cryptogon.com

According to Cubrilovic, he waited for a year to hear from Facebook on this privacy issue that he discovered, emailing them and reaching multiple dead-ends.

Two days later, on September 27th, Cubrilovic noted, “In summary, Facebook has made changes to the logout process and they have explained each part of the process and the cookies that the site uses in detail … They want to retain the ability to track browsers after logout for safety and spam purposes, and they want to be able to log page requests for performance reasons etc.”

EFF, however, is unequivocal in stating, “Facebook can track web browsing history without cookies.”

“Facebook is able to collect data about your browser – including your IP address and a range of facts about your browser – without ever installing a cookie. They can use this data to build a record of every time you load a page with embedded Facebook content,” added the EFF.

This ability to track users outside of Facebook is particularly troubling.

EFF states, “It’s clear that Facebook does extensive cross-domain tracking, with two types of cookies and even without. With this data, Facebook could create a detailed portrait of how you use the Internet: what sites you visit, how frequently you load them, what time of day you like to access them. This could point to more than your shopping habits – it could provide a candid window into health concerns, political interests, reading habits, sexual preferences, religious affiliations, and much more.”

That Facebook keeps this data on file for 90 days (before it’s discarded or made anonymous) is a legitimate privacy concern and it could certainly be useful in the event U.S. intelligence services desires to build a profile of a particular user’s web browsing.