It has taken two years and a lawsuit, to end the Facebook Beacon controversy. Now the social networking giant is finally turning off the ads. More on the story. The application launched in 2007 tracked the activities of Facebook users on 42 partner Web sites and then revealed those activities users’ friends unless they turned such notification off. More on the story here: Daily Mail

Today in the world of privacy…..after the jump.

Laptop searches at airports infrequent, DHS privacy report says. Computerworld

More on the story….DHS privacy report downplays laptop searches. InternetNews

Strange, but true….Alcohol-sniffing anklet saves money but stirs privacy fears. Washington Post

Medical Data in the Internet “Cloud” – Data Privacy. The Health Care Blog

Med Students on Twitter, Facebook: No Patient Privacy? Privacy Digest

New “Irresponsible” Netflix Contest May Violate Customer Privacy. PC World

Location tracking on cell phones raises privacy concerns. Mercury News

The Facebook Beacon controversy raged on for a long time, certainly from the perspective of users. You can see more about it in the video report below.

Video Link

Facebook Beacon Controversy Update: Ads to Be Shut Off to Settle Lawsuit

Chris Crocker’s “Leave Britney Alone!” receiving tens of millions of views and inspiring thousands of imitators and satirists seemed a sure bet for a YouTube award. As viral as the video was, we would like to think that the concept of privacy and respect for an individual’s dignity and sanctity — even if he/she is a celebrity! — went viral, too. The Guardian also took note of this and other glaring omissions in the list of YouTube Award winners.

Imagine an Oscars ceremony where the biggest stars go home empty-handed. That’s what happened today at YouTube’s second annual video awards, as Obama Girl, the Don’t Tase Me, Bro student, and other stars of viral video got nominated but lost to unlikely newcomers.

In the politics category Amber Lee Ettinger, aka Obama Girl — who became a household name thanks to her sexy clip declaring “I’ve got a crush” on the presidential candidate — lost to a far grittier video supporting Middle East peace talks, put together by global activist group Avaaz.org.

The eyewitness category, devoted to user videos of live events, pitted the famous plea of a college student before police subdued him with a Taser against gripping footage of protesting monks in Burma and wildfires in California.

But the winner was Battle at Kruger, a vivid clip of lions and buffalo fighting to the death shot by a holidaymaker on safari in South Africa.

You can watch all of the 2007 YouTube Award nominees and winners here.

Along with the Chris Crocker “Leave Britney Alone!” privacy advocacy…..

…we appreciated the worldwide impact of the Gainesville Sun’s video of Andrew Meyer, “Don’t Tase Me Bro,” in bringing attention to the cavalier and irresponsible user of Tasers which we have discussed earlier.

Two more of our favorites, both in the Politics category, did not win. We appreciated the lessons imparted in the Mike Huckabee/Chuck Norris video, “HuckChuckFacts” …..



….and “Congressman Ron Paul Visits My Dorm Room”

Recent days have produced our latest instant celebrity, Eliot Spitzer’s call girl, Ashley Alexandra Dupre, a.k.a. Ashley Youmans, a.k.a. Kristen. It’s clear from the semi-nude photographs of Ashley Dupre which the New York Post has just published, that going into seclusion does not solve the problem. Although her court-appointed lawyer, Don D. Buchwald, has issued a statement to the press, blasting them for privacy rights violations, Ashley Dupre’s digital life is out of her hands.

Understandably the involuntarily famous may wish to make it all go away. In our digital era is that possible?

Andy Greenberg of Forbes shares some valuable resources to help you make your digital presence vanish in a hurry, which everyone should bookmark, just in case….

Lindsey Thomas’ “Top 10 Reasons To Value Your Privacy,” is a sobering recap of stories of people whose digital presence got them in trouble.

Your digital shadow has a life of its own. Literally.

The digital universe — the pile of digital information that includes everything from e-mail to YouTube videos — is growing faster than previously thought, according to a new study from the research firm IDC.

