GIPHY, one of the internet’s biggest repositories for the short animated “reaction GIFs” that populate social media and message boards, is now a Facebook property and is slated to be integrated with Instagram. While platform users are likely thrilled that sick burns and visual social commentary will be easier to integrate into their posts, response to it has not been universally positive. Privacy advocates are already concerned about the merger given Facebook’s history of data collection and the techniques it uses to track personalized ads, seeing it as a potential window into millions of websites that the company did not already have a foothold in — including its competitors.
Facebook GIFs as trojans for data collection and personalized ads?
It appears that there will be no change to the basic function of the service, with GIPHY maintaining its own external website. “People will still be able to upload GIFs; developers and API partners will continue to have the same access to GIPHY’s APIs; and GIPHY’s creative community will still be able to create great content,” according to a blog post from Instagram’s vice president of product Vishal Shah.
Facebook added a statement on the merger in the company’s own blog: “By bringing Instagram and GIPHY together, we can make it easier for people to find the perfect GIFs and stickers in Stories and Direct. Both our services are big supporters of the creator and artist community, and that will continue.”
The $400 million deal gives Facebook direct access to the estimated 1 billion GIF images served by GIPHY each day. Facebook states that Instagram is already responsible for about 50% of GIPHY’s traffic. GIPHY’s search engine is embedded in a number of popular services, such as Twitter, Slack and the privacy-focused messaging app Signal.
GIPHY is already able to engage in certain forms of user data collection. The company forces shared GIFs to be passed with a JavaScript wrapper that reports the URL the GIF is being loaded at. However, GIPHY is also capable of assigning a unique tracking identifier through this code. This identifier can be used to track user movement as you pass through different sites that host their GIFs, one of the core elements needed to deliver personalized ads.
The service has an even greater data collection reach when embedded in a third-party app such as Twitter. Anyone who uses the search tool in these apps gets a tracking ID assigned to them, but GIPHY also receives any search strings they type in to look for GIFs. It is up to each individual app to block this information; Signal does it, but few others do.
Though many would not be comfortable turning this sort of data collection power over to Facebook under any circumstances, the company has moved pre-emptively to quell concerns by announcing that it will not track individuals or serve personalized ads through the GIPHY API. Facebook claims that it will merely track aggregate anonymized usage patterns this way. However, Facebook would still stand to gain some very valuable inside information about how GIFs are being used on the platforms of competitors.
Censorship concerns
Another concern is how Facebook will moderate the GIPHY library. GIPHY’s terms of service (and proactive enforcement of copyright) are currently much looser than Facebook’s “acceptable use” policies. One example is that GIPHY currently allows for “fictional violence” to be posted, for example a gory scene from a movie; these GIFs could fall afoul of Facebook’s posting policies.
Others reported issues posting GIFs that feature Mark Zuckerberg just after the merger was announced, though Facebook was quick to issue a statement that it was not “intentionally” taking down images critical of company personnel.
And though GIPHY has licensing deals with many entertainment industry publishers, not every GIF that is hosted on the platform is legally kosher in terms of copyright. GIPHY has been relatively lax to date about allowing these items to stand; some wonder if Facebook will break in the other direction and aggressively remove anything that could even potentially be an IP violation.
Time to break up the GIF monopoly?
This acquisition also means that the two largest GIF repositories on the internet (Google’s Tenor being the other) are now in the hands of a SIlicon Valley tech behemoth with a long and questionable history of data collection and a focus on serving personalized ads as a core revenue stream. There are a number of smaller sites for hosting GIFs, but none are integrated with popular apps and services in the way that GIPHY is.
The acquisition may reignite the movement to break up Facebook, a sentiment that has gained considerably in strength and popularity in the past year. It began with departed co-founder Chris Hughes penning a May 2019 op-ed in the New York Times calling for government intervention given that Facebook no longer has any real competition in the social media marketplace. The idea then found a place in Elizabeth Warren’s campaign for the Democratic nomination for president later in the year. Coalitions such as Freedom From Facebook And Google have called for company mergers and acquisitions such as this one to be unwound, with increased ability for platform users to opt out of personalized ads and data collection. The FTC has thus far declined to comment on the acquisition.
The absorption of GIPHY adds to Facebook’s already potent ability to track non-users and those who are not currently logged in to their accounts. Facebook has been engaging in data collection outside the platform for its personalized ads for years through various means, such as the embedded “Share on Facebook” buttons that it encourages websites to implement. One of the more controversial means, and one that potentially plays into the GIPHY acquisition, is the “Facebook Pixel” used to track movement across the internet and incorporate that information into personalized ads. Invisible to the site user, the Pixel reports back to Facebook with websites visited and actions taken on that site such as items placed in a shopping cart or ads that were clicked on. This data collection can be tied to individual identities through browser fingerprinting, which works even if the end user isn’t logged into (or doesn’t even have) a Facebook account.