Why you should care about your privacy but don't.

Tweet about this on TwitterShare on Google+Share on RedditShare on LinkedInShare on FacebookBuffer this page

You have likely heard of the recent growing uproar concerning Facebook's privacy policy and privacy settings. You're also likely asking yourself: so what!? Who cares if everyone on the Internet knows my hometown, my birthday, my name, where I got my degree or can see a picture of me? How else are they going to find me and invite me to a party, find a job or get back in touch years after high school?

In this article I will address these issues and try to explain in simple terms and using concrete examples why you must care about sharing your life with the world. I will use Facebook as a model here because it is the most prolific social network (and arguably receives the most privacy-related attention). Regardless, the take-away message applies to any medium: be careful from the start and don't put anything 'out there' you don't want the world to see.

To quote from Kevin Mitnick's book "The Art of Deception" a chapter entitled "When Innocuous Information Isn’t":

[I]n reality penetrating a company's [or an individual's] security often starts with the bad guy obtaining some piece of information or some document that seems so innocent, so everyday and unimportant, that most people in the organization wouldn't see any reason why the item should be protected and restricted.

This book was what first opened my eyes to security and privacy and I highly recommend you purchase and read it; it's written in everyday language and deals with changing your behaviour, not with technology.

Heck, even The Onion's getting into it: Entire Facebook Staff Laughs As Man Tightens Privacy SettingsGoogle Opt-Out Village, etc

 

Photographs.

This is likely the first thing you think of when you consider online privacy. You're 22, get drunk at a house party and do something that you might not want a future employer or mother-in-law to see. You don't care if someone takes a picture and posts it on Facebook because you can change the privacy settings of photos you're tagged in so "Only Me" can see it. Sorry, but that doesn't work.

Have you ever noticed this at the bottom of your photo albums: "Share this album with anyone by sending them this public link"? This allows you to share photos with people who aren't even members of Facebook. To be clear, people who are not even logged into Facebook are de facto non-"friends" and are not connected to you because Facebook doesn't have any way of knowing who they are. This should make you raise an eyebrow and wonder how, then, your photos are protected. You could reasonably assume that if you set a photo to "Only Me", someone who isn't even logged into Facebook wouldn't be able to see it.

Only, you'd be wrong.

Facebook keeps photos and albums with long page addresses which are supposed to be "hard to guess" but which actually bypass all of your privacy settings.

I've just created an album which, as you can see, is protected—nobody can see it but me (click image for full-size, new window):

Facebook privacy settings screen, links to full-sized image.

Thankfully, nobody will see that I got a chance to fly in a UH-1 Iroquois, because my friends would be super jealous. Only…

Facebook page of the private album while not logged in.

Not only is that photo page displaying the photo which was set for "Only Me" within an album which was set for "Only Me", I'm not even logged into Facebook, I'm on another computer and I can still see it.

Make no mistake: this is a real problem. There are sites out there that automatically trawl every possible Facebook photo page address looking for, say, racy pictures, then download them and make money selling them. I don't want to drive traffic to this type of site, so I won't link to them, but some creative Googling will get you there in a flash. They're also obviously not suitable for work (you've been warned).

The second problem with Facebook (and all other social networking sites) is that once a photo is displayed to a user, they can do anything with it. They can download it and spread it around as much as they want, since there is no mechanism in place to prevent it. The famous photo-sharing site Flickr is slightly better at it than Facebook but there will always remain a very easy way to capture a photo that's otherwise protected: a screenshot. If it's on your screen, you can take it, regardless of the technological permissions protecting the picture (just like the second photo above).

 

Contact and other personal information.

If you don't want spam and telemarketing faxes for the rest of your life, or to be tracked down by an ex you tried to leave in the past, keep your contact information private. I'm a freelancer and I have many avenues for clients to contact me, but few of them reveal my contact information directly (until, of course, we have established a business relationship).

If you'd like someone far more qualified than I to explain the thousands of ways even this seemingly limited information can be used to, say, get your credit card number, read Kevin Mitnick's "The Art of Deception".

 

Basic flaw #1 — you don't even realize what's happening.

Let's take a look at a site like http://facebookfails.com/ It is an interesting showcase of embarrassing things people have put online. But it also reveals one of the basic flaws in the whole privacy system: people just don't understand how it all works (The New York Times: Facebook Privacy: A Bewildering Tangle of Options).

Take http://facebookfails.com/2010/05/21/thank-you-for-last-night/ [NSFW] for example. It's a short status update (which is visible to everyone by default) a woman wrote about an evening she had with a man, not realizing that everyone she knew could read it. Not only is this very embarrassing, it showcases a major lack of understanding of the way the social network operates.

The original poster is, like the vast majority of Internet users, simply not computer literate enough to understand the distinction between a message, a wall post, a status update or a post comment. Once she realized what she'd done, she couldn't figure out how to undo it. Social network architects like those at Facebook should (and do) take this into account when designing their system. However, Facebook's privacy model is to let everyone see everything by default in order to maximize your connections. They do not design their network to maximize privacy.

The best way to prevent this sort of thing happening isn't to berate Facebook or to search through their maze of privacy settings. The best way to guard your privacy is to be cautious from the outset and be very selective about what you write and where you write it.

There's a second take-away from this: perhaps the original poster did have privacy settings which would have limited that status update to only her 20 Facebook friends and she figured out how to delete it only 1 hour after it was posted. But it's still out there as a screen-shot, on a major blog with thousands of weekly visitors for all to see.

 

Basic flaw #2 — things change.

Today I came across a blog post (via Mike Gifford) with an interesting graphic which details which information is now publicly-available on your Facebook profile page, especially that information you may previously have marked as private.