IDC now estimates that, at 281 exabytes, the digital universe in 2007 was 10 percent larger than the firm had projected a year ago. And the world’s assemblage of all things digital will grow at a compound yearly rate of 59 percent through 2011. That adds up to a tenfold jump over five years, to 1,800 exabytes. (Not that there is any real way to visualize it, but an exabyte — a billion gigabytes — is said to be 50,000 times larger than a digitized Library of Congress.)

Big numbers, sure, but not too surprising. Recent estimates of the growth of Internet traffic, for example, range from 50 to 100 percent a year.

But the intriguing finding was that all the ambient digital information about you — a person’s “digital shadow,” IDC calls it — now exceeds the digital information that you generate yourself by sending an e-mail, taking digital pictures, viewing a YouTube video, and so on.

Visit the EMC Web site to find this “digital shadow” study . The company has created a software application, the Personal Digital Footprint Calculator, which you can download and use to answer the question, “How fast is your digital universe expanding?” Equally fascinating — disturbing perhaps — is the Worldwide Information Growth Ticker.

In this video, John Gantz, Chief Research Officer, IDC discusses the study.

Dan Schawbel discussed the implications of the digital shadow for companies and others seeking to establish their brand. As with individuals, a company’s brand is, likewise, out of its hands.

News surfaced in recent days that users could deactivate but not delete their Facebook profiles, but the glare of publicity and Facebook member outrage has forced Facebook to reverse the Facebook profile deletion policy.

Until now, Facebook has offered only a deactivation option, which keeps copies of the account’s personal information on the company’s servers. It is possible to delete an account fully using a cumbersome manual method, but it is difficult; many users complained that Facebook did not provide clear instructions.

On Monday, Facebook modified its help pages to tell people that if they wanted to remove their accounts entirely, they can direct the company by e-mail to have it done. But on Tuesday, representatives of Facebook stopped short of saying the company would introduce a one-step delete account option.

“We’re always working to improve the user experience,” Katie Geminder, director for user experience and design at Facebook, said in a statement sent by e-mail.

“We are measuring the effects of the change we made yesterday, and if we think more needs to be done to improve the user experience for deleting an account, we’ll test different implementations and measure them accordingly,” she added.

The updated Facebook help page now includes the question “How do I delete my account?” The answer: “If you do not think you will use Facebook again and would like your account deleted, we can take care of this for you. Keep in mind that you will not be able to reactivate your account or retrieve any of the content or information you have added.”

The entry then says, “If you would like your account deleted, please contact us using the form at the bottom of the page and confirm your request in the text box.”

Ms. Geminder said that Facebook’s policies were a reflection of the fact that many people came back to Facebook after they stopped using the site for a time. “On any given day, the number of users reactivating their accounts is roughly half of the number of users deactivating their accounts,” she said.

As The New York Times reported on Monday, some Facebook users who wished to close their accounts had been unable to do so, even after contacting Facebook’s customer service representatives. Many departing users, who could spend weeks or months trying to erase their accounts without success, turned to unofficial guides like the Facebook users group “How to permanently delete your Facebook account.”

Since Monday, almost 3,000 people have joined the group, which counted more than 7,000 members on Tuesday evening and had been growing by the hour. “I honestly did NOT know they kept your data after you deactivated your account,” one new member wrote on the group’s board. “I’m not leaving until I finish university,” she added, “but I’ll be glad of the info when I do.”

Another new member wrote, “Though I plan to stick around Facebook for a while, I joined this group so I know how to delete my account/profile when I do desire to leave. Thank you!”

Magnus Wallin, the Swedish patent examiner who founded the group, said his reaction to the company’s policy change was mixed. “Information on how to do it is great,” he said in an e-mail message. “But it should be really easily available. Not at the bottom of the help pages. And a ‘form’ sounds like you have to explain yourself. A regular delete button would be preferable, in my opinion.”

Neel Shaw reports on Facebook members’ anguish over Facebook’s privacy or lack thereof.

