Has the social networking site gone too far? Outrage over its recent moves suggest that’s the case
Gillian Shaw
Sun
Imagine that a picture of you shows up in an online ad for “hot singles.”
And you find out about it when your husband signs into his Facebook page only to see your face pop up as a sexy single looking for a date.
That’s what happened to Linda Bell, who discovered the innocuous head shot from her Facebook profile had been lifted to appear in an ad trolling for men seeking hot dates.
“It was shocking,” said Bell. “These days God only knows how people are going to use things they find on the Internet.”
Bell isn’t alone. In the stampede to share details of our lives online we are often giving away more than we realize and social networking sites like Facebook are counting on that to capitalize on a lucrative and growing data bonanza. While Facebook has pointed out to users such ads by third parties violated its policy over the user of profile photos and were removed, many users don’t give much thought to other places where they photos may show up.
We post photos our of children, thinking Granny and Auntie Mary are going to be captivated by their cuteness, little expecting the most innocent of photos could end up in the favourite files of someone with more nefarious interests.
Alec Couros, a professor of educational technology and media at the University of Regina, is social media savvy, yet even he was surprised to find a viewer had dropped by his Flickr photo site and picked out a number of photos of his young daughter and friends playing. That a stranger took such an interest would be concern enough, but then Couros found one of the photos in a gallery of photos, alongside pictures of young women, clothed but bound in photos suggestive of bondage.
Sometimes it’s strangers seeking financial gain from collecting the postings of others — like the person in Pakistan who billed himself as a social media leader, offering to sell for $100 an entire online slide show presentation posted by Vancouver’s Kemp Edmonds through his work as a social media educator at the B.C. Institute of Technology.
Or your personal information ends up in other commercial venues, as St. Louis’s Danielle Smith, founder of extraordinarymommy.com,
discovered when a photo of her family that she had posted on her website and on the social networking site Ning appeared in a Czech grocery store ad.
Annemarie Tempelman-Kluit is the founder and editor of yoyomama.ca.
As the mother of two girls, aged four and six, she is careful to ensure her family photos are only viewable by friends.
“Lots of naked kids pictures are cute and not creepy in any way, but you want your mother-in-law to see them you don’t want someone creepy to see them,” she said.
But while data are plundered from a variety of online sources, Facebook is one of the larger repositories of information about our populace.
And so its policies and practices around security and privacy create headlines, as did its recent changes that leave Facebook users’ personal data open to companies like Yelp and Microsoft.
Has Facebook gone too far?
Outrage over its most recent moves suggest that may be the case.
Canada‘s Privacy Commissioner has criticized the move that comes even as that office tries to get Facebook to comply with recommendations from an earlier report released last summer.
And Elizabeth Denham, assistant privacy commissioner, said while they are still studying the changes, it’s clear her office doesn’t support them.
“We are not happy,” said Denham. “I think we will have an announcement to make in the next few weeks.”
In the United States, four senators have called on Facebook founder Mark Zuckerberg to reverse the changes and give users more control over how their information is used.
There’s no shortage of data: Facebook has more than 400 million users worldwide, with one in three Canadians on Facebook.
If you are counting on the company to safeguard your privacy, your confidence may be misguided.
The most recent sentiments about privacy attributed to Facebook founder Mark Zuckerberg came second-hand — in a tweet from New York Times tech writer Nick Bilton who wrote: “Off record chat w/ Facebook employee. Me: How does Zuck feel about privacy? Response: [laughter] He doesn’t believe in it.”
The comment comes as no surprise because as Ian Kerr, Canada research chair in ethics, law and technology at the University of Ottawa, pointed out in a panel Friday:
—
Concerned your social networking posts have fallen into the wrong hands? Here are 10 ways to track yourself online.
1. Set up Google alerts for your name at www.google.com/alerts.
2. Reverse image search at www.tineye.com.
3. Search for images through a number of different search engines, including: Google image search ( images.google.comor click ‘images’ on search options at www.google.com).
4. Use Bing ( www.bing.com/images)to search for images and click on similar images to find various sites an image may have appeared.
5. Yahoo image search (images. search. yahoo.comor click ‘images’ on search options at www.yahoo.com).
6. Imagery At Elzr.Com/Imagery.
7. Check Flickr images by searching at www.flickr.com.
8. Search your name on www.pipl.comfor a list of everything from your contact info to photos, to websites, news articles, blogs, videos and other online sources.
9. Find yourself on Twitter. Some Twitter search tools including www.twitterfall.com,monitter.comand search.twitter.com.
10. MonitorThis, at alp-uckan.net/free/monitorthis,lets you subscribe to 20 different search engine feeds.
“It has long been Facebook’s strategy to make users opt out of default settings that leave their profile pretty wide open,” said Kerr.
