Hardly a day seems to pass lately without there being a breaking story about social media slip ups or scandals, the latest of which being the revelation that personal details of 100 million Facebook users have been harvested and are being shared on the internet in one handy downloadable file.
The official Facebook response of course is that all of this information was publicly available in the first place, and so there is no need for any concern. Although this harvesting of information is not Facebook’s fault, their response glosses over some rather pertinent points:
- This comes on the back of recent furor where Facebook changed the level of information publicly available;
- Although Facebook subsequently backed down somewhat over this, do people understand their true privacy settings?
- Of the people who do understand their settings, how many of them bothered to change them thinking it was of little consequence?
More than ever, people should be aware of the information they give out online and why they are doing it.
The power of aggregation
Although all the information that has been harvested was indeed already publicly available on Facebook (and let us ignore, for now, whether or not people did actually want their information to be publicly available) let’s consider just a few aspects of the actual act of aggregating all this together.
Criminals are magpies. Ever wondered why people would go rooting through rubbish? Because there’s money in it! When pieced together, information from disparate sources could reveal enough to perpetrate all kinds of criminality against the person, from bank fraud by finding out your mother’s maiden name, to simply knowing when you are most likely to be out of your home for robbery purposes. A handy consolidated file of personal information on 100 million people, for free? Yes please! But don’t go blaming the ‘security experts’ that did this just yet, as you’d be naive to think that organised criminals hadn’t done this sort of thing 100 times over already.
Prospective employers are nosey. Whether it’s right or wrong, checking out people’s online presence has become a regular part of recruitment. The publicity surrounding the existence of this file is bound to get a few technical minds whirring too, as they consider the potential for creating searchable databases geared up to crunch your data through all kinds of criteria. [UPDATE: Major corporations already are.]
Think you’re in control? Publicly available information is just that. And it’s copied onto servers around the world in seconds. What’s more, if you’re one of the 100 million users who have had their details put into this file, you can change your privacy settings all you want – it’s in the file, and in the file it is now staying. The information is out there forever, and you have no control over who accesses it.
What can you do to protect yourself?
If you’re among the 100 million? Not much to get back what you’ve already given out, but there are some common sense things you can do to stay safer online:
- Only input personal details into a website where it is essential for the provision of a service. Be suspicious of why a social media site wants your details, and be stingy!
- Make sure you know how your information is going to be used and how it is going to be shared.
- Make sure you are on top of any privacy settings. On Facebook, only share some information (including Wall posts) with friends. Don’t share your email with anyone. Do people really find you through school and work listings? No? Delete them then!
- Do you work for a bank or an insurance company? Make sure this is not mentioned anywhere in public forum – or you could be targeted by criminals who are on the look out for a stooge.
- Never disclose your home or work address or telephone number on a social networking website.
- Don’t use the same security information for social media sites as you do for your banking.
- Give false (but memorable) answers to ‘reminder questions’ – who’d guess your mum’s maiden name is DennisHealy6?
- If you are unhappy with the service or privacy, change your details on it and delete the account.
Remember, social media companies are businesses. It’s not in their interest to convince you to give less information about yourself, rather the reverse. Information is money! Also, don’t be fooled into thinking that these issues apply exclusively to Facebook users.
This is by no means the case, but simply – with 500 million users – Facebook gets more interest. This could happen on any social media site, and being sorry after the fact won’t make any difference.
As with most things, the answer lies in the application of common sense, and waking up to that a site’s privacy rules can change. When you share information on a social media website, just make sure it’s information you’d be happy to lose control of.
Further reading