In fact, it is apparently so difficult to get off the social-networking site that a group, “How to permanently delete your Facebook account,” has been set up to provide detailed instructions outlining exactly how to do so. According to the group, achieving permanent deletion is an arduous, four-step process that takes about a week, though some of the people cited in the Times piece were able to delete their accounts only after placing multiple calls to Facebook higher-ups and threatening legal action.

Why would Facebook make it so difficult to leave? The official company line is so that deserters, should they decide to return, will be able to pick up where they left off. More alarmingly, though, it seems like yet another attempt by Facebook to retain valuable demographic information on users that it can sell to advertisers (assuming, of course, the company ever comes up with a way to monetize the information in the first place).

Steve O’Hear explains how to remove your profile permanently from Facebook. Simon Aughton discusses the new procedures for deleting your Facebook profile.

As Janet Kornblum writes in USA Today, more and more business professionals are confronting the repercussions of TMI – “too much information” — online.

Just after her honeymoon last March, Wadooah Wali took the de rigueur next step these days: She changed her status on the networking websites Facebook and MySpace from “in a relationship” to “married” and posted pictures of her partner — another woman.

The well-wishes from friends and family poured in, stoking Wali’s happiness. Then came a note that jolted her, noticeable for what it didn’t say. No congratulations. Just: “Nice pictures.”

It was from a professional contact Wali hardly knew — someone to whom she never would have sent something as personal as a wedding announcement, let alone pictures. Wali likes to keep her personal life separate from her professional acquaintances, wary that some might react negatively to her sexual orientation. But suddenly her social circles had collided.

Talk about awkward.

“I was worried that the repercussions of TMI — Too Much Information — was going to be a problem,” says Wali, 33, director of communications for a Los Angeles-based Internet company.

The episode was a reflection of how the walls that separate parts of a person’s life can be knocked down in the emerging world of online social networking. Everyone you know — high school and college classmates, business associates, someone you met in a nightclub — and even total strangers can become a “friend” on your personal Web page and gain access to all sorts of information and discussions about you.

Online networking sites — used by 86.6 million people in the USA last month, according to Nielsen Online — have long been the focus of concern about teenagers posting too much information about their lives. (This week, MySpace agreed to adopt new online rules to try to shield teen members from sexual predators.)

But as a growing number of adults are learning, giving too much information online isn’t just a problem for teenagers.

On MySpace, Facebook and other social networks, a user can join another member’s “friends” list simply by asking. Many people allow new friends without a second thought. Social networking sites vary in what kinds of privileges come with friendship, but for the most part, it opens virtual doors to all sorts of personal information.

A user can revoke friendships at any point, but many people have long lists of dozens of friends on their Web pages and don’t monitor their list of friends that closely.

In the offline world, we know better than to put people from different parts of our lives in one big room where they might share the wrong kinds of stories about us.

But online, “all the walls come down,” Wali says.

The article continues and discusses this subject in great detail.

As Privacy Maven has noted numerous times, “digital litter” — an even larger consequence of TMI, too much information, is a constant problem in social networking. We are still in the early days of a new social networking frontier and need to stay mindful of future implications. Information posted online is, essentially online forever, thanks, in part to Archive.org. If you’ve ever updated and revamped a Web site, you know that Archive.org likely has your early “drafts.”

The Toronto Star reports on the massive hacking attempts of Ontario porn company, SlickCash, on Facebook’s servers.

A Canadian company specializing in Internet porn is being sued by Facebook amid allegations it hacked the popular social networking website’s computers and tried to access the personal information of users, court documents show.

A numbered Ontario company, which does business online under the name SlickCash, along with several people in the Toronto area, are named in an amended complaint filed by Facebook in San Jose, Calif.

The hugely popular information sharing website alleges that, for two weeks last June, the defendants attempted to access Facebook’s servers at least 200,000 times.

“Each of these requests sought to direct Facebook’s computers to send information on other Facebook users back to (the company’s Internet Protocol) address,” the court documents say.

“These requests for information from Facebook generated error messages and were detected as unauthorized attempts to access and harvest proprietary information.”

