It seems like every other day Wall Street Journal is talking about some other Social Networking site that is revealing all your information to 3rd party advertisers. First they talked about Facebook and the fact that their apps like Zynga’s Farmville are revealing personal data about users to advertisers. Next, they created, then deleted, then re-created a MySpace story about the same thing that MySpace is doing for their users. The thing is, this is a practice any site that collects your data is doing, and their Privacy Policies protect them from doing so (You do read the Privacy Policies of the sites you visit, right? Neither do I). In fact, even wsj.com is doing this, despite their hypocritical claims of this being an issue for so many other sites.
In some criticism I offered on this very issue, the @wsj Twitter account responded, “@Jesse To partially answer your question, we disclosed the trackers on WSJ.com here: http://on.wsj.com/d67Z3b“. Wait – what? So WSJ is basically admitting to sharing your information with advertisers? I’m not sure where they link to this on their site, but they do link to their Privacy Policy, which, in very vague terms hints at the same type of information.
According to WSJ.com’s own article, “Here is a summary of what information WSJ.com says it collects about users, what it does with the data, and how long it keeps it.” Let’s start by going over, according to their site, what wsj.com stores about you:
Information about you
According to WSJ, they do collect your browsing information, but all browsing and search data is kept anonymous. However, they do collect “Files and Communications”. I assume this means the comments you make and any profile data you store on their system. Remember, WSJ is paywalled – that means they require your personally identifying information, just like Facebook, to identify who you are, collect your profile image, etc. and all that is stored on their servers.
Information volunteered by you
According to WSJ, assuming you enter it, they do store demographic and financial data about their users. Facebook and MySpace also do this in various capacities, also optional (gender is required on Facebook though). Keep in mind that in order to read a lot of the site, you have to have a paid account to do so, so I’m curious how many of their users all have provided their financial information to wsj.com
What does this mean?
Sure, WSJ stores information about its users – so what? That’s not the problem. You store your information on Facebook and MySpace as well, but what wsj.com is complaining about is the fact that Facebook and MySpace are allowing other services to share their users’ data with others. The thing is, WSJ goes on to share that they do exactly the same thing:
How WSJ Manages your information
According to WSJ, they do allow outside trackers, aka advertisers, to collect your data – they do provide a link to opt out of some of those trackers (note the “some”). Specifically, WSJ even quotes, “We may combine the information that we collect from you with information that you provide to us in connection with your use of other Dow Jones products, services and web sites, or information we collect from third parties.” So, basically, WSJ is sharing your information with their partners as well, and, according to their Privacy Policy, those sites can also take that information and share with 3rd party sites. In fact, they state that they don’t even disclose when they delete that data!
So how is this different than Facebook and MySpace?
The fact is, it’s not. In fact, if anything is different it’s that WSJ.com has the ability, legally, to share even more information about its users with 3rd parties than Facebook is legally obligated to. For some trackers WSJ even admits they don’t have an opt-out. Per Facebook’s privacy policy, Facebook is bound by the privacy settings of each user. The very minimum amount that Facebook can share, without your permission, is your name, your city, your gender, and the same for your friends – that’s all! It should also be noted that Facebook wasn’t even explicitly allowing developers to share this data with 3rd party advertisers. Most of the developers were just placing the Facebook IDs in their URLs in order to identify Facebook users, and advertisers were taking the referring URL to take this information, a common practice across the entire web (albeit not able to do much with it).
So why all the hype by WSJ? Are they looking to get us all upset and riled up to generate clicks and views? It certainly has gotten people talking to the point that even my local TV station contacted me for an interview about it. The fact is, everyone does this, especially WSJ, and WSJ isn’t telling the entire story. In fact, after this hoopla, Facebook actually pulled the accounts that were doing this, and has since put out a notice that they are working to now encrypt these ids, making them even more private in what they share with 3rd parties than WSJ itself!
I think WSJ owes Facebook an apology here. They’re hiding behind their own ignorance and someone needs to be talking about this.
What do you think? What other information is WSJ sharing that readers need to be aware of?
