Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

5/3/2012
03:23 PM
Connect Directly
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Facebook Privacy: 5 Most Ignored Mistakes

A Consumer Reports survey of Facebook users reveals many people still ignore privacy controls and sharing risks. Do you understand the common mistakes that could bite back?

6 Social Sites Sitting On The Cutting Edge
6 Social Sites Sitting On The Cutting Edge
(click image for larger view and for slideshow)
Facebook no longer represents that it offers privacy as a matter of policy, like some other companies do. It states outright that it will use your data. It has a Data Use Policy instead of a Privacy Policy.

But consider the dictionary definition of privacy: 1) The state or condition of being free from being observed or disturbed by other people; 2) The state of being free from public attention. If that's your gold standard, then you cannot use Facebook or any other online service for that matter, at least not without privacy-protecting technology. Once you venture online, once you share, you're talking about something less than privacy. Online services may talk about how they respect privacy, but they should really be talking about data usage and sharing.

Facebook's privacy settings would be better referred to as sharing settings. That might encourage more people to use them. According to Consumer Reports, 13 million out of 150 million U.S. Facebook users don't use, or are not aware of, Facebook's privacy settings.

[ Learn more about Facebook's good developer seal of approval. Read Facebook Blesses Adobe Social Marketing Apps. ]

Consumer Reports' data comes from a survey of 2,002 online households, 1,340 of which are active on Facebook. From this limited data set, the magazine has projected nationwide Facebook usage trends. The magazine's findings reveal some surprising privacy blind spots.

1. Privacy Settings

The fact that only 13 million, or 8.6%, of U.S. Facebook users, don't use, or don't know about, Facebook's privacy settings can be seen as encouraging because it's a relatively small percentage. It's high compared to the rate of illiteracy in the United States, which is about 1% or less if you accept a very lax definition of literacy. But it's about what you'd expect if you consider functional illiteracy, which suggests some 23 million U.S. adults have very low reading skills. If you use Facebook, Facebook literacy is a must.

2. Location Sharing

Consumer Reports estimates that 4.8 million people have published posts that contain details about their whereabouts during the day. The magazine calls this "a potential tip-off to burglars." While there have been reports of burglaries linked to online posts about being away from home, you have to wonder whether other methods of location broadcasting--such as leaving home, when anyone might observe your absence without leaving an online data trail--might not present more of a risk. Even so, it's probably best to think twice about saying too much about one's travel plans.

3. "Liking" Things That Could Be Used Against You

Some 4.7 million people have "liked" a Facebook page about a health condition or treatment. Consumer Reports suggests insurers could use this information against you. That may sound far-fetched, but there have already been documented cases of insurers scouring Facebook to fight fraud. And as Consumer Reports notes, the IRS and other government agencies are allowed to comb Facebook, and in some instances friend people, to fight fraud.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Deb Donston-Miller
50%
50%
Deb Donston-Miller,
User Rank: Apprentice
5/7/2012 | 1:07:51 AM
re: Facebook Privacy: 5 Most Ignored Mistakes
I've observed that far more people have made their full profiles, walls, etc. visible only to friends. That's progress. I think what's really confusing to users now is the use of Facebook and other social networking apps as a sign-on for other apps. I think the implications of doing so aren't fully understood.

Deb Donston-Miller
Contributing Editor, The BrainYard
AustinIT
50%
50%
AustinIT,
User Rank: Apprentice
5/6/2012 | 4:49:20 PM
re: Facebook Privacy: 5 Most Ignored Mistakes
Facebook and its ilk will go down as one of the biggest social experiments in history. I think entire generations of "Facebook Friends" are going to seriously regret the trail they left behind when they finally grow up and realize the damage they have done.

Information is information and you'd be really surprised at how publicly gleaned data is being used. Take a look at the insurance industry for one. They've successfully screwed the health care industry for everyone. They did it with data. I can just imagine the euphoria that all this social data has given the lawyers, PACS, and lobbyists over at the "exclusion" department. Just saying...
Bprince
50%
50%
Bprince,
User Rank: Ninja
5/6/2012 | 7:45:18 AM
re: Facebook Privacy: 5 Most Ignored Mistakes
I wonder how much of number one was affected by the switch to Timeline. I have observed some people who are friends of friends on Facebook whose privacy settings no longer seem to be as strict.
Brian Prince, InformationWeek/Dark Reading Comment Moderator
News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27132
PUBLISHED: 2021-02-27
SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via the Content-Disposition header.
CVE-2021-25284
PUBLISHED: 2021-02-27
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.
CVE-2021-3144
PUBLISHED: 2021-02-27
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
CVE-2021-3148
PUBLISHED: 2021-02-27
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
CVE-2021-3151
PUBLISHED: 2021-02-27
i-doit before 1.16.0 is affected by Stored Cross-Site Scripting (XSS) issues that could allow remote authenticated attackers to inject arbitrary web script or HTML via C__MONITORING__CONFIG__TITLE, SM2__C__MONITORING__CONFIG__TITLE, C__MONITORING__CONFIG__PATH, SM2__C__MONITORING__CONFIG__PATH, C__M...