It wasn’t clear from the documents what information was accessed, but the complaint alleges “the defendants knowingly and without permission took, copied, or made use of, data from Facebook’s proprietary computers and computer network.”

Facebook, with an estimated 34 million users worldwide, allows members to post photos alongside personal information like a birth date, hometown, e-mail address, phone number, and workplace.

As The Register notes, the lawsuit brings more attention to the vulnerability of members’ data on Facebook.

It’s not terribly clear what data was accessed, much less the goals of the alleged attack. Court papers (PDF) allege the defendants uploaded scripted commands to a server run by a firm called Accretive to “gain unauthorised access and launch malicious code” on Facebook’s site.

Facebook encourages users to post personal information such as birth date, hometown, email address, work details and even phone numbers online. This information is shared with a user’s “friends” and, in a lot of cases, other on any network a user cares to join. The social networking utility boasts a membership of 34m users.

Any amount Facebook might hope to gain from this suit is surely outweighed by the damage to its already poor reputation for privacy. More than anything else the lawsuit emphasises that Facebook is an insecure place to post personal information. Since Facebook’s business model, such as it is, relies of people coughing up this information that’s hardly a good thing.

Facebook CEO Mark Zuckerberg made a public apology and stated that Facebook has made provisions to allow its members to turn the ads off.

Today, finally, Zuckerberg did what critics — including MoveOn.org, which took an early stand in the case — had been demanding: he allowed people to turn Beacon off. He also made clear that when members do turn off the system, Facebook will not store information about your surfing habits that it receives from its ad partners.

As originally conceived, Beacon was a particularly egregious scheme for invading your privacy. Dozens of sites had contracted with Facebook to send people’s surfing data to the social network; your profile would send out little messages to your friends about what you were doing on those sites — telling them that you were shopping on Overstock.com, say, or were cooking certain recipes at Epicurious — as a kind of ad for those sites.

Not only did Facebook not allow people to turn off the system, it also assumed that if you did not explicitly prohibit it from sending messages out from each site in its ad network, you were granting permission. In other words, Beacon was devised as an opt-out plan — or, more precisely, it was plead-out, because getting the system to stop sending messages on your behalf involved a torturous number of steps.

Responding to the critics, last week Facebook fixed the system a bit, making the plan opt-in.

As the LA Times notes.

Zuckerberg’s rollout of Beacon, an online tool that tracks the purchases and activities of its users on dozens of websites, marked his first major stumble since becoming Silicon Valley’s newest golden boy.

The Facebook flap comes amid growing concern about the increasingly sophisticated technology used to track online activities in an effort to more precisely target advertising.

Consumer and privacy watchdogs say Facebook and other social networking sites have not been forthcoming enough about how much user information they harvest and what they do with it. They pledged to continue to press regulators in the United States and abroad to develop guidelines to protect online privacy, particularly of teens.

“Young people are pouring their hearts out, living their lives and interacting with all of their friends on these sites,” said Kathryn Montgomery, a professor of communication at American University. “The more we live our lives online, the more we need to have a set of rules of how businesses operate there.”

This unfolding episode has also created discomfort for potential companies who had made plans to advertise on Facebook, as the LA Times article goes on to point out:

The opposition to Beacon also prompted concern among some marketers. Anticipating the privacy issues, EBay Inc. decided to let online auctioneers alert their friends about items they are selling through Beacon starting next year, but only if users give explicit permission.

“Brands have become skittish in deploying advertising and marketing initiatives with this level of negative press and user privacy concerns,” said Jeremiah Owyang, a senior analyst with Forrester Research.

Overstock.com Inc., which received a handful of customer complaints, pulled out of the Beacon program last month and won’t turn it back on until more Facebook users are happy with how it works.

“We need to wait and see what the Facebook community reaction is,” said Jonathan Johnson, the online retailer’s senior vice president of corporate affairs.

Facebook’s future depends on the goodwill of its users, said Nick O’Neill, who writes the AllFacebook.com blog.

“Facebook has die-hard fans, and it needs to keep those people,” he said. “They are the ones doing the job of marketing and turning Facebook into one of the most hyped products out there right now.”

