Social network is a social structure made up of a set of social actors (such as individuals or organizations), sets of dyadic ties, and other social interactions between actors. Privacy concerns with social networking services is a subset of data privacy, involving the right of mandating personal privacy concerning storing, re-purposing, provision to third parties, and displaying of information pertaining to oneself via the Internet. Social network security and privacy issues result from the astronomical amounts of information these sites process each day. Features that invite users to participate in--messages, invitations, photos, open platform applications and other applications are often the venues for others to gain access to a user's private information. In addition, the technologies needed to deal with user's information may intrude their privacy. More specifically, In the case of Facebook. Adrienne Felt, a Ph.D. candidate at Berkeley, made small headlines last year when she exposed a potentially devastating hole in the framework of Facebook's third-party application programming interface (API). It made it easier for people to lose their privacy. Felt and her co-researchers found that third-party platform applications on Facebook are provided with far more user information than it is needed. This potential privacy breach is actually built into the systematic framework of Facebook. Unfortunately, the flaws render the system to be almost indefensible. "The question for social networks is resolving the difference between mistakes in implementation and what the design of the application platform is intended to allow," said David Evans, Assistant Professor of Computer Science at the University of Virginia. Moreover, there is also the question of who should be held responsible for the lack of user privacy? According to Evan, the answer to the question is not likely to be found, because a better regulated API would be required for Facebook "to break a lot of applications, [especially when] a lot of companies are trying to make money off [these] applications." Felt agrees with her conclusion, because "there are marketing businesses built on top of the idea that third parties can get access to data and user information on Facebook."
The advent of the Web 2.0 has caused social profiling and is a growing concern for internet privacy. Web 2.0 is the system that facilitates participatory information sharing and collaboration on the Internet, in social networking media websites like Facebook and MySpace. These social networking sites have seen a boom in their popularity starting from the late 2000s. Through these websites many people are giving their personal information out on the internet.
These social networks keep track of all interactions used on their sites and save them for later use. Issues include cyberstalking, location disclosure, social profiling, 3rd party personal information disclosure, and government use of social network websites in investigations without the safeguard of a search warrant.
Maps, Directions, and Place Reviews
History
Prior to the social networking site explosion over the past decade, there were early forms of social network technologies that included online multiplayer games, blog sites, news groups, mailings lists and dating services. These all created a backbone for the new modern sites, and even from the start of these older versions privacy was an issue. In 1996, a young woman in New York City was on a first date with an online acquaintance and later sued for sexual harassment, after her date tried to play out some of the sexual fantasies they had discussed while online. This is just an early example of many more issues to come regarding internet privacy.
In the past, social networking sites primarily consisted of the capability to chat with others in a chat room, which was far less popular than social networks today. People using these sites were seen as "techies" unlike users in the current era. One of the early privacy cases was in regards to MySpace, due to "stalking of minors, bullying, and privacy issues," which inevitably led to the adoption of "age requirements and other safety measures". It is very common in society now for events such as stalking and "catfishing" to occur, hence the reason security has become such a prominent topic.
Causes
There are several reasons why invasion of privacy occurs among social network sites.
Various levels of privacy offered
Social networking sites vary in the levels of privacy offered. For some social networking sites like Facebook, providing real names and other personal information is encouraged by the site(onto a page known as a 'Profile'). This information usually consists of birth date, current address, and telephone number(s). Some sites also allow users to provide more information about themselves such as interests, hobbies, favorite books or films, and even relationship status. However, there are other social network sites, such as Match.com, where most people prefer to be anonymous. Thus, linking users to their real identity can sometimes be rather difficult. Nevertheless, individuals can sometimes be identified with face re-identification. Studies have been done on two major social networking sites, and it is found that by overlapping 15% of the similar photographs, profile pictures with similar pictures over multiple sites can be matched to identify the users.
