Does Facebook's privacy statement state that they don't track "logged out" users? Logging out of Facebook does not delete all facebook.com cookies (let alone any web beacons from covert domains Facebook might use), so they could technically still track users.
I just deleted my facebook.com cookies. Visiting facebook.com login page issued me 5 cookies. Logging in issued 31 (!) additional cookies. Logging out and restarting my browsing (to clear session cookies) left me with 3 cookies. And those 3 cookies have suspicious names like "datr" and "lu" (Log User?) with obfuscated hash values.
:( This meme has been refuted so many times I don't know what else to do. We do not track logged-out behavior. The datr cookie is for phishing and spam protection.
How would anyone know that? If any personally identifying cookies remain you could.
And personally, from my corporate experience there's a good chance that you're simply lying to us here and a better chance that you're telling us what you think the truth is but have been lied to yourself.
For instance, the FAQ directly contradicts the Wall Street Journal. You and the FAQ say no logged out info is collected, the article says exactly otherwise.
> WSJ: Facebook acknowledges that it gets that data [from logged out users] but says it deletes it right away.
Oh, I see. You do track them. But, you don't inhale...
Even if we believed you, by collecting that data you change the game entirely. Now you can be legally required to log data from a specific user which you couldn't if the system wasn't in place.
If you cannot entertain the possibility that employees of the company who work with the code in question are telling the truth, and put more faith in a paraphrase by a journalist, then we don't have much common ground to have an intelligent and respectful discussion.
Many large web services, for instance Google's Plus button, appear to work in exactly the same way with logged-out cookies. This is something you can easily test yourself. When asked, these companies make exactly the same statements about how this data is and is not used. All of the speculations in your last paragraph would seem to apply equally, though I personally don't put much credence in them.
So the question is unfortunately not one of facts, but of trust and feelings. Beyond telling the truth as far as I know it there's not much else I can do. FWIW we don't make evil plans down in the old volcano lair.
I just deleted my facebook.com cookies. Visiting facebook.com login page issued me 5 cookies. Logging in issued 31 (!) additional cookies. Logging out and restarting my browsing (to clear session cookies) left me with 3 cookies. And those 3 cookies have suspicious names like "datr" and "lu" (Log User?) with obfuscated hash values.