As the story unfolds, we are reminded of the vast extent to which social networking and the relinquishment of privacy it entails is an uncharted territory of human interaction.

CA’s recent research has uncovered the troubling extent to which Facebook tracks its members, even after they have logged out.

Amid heightened concerns surrounding Facebook’s new advertising platform, the social networking site has given users a new reason not to trust it: Researchers recently busted the company for tracking users activities on external sites, even after they logged out of Facebook.

“Facebook is retrieving enough information that they can tie what you do on external sites back to your Facebook profile,” says Stefan Berteau, a research engineer with CA. “[The company] says it’s deleting the data it gathers after you’ve logged out, but that is not clearly spelled out in its privacy policy, and there isn’t a binding public commitment.”

Keep reading for more details on Facebook’s tracking of online usage and for ways to block this tracking. The Consumerist also offers tips to help you stop Facebook from tracking you.

In the aftermath of the revelation of Facebook’s extreme – and perhaps unprecedented – privacy violations in the proposed Beacon ads network that garners members’ unwitting participation in advertising products and services, Facebook has a difficult challenge. Not just Facebook members and privacy advocates, but even potential advertisers in Facebook’s Beacon ads are skittish.

It only took a few weeks for Facebook to squander the good will of its users on a poorly planned advertising platform. Now Facebook has also reportedly blown it with a few key advertisers, including Overstock.com, Coca Cola and Travelocity.

The situation is up in the air with Coca Cola and Travelocity, as some late minute updates to Betsy Schiffman’s original report indicate. TechCrunch’s Erick Schonfeld also notes advertisers’ reluctance.as well as the changes Facebook has said it will enact to address privacy concerns.

The backlash against Facebook’s Beacon advertising program just gets worse every day. First, advertising partner Coca-Cola got cold feet over privacy issues. Now Overstock is bailing from the program, and Travelocity is having doubts. What’s more, all of this lack of confidence from the major advertising partners Facebook launched with is coming after it revised its policy to make Beacon opt-in instead of opt-out.

Beacon is a social form of advertising that shares your purchases or other actions you take on an advertiser’s site with all your friends on Facebook through their News Feeds. What has privacy advocates up in arms, and advertisers skittish, about Beacon is the way it seems to be spying on you as you surf the Web and then, on top of that, reporting what you just did to everyone you know.

[...]

According to one security engineer’s analysis, Beacon partners transmit data to Facebook in bulk about members who visit their site. This is true even for those who opt out of Beacon by clicking on “No Thanks” when asked if the data can be shared with Facebook. The data is sent anyway. Facebook clarifies that it does not do anything with this opted-out data, and in fact deletes it from its servers. But the deletion occurs on Facebook’s servers, not the advertisers’. [Update: It gets even worse. Beacon partners are sending data indiscriminately about every single visitor to their sites back to Facebook, whether or not those people are even Facebook members. This includes very detailed user behavior. Again, Facebook says it deletes most of this data. But what are the partner sites thinking? They might as well be giving Facebook access to their bank accounts.]

Yes, debacle indeed. Facebook tries desperately to retool Beacon ads and in so doing, keeps garnering the much-needed scrutiny and skepticism. Can restraints and security measures that protect Facebook members’ privacy be enacted? Jennifer LeClaire discusses the research that reveals just how extensive the privacy violations really are.

Researchers are claiming Facebook’s Beacon online ad system is even more intrusive when it comes to privacy matters than protesters against the technology might have thought initially.

On Friday, Stefan Berteau, a senior research engineer at Computer Associates’ Threat Research Group, published findings that reveal Beacon reports member activities on third-party partner sites even if Facebook users are not logged in, and even if members have declined to opt in to the Beacon program.

“It can happen completely without their knowledge,” Berteau said in his report. “The bottom line is that Facebook is materially misrepresenting the privacy impact of their Beacon program, and presenting users with the appearance of control over their information when in fact they have almost none.”

A detailed report and analysis is on the CA Security Advisor Research blog.