If a gay person is out on Facebook, does that mean they are out in the wider world? Not exactly but targeted advertising means the boundaries are more porous than you might assume.
A recent post by security researcher Christopher Soghoian (hat tip to Gawker for the link) raises an interesting point about how Facebook advertising is targeted. Facebook uses demographic data to target its ads, which can include any information on your profile, even if it’s not public. That might include if you have ticked the “interested in men/women” box. While Facebook uses anonymous information to target ads and doesn’t share your personal information with advertisers, the danger comes when you click on the ads.
Researchers from Microsoft and Germany’s Max Planck Institute wanted to see if Facebook targeted ads based on sexuality. Their full paper is available as a PDF if anyone is interested. They created six fake profiles: two straight men, two straight women, a gay man and a lesbian. Besides gender and sexuality, the profiles were the same, with an age of 25 and location of Washington DC. The researchers then observed what ads each profile was shown over the course of a week.
They found that the ads shown on the lesbian profile only differed slightly from the straight women but the ads displayed on the gay man’s profile differed substantially from those on the straight men’s profiles. This occurred not just with specifically gay content, such as an ad for a gay bar, but also with ads where sexuality was not part of the content.
Half of ads targeted to gay men didn’t mention the word “gay” in the text, so a user would have no idea that he had been targeted on the basis of sexuality. Yet by clicking it he would reveal to the advertiser both his sexual-preference and a unique identi?er (cookie, IP address, or email address if he signs up on the advertiser’s site).
For example, one ad was for a Florida nursing school and was shown only on the gay man’s profile but not the straight ones. If a gay man applied for the nursing school and mentioned that they saw the ad on Facebook, they could be revealing their sexuality by default.
In his blog post, Soghoian points out that this could also apply to other sensitive information such as religion and political affiliation. He suggests two possible fixes for the problem: 1) Not allowing advertisers to target based on sexuality (or other sensitive information like religion or political affiliation) or 2) Notifying users that an ad has been targeted to them based on a certain characteristic. However, he notes: “I suspect that neither option is going to be something that Facebook is going to want to embrace.”