Facebook users are not necessarily leaving the information open by intent. Rick Howard, director of intelligence at VeriSign’s iDefense Labs, is a security expert, yet he says he finds Facebook’s privacy and security policies difficult to decipher. And he understands why users are quick to accept friend requests on Facebook, even from people they don’t know because people want to be seen as being popular. What teen wants to be known as the person in the school with the fewest Facebook friends?
Once online, our inhibitions about sharing information often seem to evaporate. You might not stand in a grocery store lineup and announce to everyone within hearing your birth date, your mother’s maiden name, the high school you graduated from, the name of your pet cat and details of your upcoming surgery — yet a cursory run through of information shared on Facebook shows all that and more.
Just this week I received a friend request on Facebook. I didn’t know the person, but by the time I had looked through her Facebook profile, I probably had enough information to get a credit card in her name.
Tim Callan, vice-president of producing marketing at Veri-Sign, can tell you the results of over sharing. It could be the information is just picked off by robots that mine the information on a vast scale; in other cases it could be a more focused hit — like the beautiful girl or the handsome stranger who befriends the lonely hearts, building an online romance that only ends after the stranger has managed to convince the hapless victim to send money so they can visit and consummate the union. The money disappears, along with the heartthrob.
“There is a lot of behaviour on social networking sites where people feel like they are talking with their friends,” said Callan. “It is worthwhile for people to ask themselves, is this something that I would be happy for any stranger in the world to know?
“If the answer is yes, then go ahead and publish it.”
Many website changes
Facebook was already under fire over its privacy policies. Even as Canada’s Privacy Commissioner was carrying out a year-long investigation that culminated with a report last summer with recommendations for the site, the company was making so many changes the commissioner’s office had a staff member dedicated full time to keeping up with them. While that full-time monitoring came to an end with the release of the report, the pace of change at Facebook hasn’t abated. While the Privacy Commissioner’s office has been following up on its recommendations and monitoring Facebook’s response, the social networking site has come up with new strategies that leave privacy experts shaking their heads.
“Since its incorporation just over five years ago, Facebook has undergone a remarkable transformation,” writes Kurt Opsahl, senior staff lawyer with the Electronic Frontier Foundation. “When it started, it was a private space for communication with a group of your choice. Soon, it transformed into a platform where much of your information is public by default.
“Today, it has become a platform where you have no choice but to make certain information public, and this public information may be shared by Facebook with its partner websites and used to target ads.
Many Facebook users may not even know that the site automatically shares information from their Facebook profiles on search engine listings. That includes such details as your name, profile photo, gender, friends list and other items. You can’t edit the information that’s available to anyone searching the Web, it’s all or nothing — the only choice is to opt out completely so anyone looking for you on Facebook, either through the site or through an outside search engine, won’t find your Facebook profile.
While many users may not think sharing details like a photo and a list of friends (complete with their photos and public information) is not a big deal, it can be.
Couros, who teaches education students about technology and social media, said school districts have told him that finding a Facebook profile photo of a job candidate with a beer in his or her hand is enough to drop the candidate off the recruiting list.
“Even if you tighten up your Facebook profile as much as you can, you can’t hide your profile picture,” said Couros. “As a new teacher looking for a job you may have a beer in your hand.
“If you’ve got alcoholic beverages or you are doing something a bit sketchy, you are automatically out of the pool. It doesn’t matter what your resume looks like. I have heard that from four or five districts around Regina recently.”
You may or may not agree with such hiring judgments, but as a job candidate you’ll probably never know that your online persona played against you.
It’s the same for a wide variety of roles we may have in our lives — from employee, to parent, to customer, to insurance claimant (that picture of a supposedly injured accident victim posing at the top of a vigorous hike can wreak havoc with insurance settlements), to patient (with news recently that psychiatrists in the United States are looking up patients on Google for background information). Your online profile can also provide rich fodder for local burglars (who love such posts as, ‘heading to Europe for a three-week vacation’) as well as online identity thieves.
Most recently Facebook announced it was sending users’ profile information to companies like Yelp, Microsoft and Pandora (an Internet radio service not available in Canada). Unless you change the default settings on your Facebook profile or say no thanks at the website, every time you go to one of those sites while you’re logged into Facebook, you’ll be delivered a personalized version of the site.
Another issue is Facebook’s newly announced “Like” button, which can go on websites, blog posts or other online content from restaurant listings to your favourite musicians. If you click on the button, Facebook will publish that on your profile and in the news feeds that your friends get of your activity.
If you’ve managed to figure out that privacy minefield, Facebook will also now suggest you connected to “Pages” based on interests and affiliations contained in your profile data. The pop up box gives you two options: Agree to connect with all the pages recommended by Facebook or edit the choices. The default has all the suggestions checked; if you don’t agree you have to uncheck them.
