Facebook is finally starting to roll out a new feature allowing users to see which advertisers have their data and prevent them from using that data to target ads.
On Tuesday, the social network revealed a new option to delete “off-Facebook activity.” The company first mentioned its interest in such a product more than a year ago as it sought to assuage privacy concerns about how consumer data flows through its platform. Facebook CEO Mark Zuckerberg has promised more transparency around how businesses share data on their customers with the social network.
David Baser, director of product management at Facebook, says the project took longer than expected because it involved building data sets from scratch.
“We had to build out the ability to create an index that would let us show this data on a per-person basis, and enable people to see it and clear it, if they wanted to clear it, or even dissociate it going forward,” Baser says.
Also, the project had to go through testing that, among other revelations, found that people did not understand the basics of the program. That’s why the name was changed from “clear history” to “off-Facebook activity.”
“Clear history” may have implied that people could erase all data from the social network. However, the data relates only to what Facebook stores about users regarding their activity outside the social network. This is data that advertisers and developers collect on consumers and then share with Facebook to target ads.
“Basically what the data was, where it comes from, how it works, was something that people didn’t quite understand,” Baser says. “And when we called it ‘clear history,’ the original name, we were setting people up to think it included more things than it did, or different things than it did, and we wanted to clarify that this is the data that businesses send Facebook that comes from off of Facebook. Not, say, on Facebook data, like clicking on a link.”
The new product is rolling out in waves, however, and not yet available in the U.S. It was first introduced today in Ireland, Spain and South Korea.
Here’s how the data-scrubbing product works: Users go into their settings, where they see an “off-Facebook activity” option. Within that menu item is a list of every advertiser, publisher and developer that has imported data about the user. A user can go through each entity and decide which ones to keep and which ones to erase. Keeping the data connection allows the brand to continue to target the user with ads, and erasing it means that entity won’t be able to continue the personalized messaging. There is also an option to erase all the data connections from all the Facebook partners at once. People can also prevent such data from being used in the future to target them on Facebook.
“There’s many different ways businesses can send Facebook data,” Baser says. “They can send Facebook data from things like a pixel on a website. An SDK built into an app can send app events to Facebook. Facebook login. There are many tools like this.”
A pixel is a tracker that a website drops on people’s web browsers to connect to a web user when visiting other sites. That’s often how people see ads for the sneakers they browsed or added to a shopping cart outside the retailer’s website. An SDK is a “software development kit” that give apps ways to leverage tools and services from larger platforms like Facebook. And many apps use “Facebook login” as an easy way to sign-up new users by allowing them to use their credentials from the social network.
One consequence of deleting off-Facebook activity data is a person would be logged out of apps that use the Facebook login, and the person would have to re-enter the credentials the next time visiting that app.
Deleting these data connections on Facebook is much like clearing a web browser of cookies, which are the online trackers that help advertisers target ads and help websites keep users logged in. There has been a movement among the digital ad industry’s biggest players to change how data is collected online. Apple, an outspoken critic of digital spying and online advertising, has led the way by implementing strict anti-tracking measures in its Safari web browser. Google has followed suit with new transparency measures around tracking in its Chrome web browser.
Many advertisers are concerned that the new climate against data collection hampers their ability to market products. The more people who cover their online tracks, the harder it is to deliver them effective ads.
The digital ad giants, however, are responding to the greater scrutiny coming from across the globe in Europe with the General Data Protection Regulation. The new law focuses on ensuring that digital platforms have permission directly from consumers to use their data for ad targeting. California has adopted a similar law to be enacted next year, and U.S. lawmakers are looking at adopting such laws nationwide.
The backlash against data sharing really got started after Facebook’s failure to police developers on its platform. Last month, Facebook accepted a $5 billion fine from the Federal Trade Commission over Cambridge Analytica’s abuse of data on 87 million users.
With the fines piling up and the laws closing in, Facebook has promised it would build a more privacy-centered product with new features like the ability to delete off-Facebook activity.
Wolfie Christl, a privacy advocate at Cracked Labs in Vienna, criticized Facebook for taking so long to implement the new tool, and wonders if it goes far enough to preserve privacy online. “Actually, I'd see the ability to access and remove data from websites and app tracking as a minimum viable privacy feature, but Facebook obviously doesn't agree,” Christl says.