Risk
5/3/2012
03:23 PM
Connect Directly
LinkedIn
Twitter
Google+
RSS
E-Mail
50%
50%

Facebook Privacy: 5 Most Ignored Mistakes

A Consumer Reports survey of Facebook users reveals many people still ignore privacy controls and sharing risks. Do you understand the common mistakes that could bite back?

6 Social Sites Sitting On The Cutting Edge
6 Social Sites Sitting On The Cutting Edge
(click image for larger view and for slideshow)
Facebook no longer represents that it offers privacy as a matter of policy, like some other companies do. It states outright that it will use your data. It has a Data Use Policy instead of a Privacy Policy.

But consider the dictionary definition of privacy: 1) The state or condition of being free from being observed or disturbed by other people; 2) The state of being free from public attention. If that's your gold standard, then you cannot use Facebook or any other online service for that matter, at least not without privacy-protecting technology. Once you venture online, once you share, you're talking about something less than privacy. Online services may talk about how they respect privacy, but they should really be talking about data usage and sharing.

Facebook's privacy settings would be better referred to as sharing settings. That might encourage more people to use them. According to Consumer Reports, 13 million out of 150 million U.S. Facebook users don't use, or are not aware of, Facebook's privacy settings.

[ Learn more about Facebook's good developer seal of approval. Read Facebook Blesses Adobe Social Marketing Apps. ]

Consumer Reports' data comes from a survey of 2,002 online households, 1,340 of which are active on Facebook. From this limited data set, the magazine has projected nationwide Facebook usage trends. The magazine's findings reveal some surprising privacy blind spots.

1. Privacy Settings

The fact that only 13 million, or 8.6%, of U.S. Facebook users, don't use, or don't know about, Facebook's privacy settings can be seen as encouraging because it's a relatively small percentage. It's high compared to the rate of illiteracy in the United States, which is about 1% or less if you accept a very lax definition of literacy. But it's about what you'd expect if you consider functional illiteracy, which suggests some 23 million U.S. adults have very low reading skills. If you use Facebook, Facebook literacy is a must.

2. Location Sharing

Consumer Reports estimates that 4.8 million people have published posts that contain details about their whereabouts during the day. The magazine calls this "a potential tip-off to burglars." While there have been reports of burglaries linked to online posts about being away from home, you have to wonder whether other methods of location broadcasting--such as leaving home, when anyone might observe your absence without leaving an online data trail--might not present more of a risk. Even so, it's probably best to think twice about saying too much about one's travel plans.

3. "Liking" Things That Could Be Used Against You

Some 4.7 million people have "liked" a Facebook page about a health condition or treatment. Consumer Reports suggests insurers could use this information against you. That may sound far-fetched, but there have already been documented cases of insurers scouring Facebook to fight fraud. And as Consumer Reports notes, the IRS and other government agencies are allowed to comb Facebook, and in some instances friend people, to fight fraud.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Deb Donston-Miller
50%
50%
Deb Donston-Miller,
User Rank: Apprentice
5/7/2012 | 1:07:51 AM
re: Facebook Privacy: 5 Most Ignored Mistakes
I've observed that far more people have made their full profiles, walls, etc. visible only to friends. That's progress. I think what's really confusing to users now is the use of Facebook and other social networking apps as a sign-on for other apps. I think the implications of doing so aren't fully understood.

Deb Donston-Miller
Contributing Editor, The BrainYard
AustinIT
50%
50%
AustinIT,
User Rank: Apprentice
5/6/2012 | 4:49:20 PM
re: Facebook Privacy: 5 Most Ignored Mistakes
Facebook and its ilk will go down as one of the biggest social experiments in history. I think entire generations of "Facebook Friends" are going to seriously regret the trail they left behind when they finally grow up and realize the damage they have done.

Information is information and you'd be really surprised at how publicly gleaned data is being used. Take a look at the insurance industry for one. They've successfully screwed the health care industry for everyone. They did it with data. I can just imagine the euphoria that all this social data has given the lawyers, PACS, and lobbyists over at the "exclusion" department. Just saying...
Bprince
50%
50%
Bprince,
User Rank: Ninja
5/6/2012 | 7:45:18 AM
re: Facebook Privacy: 5 Most Ignored Mistakes
I wonder how much of number one was affected by the switch to Timeline. I have observed some people who are friends of friends on Facebook whose privacy settings no longer seem to be as strict.
Brian Prince, InformationWeek/Dark Reading Comment Moderator
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7407
Published: 2014-10-22
Cross-site request forgery (CSRF) vulnerability in the MRBS module for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

CVE-2014-3675
Published: 2014-10-22
Shim allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted DHCPv6 packet.

CVE-2014-3676
Published: 2014-10-22
Heap-based buffer overflow in Shim allows remote attackers to execute arbitrary code via a crafted IPv6 address, related to the "tftp:// DHCPv6 boot option."

CVE-2014-3677
Published: 2014-10-22
Unspecified vulnerability in Shim might allow attackers to execute arbitrary code via a crafted MOK list, which triggers memory corruption.

CVE-2014-3828
Published: 2014-10-22
Multiple SQL injection vulnerabilities in Centreon 2.5.1 and Centreon Enterprise Server 2.2 allow remote attackers to execute arbitrary SQL commands via (1) the index_id parameter to views/graphs/common/makeXML_ListMetrics.php, (2) the sid parameter to views/graphs/GetXmlTree.php, (3) the session_id...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.