist in Mordor on the Potomac? If they don't have one, I think this is the swamps way of explaining that it needs one. Everyone needs to get their beaks wet. And no...the swap will not accept "likes" as payment.

"I'd like to live just long enough to be there when they cut off your head and stick it on a pike as a warning to the next 10 generations that some favors come with too high of a price." -Vir Cotto Babylon 5
Posts: 113
Incept: 2017-05-03

The South
Report This As A Bad Post Add To Your Ignored User List
I have multiple bones to pick with Facebook. Not the least of which is, I have deleted my activity log (which goes back to 2006) multiple times over the years. This week I went back in to clean up recent activity, and the entire log is there again. This is now the third time this has happened. And, there is not option to clean up all activity. The only way to remove it is to go one by one and delete each one. Well, Facebook wins, since I will be exercising the nuclear option and deleting the whole thing at once.
Posts: 588
Incept: 2007-11-27

On the Road Again
Report This As A Bad Post Add To Your Ignored User List
I usually run scriptsafe and ad blocker. Its amazing what scriptsafe will pick up but I just went to a site with a FB button and it didn't appear to see that although I was unable to click the button (javascript:void). I don't see anything in the script log. Does that mean its blocking the data transmit back to FB?

And BTW running a script blocker makes the web quite unpleasant, there is a lot of this **** out there, a lot from google that makes pages unusable.
Posts: 152455
Incept: 2007-06-26
A True American Patriot!
Report This As A Bad Post Add To Your Ignored User List
@Maynard: No. The problem is that the act of requesting the image for the button is enough to get and maintain an ETag or cookie. Blocking the script will stop it from working, but unless it loads from the script the request for the image still goes out and you still get tracked.

And, as you noted, blocking javascript generally makes the web quite unpleasant. A lot of things (dynamic page updates, for one) require it to work at all. Blocking ETags generally will get your IP flagged by many sites (including this one) as a robot attempting a DOS attack because you will continually request the same resource over and over which is insanely abusive to the server end of the connection, especially if the same resource is used more than once in a page (e.g. the "thumbs" green and red buttons on posts here.) That particular traffic pattern is never associated with legitimate use and many sites (and front-ends like Cloudflare) will almost-instantly detect it and block you. In fact it's entirely possible that reading a single article with a bunch of comments could get you flagged here by the anti-DOS code if you have a browser add-on loaded that disables Etags and If-Modified-Since.

Winding it down.

Posts: 588
Incept: 2007-11-27

On the Road Again
Report This As A Bad Post Add To Your Ignored User List
Thanks, thats what I thought. I get that sites need ad revenue for content but the tracking without consent is crap as you noted. (I'll be sure not to add a ETag blocker so i can come here;),
Posts: 128
Incept: 2013-08-19

Report This As A Bad Post Add To Your Ignored User List
The only way the get around the consent is if the originating page has a consent agreement that extends to include it's advertisers and that you agree to allow them to collect all your info.

What gets me is how many people just don't care about what is being done to them. In other areas they are smart - finance, personal safety, etc - but when it comes to facebook they lose their minds. I explain what you have laid out here and they don't deny it, but they just shrug and say 'well what you gonna do' like they have no choice. They say that it just changes ads, that their data will get lost in the sea of everyone else, that they have nothing to hide.

And these people are in charge of security and data protection at my company. When implementing new proxy rules that killed facebook among others, facebook was what people bitched the most about. It has no business value for us, but the execs listed to all the bitching and made it a 'business critical need'. WTF?!?!?!
Posts: 993
Incept: 2009-07-12

Around the World
Report This As A Bad Post Add To Your Ignored User List
Dopamine hits. Gotta have them.
Login Register Top Blog Top Blog Topics FAQ