Relevant Ads That Protect Your Privacy

September 30, 2012 at 8:55am

Many sites across the web provide free services by including advertisements. Facebook is no exception, and as we pursue our goal of making the world more open and connected, we have designed our service to show ads that help people discover products that are interesting to them. We also recognize that our users trust us to protect the information they share on Facebook. Maintaining that trust is a top priority as we continue to grow.

 

In the last few weeks, we have introduced several features that give advertisers new ways of reaching people who use Facebook. Many other advertising companies already offer services similar to these new features. We wanted to share some of the ways we have carefully designed our versions of the features with your privacy in mind.

 

Facebook Exchange

 

Facebook Exchange (FBX) gives marketers an opportunity to bid on showing ads in real time. Approved third-party service providers work with Facebook and marketers to enable this process. We agree with a provider on an ID number (separate from your Facebook ID) for each visitor’s browser. If someone then visits Facebook and his or her browser has that ID, we notify the service provider, who tells us when a marketer wants to show a particular ad. This allows marketers to show you ads relevant to your existing relationship with them – and without them needing to send us any personal information about you.

 

When we show an FBX ad on Facebook, it includes an “X” link that lets you provide feedback about ads. We also provide a link that lets you learn more about and choose to opt out of future ads from the service provider responsible for that ad. Also, we only work with providers that agree to technical and policy requirements that protect the privacy of personal information.

 

Custom Audiences

 

Another one of our new features allows marketers to reach people on Facebook using information they already have. For example, a shoe store might want to show a special offer to people who have already bought shoes from them. The store can provide us with “hashes of their customers' email addresses so that we can show those same people the ad without the store having to send us the actual email addresses.

 

These hashes are bits of text that uniquely identify a piece of data (such as an email address) but are designed to protect against reverse engineering which would reveal that data. Since Facebook and the store use the same method to create each hash, we can compare the store's hashes to hashes of addresses in our records and show the ad to any group of users that match. If a hash from the store does not match any of ours, we discard it without ever discovering the corresponding email address and without storing any information that we did not have before. And once we no longer need the hashes that do match, we delete them too.

 

Measuring Advertising Performance

 

Finally, we recently partnered with a company called Datalogix to offer marketers a way to measure how their ads on Facebook drive sales for their products in stores. This allows marketers to better understand the value of the investments they are making in Facebook and helps us provide advertising that is more interesting to our users. Companies have long used similar studies for newspaper, TV, and radio ads, and our relationship with Datalogix lets us provide the same kind of information to Facebook marketers at scale.

 

Importantly, we have designed this process with privacy at the forefront. We compare hashes of some Facebook data with hashes provided to us by Datalogix. Once we compare, we are able to send corresponding data on the reach of large-scale ad campaigns, which Datalogix uses to create aggregate reports comparing product purchases by large groups of people who did or did not see an ad.

 

Because of our commitment to privacy, we had an industry-leading auditing firm evaluate the privacy implications of this process. The auditor confirmed that, throughout this process, Datalogix is not allowed to learn more about you from Facebook profile information. Similarly, Datalogix does not send us any of their purchase data, meaning we cannot specifically tell whether or not you purchased a marketer’s product. Finally, with this partnership, Datalogix only sends the marketer aggregate information about large groups of people. None of this data is attributable to an individual Facebook user.

 

Creating Value With Privacy

 

Advertising helps keep Facebook free. We believe we can create value for the people who use our services every day by offering relevant ads that also incorporate industry-leading privacy protections. In our view, this is a win-win situation for marketers and for you.

 

Joey Tyson, Privacy Engineer