Is it me or does it look like a huge mess? Facebook makes a mistake and the world goes berserk, but does anyone even know what's going on?
It was not a bug
For an app to retrieve any personal Facebook data, app-developers have to define a list of permissions. When a logging in to Facebook trough these apps, Facebook asks your permission in separate steps. In other words, you have to agree for every type of data to be communicated back to the app.
In the case of the leak however, the special account of a Cambridge University academic was used to build the app. For researching purposes this account had an exception to bypass the built-in agreement process. The data was therefore not leaked due to a bug, it was meant to do so. It was created that way, for research purposes.
How a data-mining company got the details
The news gets quite contradictory here, was the data sold by the academic or was it leaked to Cambridge Analytics? I don't even need to know. The data is in hands of a company that earns it's money with data, that's the main thing. And it's not a good thing, if you'd ask me.
Surely, the company is being investigated now, but the harm has all-ready been done. Some even stated the breach has a connection to Trump's election. I doubt that, since the data-set also contains a lot of other nationalities. Let's just hope it's not true.
Facebook's tracking methods
Like and Share buttons or Widgets
When visiting any random website, chances are Facebook knows. Most websites have a Like or Share button embedded. In other words, it is retrieved from Facebook's servers. Since your computer probably has Facebook's cookie on it, Facebook knows you're visiting this website.
Same goes for the widgets that show a Page's or User's stream.
The 1x1 pixel tracking code
Another method is a hidden 1x1 pixel, used by Facebook to link any given site to Facebook's Ads or Stats systems. When a site you're visiting bought Ads to generate Clicks or Followers or anything similar, Facebook requires the site's webmaster to implement a hidden pixel as a form of verification. Again, this is served from Facebook's servers, thus Facebook knows you're visiting this site.
Also, these pixels usually remain on sites after a campaign had ended. Off-course the pixel also remains active to collect the so called 'Microdata'.
Why deleting your Facebook account doesn't work
Facebook uses the data to earn money
It is a business, and businesses need to make money. The data mined by Facebook is used to build a profile about you. Your preferences, places you visit often, even your shoe-size, there's probably no other service with a better profile of people. Since Ad-sellers are willing to pay huge sums of money for these details, simply to serve the best advertisement to a user, it is in Facebook's interest to keep collecting as much information as possible.
Tracking cookies are like boomerangs
When you delete your Facebook's account, they (hopefully) remove everything about you from their database. But as soon as you visit a site containing one of these pesky like-buttons or any other Facebook embed, a new cookie is put on you computer and the tracking just starts all over again. Off-course, you're not logged in to Facebook anymore, so there's no name to link the statistics to, but a profile is built anyway and Facebook is smart enough to get to know you again.
And who says Facebook is honest enough to delete the tracking cookies when you're deleting your Facebook account?
How to stop Facebook from following you
Deleting your cookies is not the best option
A good way to get Facebook confused is to delete your cookies every time you close your browser (built in feature in most browsers). However, this is cumbersome since it'll delete all cookies, even the non-harmful. Therefore you will have to login to every site over again when you restart your browser.
Block third-party Cookies
This is a better option, which disables tracking cookies created by items served from domains other than the domain you're currently visiting. Keep in mind this doesn't just block Facebook's cookies, it'll block all other tracking-cookies as well. Normal first party cookies remain working.
In my opinion the best solution.
Available as browser extension, it blocks any invisible tracker. It works by monitoring which domains seem to be tracking you and only blocks these requests. The company behind this tool, EFF, is a non-profit organisation with no interest in tracking any details, thus i.m.o. safe to use.
When using Privacy Badger, you can (and should) disable all other Ad-blockers. Since this tool only blocks tracking advertisements, 'normal' ads keep working. This won't take away all Ad-revenue from website owners. At the same time, you give a message to ad-suppliers to serve non-tracking ads only.
The real solution lies with webmasters
Companies, business owners, developers, bloggers, just anyone maintaining a website, is in power to tell Facebook (and others) what they can and can't do. Simply by using the services we agree with and blocking those we dismay.
Remove all Facebook embeds
By adding embedded items (these Like and Share buttons or tracking pixels as mentioned above), we as website owners choose for our visitors to be tracked, weather they like it or not. So, just stop using these all-together. I'm sure your web developer is more than capable of creating like and share buttons that don't feed any details to Facebook, unless your visitor actually clicks on it.
Stop funding Facebook's Ads
By buying Facebook's Ads, you're actually funding Facebook's data-hoarding and telling them to keep up the 'good' work. Just stop it entirely. There are other, better ways, to get visitors.
When using the internet, just keep in mind somebody, somewhere, is always watching you. Simply because your statistics, your online profile, is worth a lot of money. Following the steps above will confuse online trackers a lot, but what about your internet provider? Just think about why internet is everywhere and why it's so cheap (if not free). At least Facebook is not the only one to blame.
You, as a customer, are in charge of these companies, because they need you to survive. Only you are able to tell what Facebook (and others) can and can't do, but tell them wisely. Deleting your account is like running away from the problem, it only removes you from the solution.