Senate to hold hearing on Facebook tracking cookies

Senator Jay Rockefeller wants to hold a hearing to understand how Facebook uses cookies. The company has been accused multiple times for tracking users even after they log out of the service.
Written by Emil Protalinski, Contributor

Senator Jay Rockefeller, chairman of the Commerce, Science and Transportation Committee, said today he would hold a hearing to look into reports that Facebook is using cookies to track users even after they log out of the service. Facebook insists it uses cookies to personalize content and keep accounts secure.

"No company should track customers without their knowledge or consent, especially a company with 800 million users and a trove of unique personal data on its users," Rockefeller told The Hill. "If Facebook or any other company is falsely leading people to believe that they can log out of the site and not be tracked, that is alarming." Rockefeller did not announce a date for the hearing or a list of witnesses, but he said he will "invite Facebook and others to explain how they are using personal information."

"When someone logs off of Facebook, we delete certain cookies and reduce the amount of information we receive when the person visits websites that contain social plug-ins such as the Like button," a Facebook spokesperson said in a statement. "We have made these practices clear in our Privacy Policy and Help Center since the launch of social plug-ins. We appreciate Sen. Rockefeller's interest in protecting consumer privacy and look forward to discussing this with him."

Two months ago, self-proclaimed hacker Nik Cubrilovic accused Facebook of tracking its users even if they log out of the social network. He explained that even after logging out of the service, whenever he visited a website that had a Facebook plugin, information including his account ID was still being sent to Palo Alto.

The company responded by denying the claims and offering an explanation as to why its cookies behave the way they do. Palo Alto explained that it does not track users across the Web and its cookies are used to personalize content. As for the logged-out cookies, Facebook said they are used for safety and protection.

After a long technical discussion, Cubrilovic confirmed Facebook made changes to the logout process, and that the cookies in question now behave as they should. They still exist, but they no longer send back personally-identifiable information after you log out. The company also took the time to explain what each cookie is responsible for.

Following all this, 10 privacy groups and US congressmen two months ago sent letters asking the Federal Trade Commission (FTC) to investigate Facebook for these and other practices. Last but not least, the company is also facing lawsuits in multiple states for violating federal wiretap laws with said cookies.

To add to the PR disaster, the issue came back last month. It was discovered that the datr cookie, which can be used for tracking users, was once again being set on third-party websites with a Facebook social plugin – whether you are logged in or logged out of the service. Facebook confirmed the bug, said only some third-party websites were affected, and fixed it.

Last week, Facebook co-founder and CEO Mark Zuckerberg explained how Google, Yahoo, and Microsoft collect data on users "behind their back" while the social network is more transparent. Facebook has the capability to collect data just like any search engine or ad network, and pair it with the data it already has on you, but it says it doesn't. It's hard to just take Facebook's word for it, however, because of the aforementioned issues recently discovered with its cookies.

See also:

Editorial standards