With two fingers cracking open miniblinds and eyes peering out, the ad reads: "They told us you’re single in NYC."
It's creepy, and that's the point. But what may be even more unsettling is where the ad appears – only on the Facebook pages of single people living in New York City.
The advertiser is taking advantage of Facebook's targeting technology to make a statement about online tracking while promoting its upstart social media platform, Ello. Essentially, it's angling to be the anti-Facebook.
Launched in 2014, Ello boasts an ad-free experience with only minimal user tracking. The concept is a stark contrast to the revenue models of social media companies such as Facebook, which earns billions of dollars annually by serving ads to users based on personal preferences.
While Ello has garnered media attention for taking its pro-privacy, antitracking campaign directly to Facebook's turf (it plans to launch a similar campaign on Twitter and Tumblr), experts aren't so sure it's a panacea for privacy-seeking social media users.
Ello's lack of advertising does mean minimal tracking but it still collects – and stores – lots of user data. The site catalogs Ello pages users access, users' IP address, sites that refer users to Ello, general geographic location, the e-mail and username for each account, and users' device information. While Ello says the information is anonymized, much of that data can still be used to identify users and their online activities.
For instance, device information and geographic information can be just as identifiable as someone's name, say experts. "Permanent user IDs in a smartphone are increasingly being identified as constituting personally identifying information," said John Kennedy, a cybersecurity lawyer at the firm Wiggin and Dana LLP.
One of the biggest areas of concern for privacy advocates is how Ello treats data after users leave the site. Ello has declared that quitting "your social network should be simple, hassle-free, and permanent." According to Ello’s privacy statement, users can delete accounts and posts, and neither users, nor Ello, will be able to retrieve them.
Still, the policy says that backups of the information, possibly including posts, will be kept on its servers even after users' accounts are deleted.
Ello founder Paul Budnitz said backups are deleted after three or four months and the company is developing a way to delete them even sooner. When asked why Ello keeps the backups even after accounts are deleted, Mr. Budnitz said in an e-mail that backups allow Ello "to restore data in case of a hardware crash, for example."
That's not ideal when it comes to guarding users' privacy and security, says Mr. Kennedy, the lawyer. "Best practice is to only collect the data that they require in order to provide your service," he said, “and keep it only as long as they have legit need to support an account or record keeping."
Ello is, however, one of the few social media companies that abides by Do Not Track requests, an option on Web browsers that signals to sites that users don't want their online activity tracked with cookies. Kennedy said Ello appears to be in compliance with a new California law passed in January that requires sites to let users know whether or not they honor the tracking requests.
It also doesn't required that people use their real names on the site. Many privacy advocates have complained about Facebook's policy of requiring users go by real names because it could endanger some people who need to protect their identities.
Unlike like many social media sites that sell users' data to third parties, Ello claims that it doesn't offer that information for sale. Still, advocacy groups such as Access have expressed concern about the thoroughness of Ello’s claim to not sell user data, particularly in the event Ello is sold.
“Who gets that data?” said Josh Levy, advocacy director at Access. “Does it carry over?”
Ello is registered as a public benefit corporation (PBC), a new type of for-profit business recognized in 18 states. PBCs operate with a heightened accountability for keeping business practices in line with their mission statement, which set out the specific public benefit the company pursues.
In Ello’s case, Budnitz said, that is an ad-free social network, which he interprets to mean that in the event of a sale, the buyer must also agree to keep the site ad-free and not sell user data.
Users can rest assured that all the data collected is encrypted in transit and at rest on the third-party servers it uses, Budnitz said.
On its face, Kennedy said, contracting with a third party for a service like this is not immediately concerning, but Ello should explain if and how it compels any third parties involved to protect the security of the data.
Budnitz said in an e-mail that Ello has written contracts with the hosting companies, “who cannot legally use or access our data, and specific responsibilities around how that data is stored."
Even with the recent ads touting its attention to privacy and disdain for ad-targeting software, Budnitz said privacy really isn’t the Ello’s key differentiating factor within the vast social media landscape.
Rather, he said, Ello’s focus is to be a "global network for creators, where you can discover beautiful art and be inspired by meaningful stories."
Whether it can make that model work, while shrugging off revenue-generating advertising, is another matter altogether. Ello plans to eventually launch an online marketplace where artists and artisans can sell their wares similar to Etsy.