David Baxter PhD
Late Founder
Facebook users: Trading privacy for friends
Sun Sep 30, 2007
Social networking sites like Facebook have wooed millions of users with their easy format for keeping in touch, but left them navigating the pitfalls of interacting online - is it really private?
The debate - which some debunk - is heating up after the once-exclusive Facebook recently began listing profiles on public search engines like Google and Yahoo.
On the networking sites, users create profiles detailing their likes and dislikes, post photos, list contacts, work and school background, and meet up - often daily - with old and new friends on the Internet.
But to do this effectively requires posting personal information that could expose users to spying by ID fraudsters, teachers, employers, stalkers, even parents - not to mention advertisers looking to target their products.
Catherine Dwyer, a lecturer at New York's Pace University who specialises in social networking sites, summed up the conundrum.
"If you want any kind of interaction you have to be engaged and reveal things," she said.
"Privacy means having a small number of friends, but that is not really consistent with being a fully engaged user."
Privacy settings
Data posted on Facebook - which was started at Harvard University in 2004, but has grown rapidly over the last year to reach a global membership of 42 million - is not in theory open to everyone.
Customised privacy settings allow users to restrict access to people they accept as friends or those in their school or work network.
This provides more protection than the older networking site MySpace, which Ms Dwyer says attracts 47 million unique users in the US every month. MySpace profiles are open to the public.
However, when Facebook announced the new link with search engines like Google, it triggered concern that what began as a cosy tool for people to stay in touch has bloated into a crass online directory.
Facebook engineer Phil Fung has defended the move as one to "help more people connect" - which could translate into more advertising, thus more worth, ahead of a possible public listing on the stock market - and stresses that the same privacy settings will still apply.
But a study released in Britain last month by global IT security firm Sophos found many members were not using these settings effectively.
The firm created a fake profile and asked 200 strangers to be its friend.
Forty-one per cent agreed, giving the firm complete access to their profiles including enough information to "guess users' passwords, impersonate them or even stalk them," said Sophos technology consultant Graham Cluley.
He said that although Facebook gave them tools to protect themselves, people were "undoing all that good work through carelessness and being preoccupied with the kudos of having more Facebook friends than their peers."
ID fraud
Sophos warns specifically of the dangers of ID fraud posed by such behaviour, although Tony Neate, managing director of Get Safe Online - an Internet safety campaign sponsored by the UK Government - has cautioned against "scaremongering."
The former police detective recalled a recent case of a woman whose purse was stolen in a nightclub in London. Thieves looked her name up on the Internet and used the details posted there to "run amok" with her credit cards.
But such cases are rare, he says.
"It's not about scaremongering but about education. Be aware of what you are putting online and what people could use."
Spies
Sometimes the "spies" are unexpected.
Users - often teenagers or 20-somethings - have been caught short by university officials and future employers who have used the networking site to check up on a person's behaviour.
Oxford University student Alex Hill told The Guardian in July that she had been charged by university authorities "for breaching rules and being 'disorderly' on the basis of photographic evidence from Facebook."
The student union has now advised students to tighten restrictions on their Facebook profiles, although its president, Martin McCluskey, says that many people continue to allow access to everyone from the Oxford University network - which includes tens of thousands of people.
For some users, the privacy stakes are even higher - a political storm broke out last month when the media reported that the 17-year-old daughter of US Republican presidential hopeful Rudy Giuliani had joined a Facebook group in support of a Democratic rival candidate Barack Obama.
She had to take down her profile.
"We are really heading into new modes of publishing ourselves, we are kind of learning on the job," Ms Dwyer said.
"People trust their own judgment."
Charlotte MacCormack, a 17-year-old Facebook user from London - which now has the site's biggest network - conceded that it was "hard to be sure" who could access her details online.
"On the other hand, if I were that worried about it, I wouldn't be on here," she said.
Sun Sep 30, 2007
Social networking sites like Facebook have wooed millions of users with their easy format for keeping in touch, but left them navigating the pitfalls of interacting online - is it really private?
The debate - which some debunk - is heating up after the once-exclusive Facebook recently began listing profiles on public search engines like Google and Yahoo.
On the networking sites, users create profiles detailing their likes and dislikes, post photos, list contacts, work and school background, and meet up - often daily - with old and new friends on the Internet.
But to do this effectively requires posting personal information that could expose users to spying by ID fraudsters, teachers, employers, stalkers, even parents - not to mention advertisers looking to target their products.
Catherine Dwyer, a lecturer at New York's Pace University who specialises in social networking sites, summed up the conundrum.
"If you want any kind of interaction you have to be engaged and reveal things," she said.
"Privacy means having a small number of friends, but that is not really consistent with being a fully engaged user."
Privacy settings
Data posted on Facebook - which was started at Harvard University in 2004, but has grown rapidly over the last year to reach a global membership of 42 million - is not in theory open to everyone.
Customised privacy settings allow users to restrict access to people they accept as friends or those in their school or work network.
This provides more protection than the older networking site MySpace, which Ms Dwyer says attracts 47 million unique users in the US every month. MySpace profiles are open to the public.
However, when Facebook announced the new link with search engines like Google, it triggered concern that what began as a cosy tool for people to stay in touch has bloated into a crass online directory.
Facebook engineer Phil Fung has defended the move as one to "help more people connect" - which could translate into more advertising, thus more worth, ahead of a possible public listing on the stock market - and stresses that the same privacy settings will still apply.
But a study released in Britain last month by global IT security firm Sophos found many members were not using these settings effectively.
The firm created a fake profile and asked 200 strangers to be its friend.
Forty-one per cent agreed, giving the firm complete access to their profiles including enough information to "guess users' passwords, impersonate them or even stalk them," said Sophos technology consultant Graham Cluley.
He said that although Facebook gave them tools to protect themselves, people were "undoing all that good work through carelessness and being preoccupied with the kudos of having more Facebook friends than their peers."
ID fraud
Sophos warns specifically of the dangers of ID fraud posed by such behaviour, although Tony Neate, managing director of Get Safe Online - an Internet safety campaign sponsored by the UK Government - has cautioned against "scaremongering."
The former police detective recalled a recent case of a woman whose purse was stolen in a nightclub in London. Thieves looked her name up on the Internet and used the details posted there to "run amok" with her credit cards.
But such cases are rare, he says.
"It's not about scaremongering but about education. Be aware of what you are putting online and what people could use."
Spies
Sometimes the "spies" are unexpected.
Users - often teenagers or 20-somethings - have been caught short by university officials and future employers who have used the networking site to check up on a person's behaviour.
Oxford University student Alex Hill told The Guardian in July that she had been charged by university authorities "for breaching rules and being 'disorderly' on the basis of photographic evidence from Facebook."
The student union has now advised students to tighten restrictions on their Facebook profiles, although its president, Martin McCluskey, says that many people continue to allow access to everyone from the Oxford University network - which includes tens of thousands of people.
For some users, the privacy stakes are even higher - a political storm broke out last month when the media reported that the 17-year-old daughter of US Republican presidential hopeful Rudy Giuliani had joined a Facebook group in support of a Democratic rival candidate Barack Obama.
She had to take down her profile.
"We are really heading into new modes of publishing ourselves, we are kind of learning on the job," Ms Dwyer said.
"People trust their own judgment."
Charlotte MacCormack, a 17-year-old Facebook user from London - which now has the site's biggest network - conceded that it was "hard to be sure" who could access her details online.
"On the other hand, if I were that worried about it, I wouldn't be on here," she said.
