Do You (Heart) Facebook?  


With more users than the populations of most countries, Facebook certainly has fans. Yet, as the social-networking trailblazer evolves, it's making changes, many of which are causing concern in the privacy community and beyond.  



They say love is blind. And in this Valentine's Day-themed Tips Message, we'll take a closer look at how Facebook's enduring qualities may be masking its dangers. If you, a friend, a family member, a colleague or a client have a Facebook account, you won't want to miss this one.


The Most Intimate Details 

I've cautioned it before: Everything you post online can potentially be re-purposed by others. As we saw with the Manti Te'o controversy, something as simple as a stolen profile picture can knock over the first domino in a twisted tale of identity fraud. 


There is an excellent video here, warning how the things you post online, even in what you believe are safe, secure environments, can be used by fraudsters, criminals and charlatans, to hijack your life.

An Embarrassment is Coming


If they don't invest the time in reviewing the information that's been published about them, Facebook users are in for a potentially embarrassing surprise. That's because Facebook is working toward making more of its content searchable with its Graphs Search feature. 


What will be searchable? All the information (personal, professional, pictorial) you post, and that other Facebook users post about you. Additionally, your likes, and in many cases simply the websites you've visited that have hooks back into Facebook, will be searchable.


This article explains it well, and in it, writer Meghan Kelly gives one of the best analogies for Facebook I have read:


Facebook is like a safe containing a ton of your personal information - which you've purposefully and willfully cracked with an axe.


Beyond searching for what's already out there about you, commit to practicing good social etiquette. Don't "check in" your friends for them (without their knowledge!), post pictures of them they may not appreciate or tag them to one of your posts without their permission. Even the tamest of details may cause trouble for them, not to mention, trouble for your relationship. 


Tame the Tagging


Being "tagged" on Facebook means another user has added content and publically associated you with that content. A friend may post a picture of you at the beach. By tagging you, that photo will show up on your profile (if your settings allow).


There is a setting in Facebook that allows users to approve any tags before they are posted to their timeline. This blog post on Business2Community does a great job of showing readers exactly how to set Facebook to alert them to requests for tags. This isn't just a good way to easily give friends permission to tag you; it's an excellent way to keep track of the content in which you've been tagged.


I enabled this setting soon after I started using Facebook when an acquaintance began tagging me to images of peppers, scissors and other somewhat bizarre things. Who needs to have someone else associate them with things to which they have no legitimate connection?  


The post goes on to explain the difference between Facebook Profiles (now known as "Timelines") and Facebook Pages. There are some unique features about Pages that make these tags post differently, so if you manage a Product, Brand or Person Facebook Page, this will be an especially good article for you.  

For more emerging tagging concerns, see:


Unsolicited Email Gets a Boost


In addition to announcing its plans for Graphs Search, Facebook also began allowing strangers to message  you using the Facebook email service... for a price, of course. According to Mashable, Facebook is testing a new option to charge users $1 to send a message to another user's inbox.


Two schools of thought exist: 1) Facebook is doing this to generate revenue and satisfy anxious shareholders; 2) Facebook is doing this to reduce spam (charging senders a fee).


Wherever you land, it could be argued that a person's mere presence on Facebook makes them a target. The entity aiming for you may be above-board (think marketing firms), yet it could be criminal (think identity theft rings). Worse yet, it could be crazy (think stalkers).  


The above is all the more reason not to use Facebook email as one of your primary email services.

Breaking Up with Your Apps


Facebook apps allow websites to gather information about your online behavior anytime you are logged into Facebook (worrying for users who never log out). 


One of the most common troubles caused by these types of apps comes when a person reads an online article only to find that action has resulted in a Facebook timeline post (e.g. "Rebecca Herold read this article."). Depending on the contents of the article, this could be embarrassing, giving your Facebook friends...or your employers, schools and relatives... insight into your personal problems, quirks, fears or uncertainties.


If you've been burned by one too many Facebook apps, you may be ready to call it quits. Fortunately, disabling Facebook apps is simple. Here's a good article that talks through how to disable all apps while offering the reminder that doing so will cut off communication with all apps, even the ones you enjoy.

Here's how to disable/delete just those apps you don't use any more, or that are too invasive:

1) Go to the upper right and click the gear-shaped icon
2) Click "Account Settings"
3) On the left side of the list click "Apps"
4) You will see the list of apps you use. Click the "x" to remove the ones you no longer use or no longer want.


For those of you who enjoy the connectivity of social networks, understand that all these apps are potentially sharing info, accumulating a repository of data and information specific to you and to your behaviors. By itself the data may be useless, but when companies (and others) run analytics on that data, a great amount of insight can be revealed about you. How might the government (think taxes) or your homeowner's insurance (think higher premiums) be able to put this analyzed data to use? The future holds the answer.

Foursquare Updates Privacy Policies


Two areas of concern jumped out at me when I read the updated privacy policy from popular Facebook plugin Foursquare. 


First, the geo-location social network will be sharing the full name of its users. Second, it will publish its users' histories, documenting the places they've visited, including dates and times.


This publication of history could cause significant trouble for Foursquare users if used by others for unforeseen purposes (think police investigations, divorce proceedings, criminal cases, contradictions to what you told family, friends and employers, etc.).


If you are a Foursquare user, be aware of these changes. If you don't want yet another entity keeping track of what you are doing, you may want to disable this feature. 



Revamped Privacy Policy for Instagram


Owned by Facebook, Instagram took its new privacy policy live on Jan. 19 (just in time for Data Privacy Day on Jan. 28!). The photo sharing network promised to take into account the feedback it received after announcing its revamped policies in December 2012.


Take a look at policies themselves (Privacy Policy and Terms of Use), as well as the blog post Instagram crafted to announce the new policies, and then let me know what you think. Did the Facebook entity live up to its promises? 

Term of the month


"Big Data"


In the IT community, the term is used to describe large pools of electronic data that can't be managed by traditional database management tools. In privacy circles, however, big data describes something much larger - the sharing of information between entities for the potential purposes of revealing "truths" about individuals. 


By itself, the billions of lines of data are useless. When handed over to data analysts with advanced, scientific degrees, however, much can be revealed about a person. While advanced, this analysis is not always perfect. So, most concerning to privacy advocates is the potential for analysis to paint the wrong picture. Inaccurate or incorrect data and even faulty human or computer interpretation can create a Big Data persona that looks nothing like the real person behind the data.



FYI, I'm currently writing a series of papers about Big Data for Cutter Consortium, a global IT advisory firm. Be on the lookout for more information. 



Did You Celebrate Data Privacy Day?


I was so thrilled to have not only the Iowa Governor declare Jan. 28 Data Privacy Day in our state, but also to hear of other states recognizing this important day. Congratulations to those of you who are looking to do this in your own state! If there's anything I can do to help craft the language for your own state proclamation requests for Data Privacy Day 2014, just let me know.  


The influence of social networking, not only Facebook, is felt in every corner of our culture. These tools, still in their infancy, have reconnected long-lost friends and expanded neighborhoods even as the time we have to spend with one another in person shrinks. 


At the same time, we must all exercise caution when relying on these tools for connection with our friends, family and coworkers. As with most revolutionary technology, there are pitfalls. With the right balance, however, we can enjoy them safely.



Got a privacy concern? 


Drop me a line and tell me your thoughts. I may make it a topic of a future Tips message.  



Wishing you a happy, healthy February and a wonderfully sweet Valentine's Day!


Rebecca Herold, CISSP, CIPP
The Privacy Professor®
Rebecca Herold & Associates, LLC
Mobile: 515.491.1564, Business: 515.996.2199