Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

5/3/2012
03:23 PM
Connect Directly
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Facebook Privacy: 5 Most Ignored Mistakes

A Consumer Reports survey of Facebook users reveals many people still ignore privacy controls and sharing risks. Do you understand the common mistakes that could bite back?

6 Social Sites Sitting On The Cutting Edge
6 Social Sites Sitting On The Cutting Edge
(click image for larger view and for slideshow)
Facebook no longer represents that it offers privacy as a matter of policy, like some other companies do. It states outright that it will use your data. It has a Data Use Policy instead of a Privacy Policy.

But consider the dictionary definition of privacy: 1) The state or condition of being free from being observed or disturbed by other people; 2) The state of being free from public attention. If that's your gold standard, then you cannot use Facebook or any other online service for that matter, at least not without privacy-protecting technology. Once you venture online, once you share, you're talking about something less than privacy. Online services may talk about how they respect privacy, but they should really be talking about data usage and sharing.

Facebook's privacy settings would be better referred to as sharing settings. That might encourage more people to use them. According to Consumer Reports, 13 million out of 150 million U.S. Facebook users don't use, or are not aware of, Facebook's privacy settings.

[ Learn more about Facebook's good developer seal of approval. Read Facebook Blesses Adobe Social Marketing Apps. ]

Consumer Reports' data comes from a survey of 2,002 online households, 1,340 of which are active on Facebook. From this limited data set, the magazine has projected nationwide Facebook usage trends. The magazine's findings reveal some surprising privacy blind spots.

1. Privacy Settings

The fact that only 13 million, or 8.6%, of U.S. Facebook users, don't use, or don't know about, Facebook's privacy settings can be seen as encouraging because it's a relatively small percentage. It's high compared to the rate of illiteracy in the United States, which is about 1% or less if you accept a very lax definition of literacy. But it's about what you'd expect if you consider functional illiteracy, which suggests some 23 million U.S. adults have very low reading skills. If you use Facebook, Facebook literacy is a must.

2. Location Sharing

Consumer Reports estimates that 4.8 million people have published posts that contain details about their whereabouts during the day. The magazine calls this "a potential tip-off to burglars." While there have been reports of burglaries linked to online posts about being away from home, you have to wonder whether other methods of location broadcasting--such as leaving home, when anyone might observe your absence without leaving an online data trail--might not present more of a risk. Even so, it's probably best to think twice about saying too much about one's travel plans.

3. "Liking" Things That Could Be Used Against You

Some 4.7 million people have "liked" a Facebook page about a health condition or treatment. Consumer Reports suggests insurers could use this information against you. That may sound far-fetched, but there have already been documented cases of insurers scouring Facebook to fight fraud. And as Consumer Reports notes, the IRS and other government agencies are allowed to comb Facebook, and in some instances friend people, to fight fraud.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Deb Donston-Miller
50%
50%
Deb Donston-Miller,
User Rank: Apprentice
5/7/2012 | 1:07:51 AM
re: Facebook Privacy: 5 Most Ignored Mistakes
I've observed that far more people have made their full profiles, walls, etc. visible only to friends. That's progress. I think what's really confusing to users now is the use of Facebook and other social networking apps as a sign-on for other apps. I think the implications of doing so aren't fully understood.

Deb Donston-Miller
Contributing Editor, The BrainYard
AustinIT
50%
50%
AustinIT,
User Rank: Apprentice
5/6/2012 | 4:49:20 PM
re: Facebook Privacy: 5 Most Ignored Mistakes
Facebook and its ilk will go down as one of the biggest social experiments in history. I think entire generations of "Facebook Friends" are going to seriously regret the trail they left behind when they finally grow up and realize the damage they have done.

Information is information and you'd be really surprised at how publicly gleaned data is being used. Take a look at the insurance industry for one. They've successfully screwed the health care industry for everyone. They did it with data. I can just imagine the euphoria that all this social data has given the lawyers, PACS, and lobbyists over at the "exclusion" department. Just saying...
Bprince
50%
50%
Bprince,
User Rank: Ninja
5/6/2012 | 7:45:18 AM
re: Facebook Privacy: 5 Most Ignored Mistakes
I wonder how much of number one was affected by the switch to Timeline. I have observed some people who are friends of friends on Facebook whose privacy settings no longer seem to be as strict.
Brian Prince, InformationWeek/Dark Reading Comment Moderator
News
Inside the Ransomware Campaigns Targeting Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
Commentary
Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-23371
PUBLISHED: 2021-04-12
This affects the package chrono-node before 2.2.4. It hangs on a date-like string with lots of embedded spaces.
CVE-2020-24285
PUBLISHED: 2021-04-12
INTELBRAS TELEFONE IP TIP200 version 60.61.75.22 allows an attacker to obtain sensitive information through /cgi-bin/cgiServer.exx.
CVE-2021-29379
PUBLISHED: 2021-04-12
** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered on D-Link DIR-802 A1 devices through 1.00b05. Universal Plug and Play (UPnP) is enabled by default on port 1900. An attacker can perform command injection by injecting a payload into the Search Target (ST) field of the SSDP M-SEARCH discover pa...
CVE-2015-20001
PUBLISHED: 2021-04-11
In the standard library in Rust before 1.2.0, BinaryHeap is not panic-safe. The binary heap is left in an inconsistent state when the comparison of generic elements inside sift_up or sift_down_range panics. This bug leads to a drop of zeroed memory as an arbitrary type, which can result in a memory ...
CVE-2020-36317
PUBLISHED: 2021-04-11
In the standard library in Rust before 1.49.0, String::retain() function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the sam...