On 14 March and 15 March 2018, a CentralNotice banner appeared to some logged-out users
viewing English Wikipedia pages. The banner contained JavaScript hosted by Facebook, which
allowed Facebook to collect traffic data from those who visited a page with a banner. The
banner was prepared by the Wikimedia Foundation. The Foundation turned the banner off as
soon as we learned how the script was running, and its potential scope. We have also
removed all references to the code in question from CentralNotice on Meta-Wiki.
The code utilized in this banner was based on an unused prototype created by an outside
vendor. Because the prototype was never enabled, the vendor’s prototype code was not
subjected to our standard quality assurance process. However, we made the mistake of
reusing the code for a different purpose, and implementing it based on recommendations in
documentation from Twitter and Facebook to improve the appearance of shared links. At the
time, our understanding was that the platforms would only receive traffic data if the user
clicked on the link. Although this was true for Twitter, the Facebook code operated
differently.
We discovered the problematic link configurations during our ongoing monitoring of live
banners. The recommended code enhanced not only the appearance of links, it also enhanced
Facebook's ability to collect information on people visiting non-Facebook sites. As
soon as we realized these banners were sharing information without even having to click
the link, we disabled them and began an investigation. Staff in multiple departments are
collaboratively reviewing the incident as well as procedural and technical improvements to
prevent future incidents.
While this sort of tracking is commonplace today across most of the internet, it is not
consistent with our policies. We are disappointed that this type of hidden data collection
is routinely recommended by major platforms, without clearer disclosure.
These practices are why we all must regularly take routine steps to maintain a secure
computer and account. As the Wikimedia Foundation continues to explore ways we can do that
within Wikimedia's platform, we encourage you to consider tools which block unwanted
third-party scripts like the one provided by Facebook.
We apologize for sending this late on a Friday (San Francisco time). However, we wanted to
provide this information as quickly as possible.
Show replies by date