Third-party developers who create Facebook applications cheered the changes, which put an end to a requirement that they delete users’ data after 24 hours.
Confused yet? You’re not alone. Facebook’s Open Graph protocol announced last week at a developer conference has prompted some Facebook members to opt out entirely from the service. But while privacy experts and those who are social media savvy may be well aware of the furore, it’s lost on a lot of ordinary Facebook users. I asked one Facebook user if he had changed his privacy settings after the recent changes.
“What changes?” was the response of this 20-something user, who would be considered a ‘digital native’ or one of author Don Tapscott’s Growing up Digital youth. If someone who has grown up digital doesn’t quite get it, chances are many baby boomers who are digital immigrants will find managing online privacy a daunting prospect.
Just Google your name
You don’t have to look to your friends to see what information is being shared: simply Google your own name, searching the Web, searching photos or one of the many categories Google offers. And Google and other major search engines aren’t the only source.
Canadians fare somewhat better than our American neighbours when it comes to privacy protection, with Canada’s private sector privacy laws adopting a comprehensive approach that covers all personal information collected in commercial activities, whether it’s online or off. Denham points out by comparison the U.S. has a more sectoral approach, with rules that cover different areas, such as financial or health.
“We’ve got comprehensive protection for Canadians and we’ve got broad principle-based law which is flexible; it can apply to social networking sites, it can apply to a small retailer,” Denham said.
The countries of the European Union have passed data protection laws that follow a standard EU directive and Denham said Canadian law is considered to be substantially similar to that.
The phrase ‘privacy by design’ is a concept Ontario Privacy Commissioner Ann Cavoukian came up with back in the ’90s and suggests that privacy assurance should be an organization’s default mode of operation.
That concept is at odds with Facebook’s apparent view of the issue, but it is one privacy advocates would like to see.
“We think there should be privacy-friendly default settings,” said Denham. Pointing to the letter last week sent by the Privacy Commissioner of Canada Jennifer Stoddart, along with the heads of data protection authorities in France, Germany, Israel, Italy, Ireland, Netherlands, New Zealand, Spain and the United Kingdom to Google, regarding Google Buzz, Denham said companies should not put out new products, expecting to deal with privacy concerns later. Google Buzz is a social networking application in which Google automatically assigns followers to Gmail users from their Gmail contact lists.
“You can’t beta test these on the open market,” Denham said of the social networking applications.
“When you test, you have to be compliant with the law.”
Instead she said companies are putting out the changes, seeing if users have a problem with them and only then thinking of fixing it. That’s not good enough for the privacy authorities.
“You can’t make this stuff up as you go along,” said Denham.
—
SEVEN STEPS TO MANAGING YOUR FACEBOOK PRIVACY
1. Active, deactivate or delete?
If you are really worried about your privacy and don’t want to share any information, deactivate your Facebook account -although that doesn’t strictly clear the information Facebook has about you. For that you must permanently delete your account. Otherwise, your information disappears from Facebook but the company saves your profile information in case you want to reactivate your account sometime.
4. Are your friends over-sharing?
If you don’t want your information accessed through your friends, under the same applications and websites under privacy, go to “What your friends can share about you through applications and websites” and uncheck all the boxes. Click on save changes.
2. Do you want to be found?
If you don’t want your profile to show up in a Google search: Go to your Facebook profile, click on account on the upper right hand side and then click on privacy settings. Click on search, from the drop down menu, click on only friends. The default is everyone; with that setting anyone can see your profile information, including such info as your friends list.
5. ‘Everyone’ isn’t your friend
To ensure your personal information isn’t available to everyone, under profile information in privacy settings, check to see who you are sharing it with. Click on only friends if you don’t want the information available to a wider audience, making sure to include your photos and videos.
6. ID thieves aren’t looking to send you Happy Birthday wishes
Don’t include the year of your birth with your birthday. You can control that by going to Profile on your Facebook page, click on the info tab and then edit. Click on basic information on the left hand side. A drop down box by your birthdate will give you the option of not sharing that information on your Facebook pro-file, showing the full birthday or only showing the month and day.
3. Unhappy with Open Graph?
To disable Open Graph, click on privacy settings, click on applications and websites. At the item at the bottom of the list, instant personalization, click on edit settings. The is a box checked off that says “Allow select partners to instantly personalize their features with my public information when I first arrive on their websites.” Uncheck that box. Click confirm. You can also disable it on the participating websites by clicking no thanks when it asks at the top when you visit the site if you want Facebook to “personalize your experience.”
7. What pages are linked to your profile?
Editing your profile: Facebook will list pages that will be linked to your profile. Uncheck any pages you don’t want linked and click on save changes.
© Copyright (c) The Vancouver Sun