People concern
For sites that do encourage information disclosure, it has been noted that majority of the users have no trouble disclosing their personal information to a large group of people. In 2005, a study was performed to analyze data of 540 Facebook profiles of students enrolled at Carnegie Mellon University. It was revealed that 89% of the users gave genuine names, and 61% gave a photograph of themselves for easier identification. Majority of users also had not altered their privacy setting, allowing a large number of unknown users to have access to their personal information (the default setting originally allowed friends, friends of friends, and non friends of the same network to have full view of a user's profile). It is possible for users to block other users from locating them on Facebook, but this must be done by individual basis, and would therefore appear not to be commonly used for a wide number of people. Most users do not realize that while they may make use of the security features on Facebook the default setting is restored after each update. All of this has led to many concerns that users are displaying far too much information on social networking sites which may have serious implications on their privacy. Facebook was criticized due to the perceived laxity regarding privacy in the default setting for users.
User awareness in social networking sites
Users are often the targets as well as source of information in social networking. Users leave digital imprints during browsing of social networking sites or services. It has been identified from few of online studies conducted, that users trust websites and social networking sites. As per trust referred, "trust is defined in (Mayer, Davis, and Schoorman, 1995) as "the willingness of a party to be vulnerable to the actions of another party based on the expectation that the other will perform a particular action important to the trustor, irrespective of the ability to monitor or control that other party" (p. 712)". A survey was conducted by Carnegie Mellon University, a majority of users provided their living city, phone numbers among other personal information, while user is clearly unaware of consequences of sharing certain information. Adding to this insight, is the social networking users are from various cities, remote villages, towns, cultures, traditions, religions, background, economic classes, education background, time zones and so on that highlight the significant gap in awareness.
The survey results of the paper suggest, "These results show that the interaction of trust and privacy concern in social networking sites is not yet understood to a sufficient degree to allow accurate modeling of behavior and activity. The results of the study encourage further research in the effort to understand the development of relationships in the online social environment and the reasons for differences in behavior on different sites."
As per reference, a survey conducted among social networking users in Carnegie Mellon University was indicative of following as reasons for lack of user awareness :
1) People's disregard of privacy risks due to trust in privacy and protection offered in social networking sites.
2) Availability of user's personal details to third-party tools/applications.
3) APIs and Frameworks also enable any user, who has fair amount of knowledge to extract the user's data.
4) Cross-site forgery and other possible website threats.
There is hence a dire need for improving User's awareness swiftly, in order to address growing security and privacy concerns caused due to merely user's unawareness. Social networking sites themselves can take a responsibility and make such awareness possible by means of participatory methods by virtual online means.
Data access methods
There are several ways for third parties to access user information.
Share it with third parties
Nearly all of the most popular applications on Facebook--including Farmville, Causes, and Quiz Planet--have been sharing users' information with advertising and tracking companies. Even though Facebook's privacy policy says they can provide "any of the non-personally identifiable attributes we have collected" to advertisers, they violate this policy. If a user clicked a specific ad in a page, Facebook will send the address of this page to advertisers, which will directly led to a profile page. In this case, it is easy to identify users' names.
API
Application programming interface(API) is a set of routines, protocols, and tools for building software applications. By using query language, sharing content and data between communities and applications became much easier. APIs simplify all that by limiting outside program access to a specific set of features--often enough, requests for data of one sort or another. APIs clearly define exactly how a program will interact with the rest of the software world--saving time.
Search engines
Search engines are an easy way to find information without scanning every site yourself. Key words that are typed into a search box will lead to the results. So it is necessary to make sure that the keywords typed are precise and correct. There are many of such search engines, some of which may led the user to fake sites which may obtain personal information or are laden with viruses. Furthermore, some search engines, like DuckDuckGo, will not violate the user's privacy.
Benefit from data
This accessible data along with data mining technology, users' information can be used in different ways to improve customer service.
