A recent study by entrepreneur and hacker Nik Cubrilovic reports that Facebook can keep a track of the webpages visited by you with a Facebook button or widget even if you are not logged in Facebook. According to Nik Cubrilovic Facebook simply changes its tracking cookies instead of deleting them completely when you log out. This enables the browser to send personal information of a member back to Facebook even when the member is not logged in. Cubrilovic’s claims are supported by his study of HTTP headers sent by browsers to Facebook.com.
“With my browser logged out of Facebook, whenever I visit any page with a Facebook like button, or share button, or any other widget, the information, including my account ID, is still being sent to Facebook,” Cubrilovic wrote. He says the tests are repeatable by anyone with a browser that has development tools installed.
“They definitely have the information stored,” Cubrilovic told VentureBeat in an interview. “As to what they do with it, you can only speculate.”
In reply to Nik Cubrilovic’s post Facebook engineer Arturo Bejar commented that the data thus collected by the logged out cookies of Facebook is used only to avoid other online security risks.
“Also please know that also when you’re logged in (or out) we don’t use our cookies to track you on social plugins to target ads or sell your information to third parties” Bejar said.