What would you do if you registered on a site to buy something, only to find months later that your user account was searchable and your purchases were exposed? That scenario is currently playing out for Etsy users, who are dealing with the fallout from Etsy's decision to roll out a new People Search tool. The site, dedicated to enabling crafters and artisans to sell their work online, has yet to notify its user base of the change that exposes users' real names and, via their profile pages, anything they have purchased and left feedback on.

The controversy began last week when Etsy flipped the switch on People Search as part of its effort to make Etsy feel more like a social network. Now, when users run a search for a person's full name, that user's account will show up in the search results, even if that person is only a buyer. The goal is to allow users to connect to each other and create "Circles," which then allow users to see which products their friends have favorited or purchased on Etsy.

The problem is that, aside from a thread in Etsy's forums (which is almost entirely used by sellers, not buyers), Etsy has not notified users of the change in privacy settings or policy. Previously, users could search Etsy for seller names, but the names of buyers were not exposed as part of the search. Not only are buyers searchable now, they're even searchable by real name if that info is in their account profiles—this is not a required element of the registration process, but there's nothing to indicate that it's optional. Most users enter it to enable a smooth transaction when they make a purchase.

Even if users haven't entered their full names, their profiles are still searchable by username. Even better, people's Etsy profiles and their purchase histories (via the feedback they leave) are beginning to show up under Google results for their names. Even if the buyer didn't leave feedback, a seller could leave feedback for the buyer and still expose what that person purchased.

Why does this matter? Not everyone wants their purchases to be made public—and some purchases are definitely more private than others. "I just found a woman who's Etsy profile comes up on Google as the 5th link. I was expecting 6 or 7 pages down, but it's on the very first page, right after her online resumes," wrote one concerned user on the Penny Arcade forums. "She signed up a year ago, under the old privacy policy, and hasn't logged in since 2010. And now I know what dildo she uses. Right down to the curvature and coloring."

A different user added later on in the thread, "Found an XXL glass dildo with veins and swirled gold coloring (beautiful piece really) and checked to see if anyone favorited it. Someone did. She also favorited some cosplay cat eat hats [sic] and a bell collar/necklace thing. Then I found her on Facebook."

Beacon redux

Critics of Etsy's new policy seem to have a thing for searching for artisan dildos, but the point is pretty clear. Buyers have no idea that their purchases are being exposed, and they don't need to be embarrassing purchases to cause problems. We're reminded of the fallout from Facebook Beacon, the tool that allowed Facebook to show users' off-Facebook activities and purchases without their consent or knowledge. Facebook offered an opt-out for the service, but the damage was already done. Facebook eventually faced an FTC complaint and a class-action lawsuit—Facebook settled the suit in 2009 by shutting down the service and donating $9.5 million to an organization that fights for online privacy.

With this move, Etsy has hopped onto the Beacon roller coaster, and it may be too late to get off. By automatically opting in every user ever registered to the new system, Etsy is likely just one especially outraged user away from facing its own set of lawsuits and FTC investigations.

Etsy's seller base has voiced concern that the changes could violate privacy laws, but Etsy has not issued any sort of official response to the outcry. Those who do have accounts on Etsy can remove their real names from their profile pages, and there's also a way to make your purchase history private (Your Account > Settings > Privacy). However, most account holders aren't even aware of the change in the first place, and they're not likely to change their settings without some sort of prompt.

"Why must buyers have to jump thru hoops to get answers around here & read forum posts ad nauseam to figure out how to have privacy ON A BUYING SITE?" one concerned Etsy seller wrote. "This defies all common sense & business ethics. It's shameful."

Photograph from SquidWhaleDesigns

Update: Etsy CEO Rob Kalin is talking in the discussion thread of this post about the details of the privacy policy. We highly recommend you read his posts in the thread, as well as the posts by Ars readers who counter him.

As we mention in the post, people's purchase histories are exposed via the feedback they leave for others, or via the feedback sellers leave for them. Feedback has always been public, but buyers were not previously searchable on Etsy. This new combination, plus Etsy's seeming disinterest in addressing its own community, is what caused numerous Ars readers to send in a tip about this issue.

Rob has responded to an e-mail from me about this article. He writes: "Right, it was the 'mixture of scenarios' [the ability to search buyers and then find their feedback history] that created the situation. In any event, we escalated this issue and addressed it."

Update 2: Etsy has now posted a response on its own blog, saying that it's changing the feedback system as a result of the reaction to our article.