Facebook and OnStar face similar privacy accusations

Facebook and OnStar are in the spotlight over strikingly similar privacy allegations. Read this post for your own protection.

Facebook and OnStar, the automobile help service from General Motors, face new accusations of possessing similar features that can bypass users' reasonable expectations for privacy.

FACEBOOK. Following a blog post by prominent geek, Dave Winer, technology writer and entrepreneur Nik Cubrilovic wrote that logging out of facebook.com is not sufficient to stop the company from tracking your online activity:

Even if you are logged out, Facebook still knows and can track every page you visit.

According to Cubrilovic, his analysis demonstrates Facebook continues to track your movements even after you log out of the website, a practice that many would find deceptive and unacceptable.

Cubrilovic believes that explicitly deleting all Facebook browser cookies is the only solution users can take to counteract this privacy threat. Unfortunately, manually deleting cookies after every Facebook session is a relatively advanced task and a hassle. A Microsoft knowledge base article on this topic doesn't even give instructions on doing so; instead, it offers pointers to yet more articles

ZDNet's Emil Protalinski wrote about this issue and a Facebook employee issued a non-official denial. Protalinski explains Facebook's comments:

Cubrilovic raises some good points and has some interesting findings, but reaches incorrect conclusions. The cookies in question are useful to Facebook for various reasons (providing custom content, maintaining the service, and protecting its users), but not for tracking people.

Of course, this raises the question why the company has not formally addressed these complaints with an official statement. Given Facebook's long history of accused privacy violations, the company should give such accusations a much higher level of priority and response.

ONSTAR. The OnStar service collects data about user's movements even after they unsubscribe and discontinue using the service. According to the Associated Press:

The OnStar automobile communication service used by 6 million Americans maintains its two-way connection with a customer even after the service is discontinued, while reserving the right to sell data from that connection.

U.S. Senator, Charles Schumer of NY, calls OnStar's practices, "one of the most brazen invasions of privacy in recent memory." Schumer has asked the FTC to investigate.

The company's recently updated its privacy policy to explain:

Unless the Data Connection to your Vehicle is deactivated, data about your Vehicle will continue to be collected even if you do not have a Plan. It is important that you convey this to other drivers, occupants, or subsequent owners of your Vehicle. You may deactivate the Data Connection to your Vehicle at any time by contacting an OnStar Advisor.

Plain language translation: OnStar will collect information unless you explicitly call the company and tell them not to. OnStar recommends that you should explain this tracking to anyone riding with you in the car. OnStar seriously thinks this is okay???


If you use Facebook, remember this cardinal rule: nothing you post online is truly private. Be aware that Facebook seeks your personal information to fulfill its mission as a business and will continue to push the boundaries of privacy. If you want something to remain private, do not post it to any online service, including Facebook.

OnStar users should be aware the company continues to track even after you unsubscribe. When you cancel service, tell the company to discontinue all communications with your vehicle.

On my ZDNet Project Failures blog, I discuss surprising, and sometimes shocking, activities in the world of enterprise software. The Facebook accusations (whether true or not), coupled with OnStar's policies, demonstrate that privacy lapses are a deeply important form of technology-related failure.

Show Comments