Public information is available to anyone, not just your friends, is available to Facebook Apps and is available to those who don't have a Facebook account at all.

A screenshot of a Facebook page with post-it notes indicating what  information has passed from private to public.

As you can see, the following information is publicly available: your name, your picture, your gender and birth date, your friends, your networks (which usually includes the city in which you live) and your work and education history. Take a good look at yours (you can access yours by clicking here). You may have once configured Facebook to keep your profile photo private. Well, it's not any more and short of having no profile picture, you can't keep that private.

Perhaps you're hiding from an abusive ex-husband [warning: strong language] and the model changes, as it did with Google Buzz, and you suddenly find yourself connected to people you'd really rather not be. Perhaps your only choice is to opt out completely.

In a recent, related story, the US Library of Congress recently announced that the "Library [is] to acquire ENTIRE Twitter archive -- ALL public tweets, ever, since March 2006!" While the Library'sacquisition FAQ does explain that "private information and deleted tweets" won't be retained, that does not necessarily mean that you can delete a tweet once the Library has acquired everything and have it removed from the archive. It is, in fact, highly unlikely that deletes will be synchronized between the active Twitter database and the Library's archive.

Did you tweet something silly 2 years ago? Could you even find it now to delete it? What if you had not one, but hundreds of embarrassing tweets, status updates or photos online?

The point here is that things change, systems evolve and integrate with one another in unpredictable ways. Terms of use and privacy policies are not necessarily maintained when a company is bought. Back in 2007, with daily fail whales, I don't imagine you expected that your drivel about being late to work because your dog soiled your best shoes would make its way into the Library of Congress…

 

Your movements.

Sure, Foursquare and Brightkite can be fun tools to find like-located people and Google Latitude will let your 500 friends know where you are without having to text every single one of them. They do have uses. But as sites like Please Rob Me (check out these articles on Forbes and Mashable for more detail) have shown, they also have rather significant downfalls.

Publishing your every movement online is a problem for the same reasons elaborated above.

 

I know where you are anyway.

It's great to have a visitor from {city}, like you are.

EDIT: I've migrated my blogging software 3 times since this post was originally authored and haven't bothered re-integrating geolocation...yet.

How do I know that? Something called geolocation. You connect to this blog and without you even knowing it (or giving permission) it detects your approximate location. This is not a virus nor have I hacked your computer. This is made possible (and easy) by the way the Internet was built. It takes only a small amount of skill to find out where any user on the Internet is. This is how you have seen things like classified or dating site ads targeted to your city.

With a bit of skill, though, it's not hard to start connecting dots.

(If you don't believe this is genuine, send this article to a friend in a different city and ask them what the above text reads.)

 

What is the alternative model? Is the model even relevant?

In a recent conversation I had with Mike Gifford, he explained that:

It may be that privacy is the issue, might just be that something else takes it's place. Likely there will be a combination of things that move people away.

Seems like most are quite happy if they can send goofy videos to their friends and attend to a virtual farm. However, these are things that will be possible to do in other areas as well. Facebook is no longer cool, and hopefully the new open source social networks will be. But it will be the cool factor that gets folks to move and not the privacy issue.

I think Mike is spot on. In this article I used Facebook as an example of a danger to privacy but the principles of maintaining the privacy of your private life will stand for any social networking medium, indeed for any medium at all.

I certainly don't think that Facebook is some kind of evil entity with a malicious intent to expose your private life for some clandestine gain (as some people do). Facebook is a business borne of a desire to connect people. It's raison d'être is precisely to allow you to share personal information with people you know, as well as with people you don't yet know but whom you might want to meet.

The two basic premises of this article is that (1) individuals should be concerned about their privacy, and (2) should be careful about sharing private information at all. The model (e.g., Facebook) is only the vehicle used to share the information. It could just as easily be a blog, MySpace, your LinkedIn page, or in a thread of inter-office emails.

 

What you can do about it.

The French have preserved a Latin expression for this: La parole s'enfuit, l'écrit reste (the spoken word evaporates but the written word is permanent). Always assume that anything you put on the Internet or down on paper will be around forever. This is especially true with GoogleArchive.org (aka The Wayback Machine) and others gobbling up and saving everything they
can get their hands on.

These links will open your Facebook pages. Go to your profile settings and delete everything you don't want everyone in the world to know. Then go to your application settings and disallow everything they let you; your public information will still be visible. As I've demonstrated above, you can't rely on Facebook's photo privacy settings, or your account's privacy settings, so don't even bother editing those. Remove information you don't want everyone to know, don't just hide it.

Do the same on every social network and web site you belong to (with the potential exception of sites you feel confident about, like your bank, who legitimately need information like your postal address).

 

As I'm publishing…

While writing this blog article, The New York Times published this story: Facebook Unveils Simplified Approach to Privacy. If you've taken anything away from this article, I would hope that it would be the idea that privacy tools are only a stop-gap and that real privacy comes from not putting too much private information out there in the first place. To wit, the Ottawa Citizen  published this article at the same moment: Border guard used private info to woo women on Facebook.

 

The photograph of the UH-1 pilot was taken by Pte Melissa Spence, sourced from the press album of the Department of National Defence with the following caption "English\Anglais; GD2008-0687-01; 20 Aug 08; 14 Wing Greenwood, NS, Canada. 413 Squadron (Sqn) Cormorant pilot, Captain (Capt) Andrew Mercer, flies the Search and Rescue (SAR) helicopter from 14 Wing Greenwood, Nova Scotia (NS) to Shippegan, New Brunswick (NB)."