According to what you retweet, what you like and the hashtag, Twitter can recommend some topics and advertisements. Twitter's suggestions for who to follow is done by this recommendation system. Commerce, such as Amazon, make use of uses' information to recommend items for users. Recommendations are based on at least prior purchases, shopping cart and wishlist. Affinity analysis is a data mining technique that used to understand the purchase behavior of customers.
By using machine learning method, whether a user is a potential follower of Starbucks can be predicted. In that case, it is possible to improve the quality and coverage of applications. In addition, user profiles can be used to identify similar users.
More than 1,000 companies are waiting in line to get access to millions of tweets from users that are using the popular social networking website. Companies believe that by using data mining technologies they would be able to gather important information that can be used for marketing and advertising.
According to Gary Kovacs's speech about Tracking our online trackers, when he used internet to find an answer to a question, "We are not even 2 bites into breakfast and there are already nearly 25 sites that are tracking me", and he was navigated by 4 of them.
Privacy concerns
Studies have shown that people's right to the belief in privacy is the most pivotal predicator in their attitudes concerning online privacy.
Social profiling and 3rd party disclosure
The Privacy Act of 1974 states:
Disclosure in this context refers to any means of communication, be it written, oral, electronic or mechanical. This states that agencies are forbidden to give out, or disclose, the information of an individual without being given consent by the individual to release that information. However it falls on the individual to prove that a wrongful disclosure, or disclosure in general, has occurred. Because of this social networking sites such as Facebook ask for permission when a third-party application is requesting the users information.
Although The Privacy Act of 1974 does a lot to limit privacy invasion through third party disclosure, it does list a series of twelve exceptions that deem disclosure permissible:
Social profiling allows for Facebook and other social networking media websites of filtering through the advertisements, assigning specific ones to specific age groups, gender groups, and even ethnicities.
Data aggregation sites like Spokeo have highlighted the feasibility of aggregating social data across social sites as well as integrating it with public records. A 2011 study highlighted these issues by measuring the amount of unintended information leakage over a large number of users with varying number of social networks. It identified and measured information that could be used in attacks against what-you-know security.
Studies have also pointed to most social networks unintentionally providing 3rd party advertising and tracking sites with personal information. It raises the issue of private information inadvertently being sent to 3rd party advertising sites via Referrer strings or cookies.
Companies
On Facebook, there is one way to ensure protection against applications sharing personal information. On the privacy settings page, you can remove or turn off unwanted or spam applications.
Twitter has admitted that they have scanned and imported their user's phone contacts onto the website database so that they can learn more about their users. Most users were unaware that Twitter is created this way for new users to search for their friends. Twitter has stated that they will have their privacy guidelines illustrated more clearly in the future.
Institutional
A number of institutions have expressed concern over the lack of privacy granted to users on social networking sites. These include schools, libraries, and Government agencies.
Libraries
Libraries in the particular, being concerned with the privacy of individuals, have debated on allowing library patrons to access social networking sites on public library computers. While only 19% of librarians reportedly express real concern over social networking privacy, they have been particularly vocal in voicing their concerns. Some have argued that the lack of privacy found on social networking sites is contrary to the ethics supported by Library organizations, and the latter should thus be extremely apprehensive about dealing with the former. Supporters of this view present their argument from the code of ethics held by both the American Library Association and the UK based Chartered Institute of Library and Information Professionals, which affirms a commitment to upholding privacy as a fundamental right. In 2008, a study was performed in fourteen public libraries in the UK which found that 50% blocked access to social networking sites. Many school libraries have also blocked Facebook out of fear that children may be disclosing too much information on Facebook. However, as of 2011, Facebook has taken efforts to combat this concern by deleting profiles of users under the age of thirteen.
