Facebook has defended a move by the NHS to share data about the pages social networkers look at, claiming its helps 'educate' web users on the latest health issues.
The social network told PC Pro: "By deciding that I 'like' something, that will come up in news feeds and that will drive people to those pages that have a 'Like' button".
"With campaigns that the NHS runs, for things like safe sex, people are opting to raise awareness around illnesses - this adds to that, makes them viral and spreads the word."
Earlier this week, it was revealed that the NHS Choices site has been integrated with Facebook Connect, the social network's system that lets users sign in to other sites with their Facebook credentials, to make it easier to 'like' pages. However, the integration also means Facebook can track the pages on the NHS website social networkers are looking at, including any illnesses they are researching.
Software developer Mischa Tuffield from online identity firm Garlik, who discovered the link between the two sites, said: "What right has the NHS to share any information about the browsing of NHS Choices with Facebook?"
"The NHS is sharing this information out liberally and the users don't know it and can't opt out of sharing even if they did."
Tuffield also identified links between the NHS and three other tracking websites that track users, including Google, but could not prove data was being exchanged.
Facebook admitted it receives the data but claims it does not pass it on to third parties.
"What the researcher was most concerned about was what we might do with the information, but that is all hypothetical because passing that information [on] would undermine out own privacy policy," Facebook added.
The Department of Health (DoH) claimed users were warned about data sharing in the privacy policy on the NHS websites.
"The privacy policy, which is on the homepage of site, makes clear that when certain features from partners are used, like Facebook's 'Like' button, information relating to the date and time of your visit and other technical information will be collected by Facebook," said a spokesperson for the DoH.
"People should log out of Facebook properly, not just close the window, to ensure no inadvertent data transfer," said.
However, Tuffield said users logging out would still find themselves at risk of tracking.
"If you have ever visited and logged into Facebook from your browser, they will drop a cookie on you."Regardless of whether you are logged in or logged out, every page with the iframe based implementation of the 'Like' button will see this cookie," he said.
"This is not common behaviour for your average website, to be frank. I think that your average web user has no idea what a cookie is and they can't be expected to delete their cookies before turning up to the NHS website."
Comments
vijay agarwal said: Its really not a good idea for NHS to share information The like button is really dangerous and should be used as less as possible Facebook has become too insecure to use now and I am really excited about the upcoming launches of Diaspora and MyCube Both seem very promising and I hope they can make social networking enjoyable and secure again
Alex Broad said: Users used to think that by logging out they were safe However the fact that information about a users activity is sent to Facebook even if a user is logged out of the Facebook system at the time of the visit is shocking It shows us just how insecure facebook is I have gotten tired of using facebook and will be switching to a safer platform like MyCube or Diaspora once they release