Facebook responded today to allegations that the company tracks users who have logged out of facebook.com.
A Facebook spokesperson offered the following comment:
Specific to logged out cookies, they are used for safety and protection, including identifying spammers and phishers, detecting when somebody unauthorized is trying to access your account, helping you get back into your account if you get hacked, disabling registration for a under-age users who try to re-register with a different birthdate, powering account security features such as 2nd factor login approvals and notification, and identifying shared computers to discourage the use of 'keep me logged in'.
Facebook's approach smacks of big brother paternalism because the company does track certain activities it claims are necessary to protect users.
Let me ask a rather obvious question: when a user logs out, why not simply delete all tracking behavior associated with that user's account? That's the intuitive and obvious answer most users expect.