"Visit any Like-enabled site and you see a small piece of content from Facebook that tells Facebook all the sites you visit. It's a tracking cookie like any other and personally I have no problem with that"
I understand that you work for Google and that not holding this opinion would mean that you have to conclude that your employer is also very much in the wrong. But how do you justify it?
It's clearly not information that people have chosen to give to Facebook. Facebook is basically taking advantage of a technical trick in order to obtain information about their users which their users neither gave them permission to collect, nor know they are collecting. It just seems highly unethical to me. But you "have no problem" with it... How is that possible?
The thing that annoys me about it is that the browser vendors could prevent this hidden tracking quite easily. By either disabling third party cookies, or by tying them to the domain in the address bar. Hell, Safari blocks third party cookies by default, and Apple is all about usability, so it can't cause that many problems... On the other hand, why would Google and Microsoft modify their browsers in such a way as to increase our privacy at the expense of their profit.
That's a decent chunk of minified js. Seems like quite a bit of code just to be able to tell FB whether or not you "like" something.
My biggest problem with it is that consumers have no clue whatsoever that they're being tracked that way. Even typical web site owners don't really realize that the little piece of code they copy/pasted to get the FB Like button exposes their visitors to so much intrusive js.
I don't have a problem with people being tracked if they feel that they're getting reasonable value out of the relationship, but the current situation is just very sneaky.
There are different levels of "block third-party cookies".
Safari blocks _setting_ third-party cookies by default. It does not block _sending_ of third-party cookies, last I checked.
Firefox's third party cookie setting blocks setting and sending and doing that _definitely_ breaks some sites (e.g. some e-payment systems). Hence it not being enabled by default.
The problem is that the Safari approach is not good enough to prevent the tracking issue where Facebook is concerned: As long as you visited Facebook directly so that it got a chance to set a cookie, that cookie will get sent every time the Like button is fetched. So at that point Facebook knows who you are (via the cookie) and which site you visited (because the Like button itself has access to that information).
The Safari approach _does_ help deal with tracking via ad networks that you don't have any kind of first-party relationship with, since those would never get a chance to set a cookie to start with. So it's definitely a good idea, and I wish more browsers would adopt it. But it doesn't help with the Googles and Facebooks. Unless, of course, there were some sort of requirement that the "user-facing parts" and "ad parts" of those organizations use different domains. Would be pretty hard to get something like that written down properly, even.
Agreed on all points, but websites that feature Like buttons or Analytics are complicit in this dubiously ethical behaviour. Webmasters should also be doing more to protect the privacy of their users. Sadly, even the ones that are supposed to be operating within FERPA or HIPAA restrictions in the US ignore this duty.
Are there better alternatives? (I ask this question honestly)
As a web master of a very small, personal site, I find that running AddThis or something similar to be vital in generating traffic. Giving users a one click option to share my pages makes it much more likely that they will. Without that option, I have to resort to spamming message boards, Twitter, Facebook, etc manually, in order to drive traffic. I am not opposed to that option, as my site has no way of generating revenue and likely never will... I'm just looking for engagement from readers and ways to generate more readers.
This makes me wonder if there is value in someone creating a Facebook Like button, Google +1 button, etc. widget set that doesn't keep any tracking data and only sends information about a user to Facebook, Google, etc. when a user explicitly clicks on the button.
Yep! The question is whether to give it away or try to find a way to monetize it. I'd buy it, but I'm not sure how much I'd pay for it.
I don't give a crud about the analytics of AddThis, and their menu is full of options that most will never use. The key point is sharing for the lazy. The vast majority of Internet users are never going to open their Facebook, write a wall post about something and copy/paste my link in their post. That same person, however, may be really interested in it and be willing to hit a little button that does all that stuff for them. That's all I want. I don't want to jeopardize people's privacy.
Heise developed this last year. They made a two-stage like-button which is disabled by default and sends no data to FB et al. When you first click on it, the real button loads and you can then share what you want.
That's really interesting. I like the concept, but would most users only click once because that's what they are used to? The interface doesn't seem to be that obvious for a non-technical person.
I guess this blocking by the browsers will eventually happen. But then it is not impossible to move the tracking to the server of the web site, instead of the client. I guess that is what would happen over time, although I admit it would require more effort by the site owners.
I understand that you work for Google and that not holding this opinion would mean that you have to conclude that your employer is also very much in the wrong. But how do you justify it?
It's clearly not information that people have chosen to give to Facebook. Facebook is basically taking advantage of a technical trick in order to obtain information about their users which their users neither gave them permission to collect, nor know they are collecting. It just seems highly unethical to me. But you "have no problem" with it... How is that possible?
The thing that annoys me about it is that the browser vendors could prevent this hidden tracking quite easily. By either disabling third party cookies, or by tying them to the domain in the address bar. Hell, Safari blocks third party cookies by default, and Apple is all about usability, so it can't cause that many problems... On the other hand, why would Google and Microsoft modify their browsers in such a way as to increase our privacy at the expense of their profit.