Focusing public attention on emerging privacy and civil liberties issues

Facebook and Datalogix

Concerning Facebook's data-matching partnership with the consumer analytics firm Datalogix

Top News

  • Consumer Groups Ask FTC to Investigate Facebook-Datalogix Data-Matching Arrangement: EPIC, joined by the Center for Digital Democracy, has asked the Federal Trade Commission to investigate whether Facebook's data-matching arrangement with Datalogix violates a settlement between the FTC and Facebook. Facebook is matching the personal information of users with personal information held by Datalogix. The settlement, adopted in August, prohibits Facebook from changing privacy settings without the affirmative consent of users or misrepresenting the privacy or security of users’ personal information. EPIC had previously asked the FTC to determine whether "Timeline," which made archived user data widely available, or biometric tagging of user photos violated the terms of the consent order. The FTC has not made a determination on the EPIC Timeline request, and Facebook has suspended facial recognition in the US. For more information, see EPIC: Federal Trade Commission and EPIC: Facebook and Datalogix. (Sep. 27, 2012)

Background

In response to pressure from advertisers who wanted Facebook to provide concrete data about the effectiveness of their advertising campaigns, Facebook partnered with Datalogix, an analytics firm. Datalogix determines the success of Facebook advertising campaigns by collecting information about the users who click on ad banners and comparing that information with those users’ real-world purchases.

Datalogix collects the real-world data by forming partnerships with stores who offer membership or loyalty cards that store digital information. Then Datalogix keeps track of the users who buy a product at an offline retailer after being shown a banner ad on Facebook. Datalogix can perform this matching by comparing the identifying data that a user provides in order to set up Facebook and store membership accounts. For example, if a user provides the same email address to set up her Facebook account and her drug store rewards card, Datalogix can use this common identifier to determine whether she bought the drug store product whose ad banner she clicked on while she was surfing Facebook.

Datalogix already has agreements with companies that record consumer data. For example, many companies who have a membership or loyalty card program are able to maintain records not only of the shopper’s identifying information - for instance, the name and email address that the shopper used in order to register for the loyalty card - but also of the shopper’s purchases while using that card. If Jane Doe has a discount card at Grocery Store X, and if she scans that card when she makes her purchases, then Grocery Store X is able to provide Datalogix with her name, registration information, and all purchases she has made since signing up for the loyalty card. By partnering with Facebook, Datalogix can add Facebook user information to its data pool and therefore to make determinations about user purchasing patterns. In order to determine whether a particular marketing campaign on Facebook is effectively inducing users to buy the product in stores, Datalogix will identify a marketing campaign, and separate Facebook users into groups according to their exposure to that set of ads. It will then record users’ interactions with the ads - for example, of the users who were exposed to an ad campaign, how many clicked on the ad. Then it will compare the information that the user provided in order to create the Facebook account - for example, the user’s name and email address - and compare that with the information already stored about the user in its data pool. For example, if Jane Doe used the same email address to register her Grocery Store X loyalty card and her Facebook account, Datalogix will can compare data about the ads that Jane clicks on with data about the products Jane buys at Grocery Store X to determine whether the online ads prompted Jane to buy the product offline.

All Facebook users are automatically included in the data-collection program, and they cannot opt out on the Facebook website. Instead, they must follow a link in Facebook’s “Help” section that leads them to Datalogix’s site. They can opt out of collection in a subcategory called “Choice,” under a tab called “Privacy.”

Datalogix has stated that it anonymizes user information and aggregates data about particular ad campaigns before it provides Facebook with any analytics. However, even with these anonymization features in place, Facebook may be violating an FTC consent order that it signed in August of 2012. The consent order contains provisions for securing the privacy of user data, among which is a provision requiring Facebook to give users clear notice of its intent to share user data with third parties.

The FTC Consent Order

In December 2009, EPIC along with a group of public interest organizations filed an FTC Complaint. The complaint highlighted changes in Facebook's policies and practices that threatened user privacy. As a result of the EPIC's FTC Complaint, the FTC brought its own complaint against Facebook—charging that Facebook deceived consumers by failing to keep privacy promises. The FTC settled the complaint with Facebook and issued an order detailing the results of that settlement.

The Order requires Facebook to have an independent privacy audit every two years for the next 20 years. The Order also prohibits Facebook from misrepresenting its privacy and security practices, as well as its compliance with any privacy program. The Order also requires:

  • Facebook to give its users a clear and prominent notice and obtain their affirmative express consent before sharing their information;
  • Facebook to remove user information within thirty days after a user deletes an account;
  • Facebook to establish a comprehensive privacy program

Facebook and Datalogix on the Data-Matching Partnership

Facebook, in a help article on its site, says that Datalogix and other service providers like it "produce aggregate[d] and anonymous measurement reports to advertisers." The help article goes on to state that "[n]o personally identifiable or individual data is shared with advertisers as part of the measurement process."

Datalogix, per its privacy policy, receives data from [Facebook] and other "marketing companies & data compilers." The data collected includes Personally Identifiable Information like name, postal address, and email address but not Social Security numbers, credit card numbers, or banking information. Datalogix also collect attributes that "include demographic and behavioral information, such as past purchases."

There are concerns about the data collection between Facebook and Datalogix. In addition to the potential violation of the consent order Facebook signed with the FTC in August 2012, there is nowhere on Facebook's website to opt-out. Instead, users have to go to the Datalogix website -- a company whom most of them have never heard of — and opt-out of their tracking. Facebook claims the partnership does not violate Federal Trade Commission regulations because it has a link to that option on its site in the help center.

Finding the link on Facebook requires users to click through the Help, Help Center, Ads and Business Solutions, Ads and Sponsored Stories, and Interacting with Ads pages. The ink to Datalogix is found at the bottom of the Interacting with Ads page. After clicking the link, users must then click another link on the Datalogix privacy policy. Datalogix opts users out by placing persistent identifiers, or "cookies", on their browsers. If a user deletes her cookies in order to protect her privacy, she might inadvertently opt back in to Datalogix's data-matching.

EPIC's Letter to the FTC

EPIC, joined by the Center for Digital Democracy, wrote to the FTC asking for a determination of whether such data-matching partnerships violate the Consent Order. EPIC said that Facebook had omitted nearly all information about the partnership with Datalogix, and noted that the prohibition on "sharing" was not well-defined. Finally, EPIC explained that Datalogix's method of opting out was confusing and ineffective.

Documents

Resources

News Items