> Advertisers may get information from you (like your email address) when you interact with them outside of Facebook, like if you make a purchase in their store or create an account for a rewards program. They can create a hashed list with that information and upload it to Facebook. We can match users using the list to help the advertiser reach people who may be interested in their business and without Facebook learning any new identifying information about you.
Well, if a shoe company sends my email address to Facebook because I’m their customer and they want to advertise to me on platform, Facebook has learned new information about my purchasing behaviour.
I’m not sure what else Facebook does with that information. I wouldn’t be surprised if they use it and send me ads for shoes from other companies.
I'm not saying it's okay, but I'm also pointing out that the system doesn't work that way. Data brokers would not be comfortable handing over all of the data to FB if they thought FB was just going to steal it, and FB wouldn't trust gobs of unprocessed data from third parties ("You are now a 16 year old girl who likes Taylor Swift because there was a typo in the matched email address").
This argument is absurd. Facebook has a settings page with a list of all the companies that have told Facebook they do business with you. That's the monetizable signal that Facebook is paying for.
It doesn't matter if they took your name, hashed it and then facebook reversed the hash via a lookup table. Presumably, the fact that they're doing the hash stuff is to give themselves plausible deniability when you tell them to delete all your personal information, and they decide not to.
Here's a sketch of the argument:
- We got a request to delete your info, so we deleted your name and email address and everything with the hash, including the fact that the hash doesn't want to be tracked.
- 10 ms later, data brokers started pumping information about the hashes back into our system, but there was nothing we could do to block it (we forgot the hash)
- We rebuilt your profile to high fidelity within a few minutes, and linked it to all your devices within a day
- The next week a shady app developer sold us info to link your real-world identity to the hashes, but we had to assume this was a new user that hadn't opted out, since we deleted your info.
> Advertisers may get information from you (like your email address) when you interact with them outside of Facebook, like if you make a purchase in their store or create an account for a rewards program. They can create a hashed list with that information and upload it to Facebook. We can match users using the list to help the advertiser reach people who may be interested in their business and without Facebook learning any new identifying information about you.