Potential dangers
Identity theft
As there is so much information provided other things can be deduced, such as the person's social security number, which can then be used as part of identity theft. In 2009, researchers at Carnegie Mellon University published a study showing that it is possible to predict most and sometimes all of an individual's 9-digit Social Security number using information gleaned from social networks and online databases. (See Predicting Social Security Numbers from Public Data by Acquisti and Gross) In response, various groups have advised that users either do not display their number, or hide it from Facebook 'friends' they do not personally know. Cases have also appeared of users having photographs stolen from social networking sites in order to assist in identity theft. There is little evidence that users of social networking sites are taking full measures to protect themselves from identity theft. For example, numerous celebrities have claimed their Twitter accounts have been hacked. According to the Huffington Post, Bulgarian IT consultant Bogomil Shopov claimed in a recent blog to have purchased personal information on more than 1 million Facebook users, for the shockingly low price of USD$5.00. The data reportedly included users' full names, email addresses and links to their Facebook pages. The following information could be used to steal the users' identities : Full names including middle name, date of birth, home town, relationship status, residential information, other hobbies and interest.
Preteens and early teenagers
The most vulnerable victims of private-information-sharing behavior are preteens and early teenagers. There have been age restrictions put on numerous websites but how effective they are is debatable. Findings have discovered that informative opportunities regarding internet privacy as well as concerns from parents, teachers, and peers, play a significant role on impacting the internet user's behavior towards online privacy. Additionally, other studies have also found that the heightening of adolescents' concern towards their privacy will also lead to a greater probability that they will utilize privacy-protecting behaviors. In the technological culture that society is developing into, not only adolescents' and parent's awareness should be risen, but society as a whole should acknowledge the importance of online privacy.
Sexual predators
Most major social networking sites are committed to ensuring that use of their services are as safe as possible. However, due to the high content of personal information placed on social networking sites, as well as the ability to hide behind a pseudo-identity, such sites have become increasingly popular for sexual predators [online]. Further, lack of age verification mechanisms is a cause of concern in these social networking platforms. However, it was also suggested that the majority of these simply transferred to using the services provided by Facebook. While the numbers may remain small, it has been noted that the number of sexual predators caught using social networking sites has been increasing, and has now reached an almost weekly basis. In worst cases children have become victims of pedophiles or lured to meet strangers.They say that sexual predators can lurk anonymously through the wormholes of cyberspace and access victim profiles online. A number of highly publicized cases have demonstrated the threat posed for users, such as Peter Chapman who, under a false name, added over 3, 000 friends and went on to rape and murder a 17-year-old girl in 2009. A 12-year-old, Evergreen girl was safely found by the FBI with the help of Facebook; due to her mother learning of her daughter's conversation with a man she had met on the popular social networking application.
Stalking
The potential ability for stalking users on social networking sites has been noted and shamed. Popular social networking sites make it easy to build a web of friends and acquaintances, and share with them your photos, whereabouts, contact information, and interests without ever getting the chance to actually meet them. With the amount of information that users post about themselves online, it is easy for users to become a victim of stalking without even being aware of the risk. 63% of Facebook profiles are visible to the public, meaning if you Google someone's name and you add "+Facebook" in the search bar you pretty much will see most of the persons profile. A study of Facebook profiles from students at Carnegie Mellon University revealed that about 800 profiles included current resident and at least two classes being studied, theoretically allowing viewers to know the precise location of individuals at specific times. AOL attracted controversy over its instant messenger AIM which permits users to add 'buddies' without their knowing, and therefore track when a user is online. Concerns have also been raised over the relative ease for people to read private messages or e-mails on social networking sites. Cyber-stalking is a criminal offense that comes into play under state anti-stalking laws, slander laws, and harassment laws. A cyber-stalking conviction can result in a restraining order, probation, or even criminal penalties against the assailant, including jail.
Some applications are explicitly centered on "cyberstalking." An application named "Creepy" can track a person's location on a map using photos uploaded to Twitter or Flickr. When a person uploads photos to a social networking site, others are able to track their most recent location. Some smart phones are able to embed the longitude and latitude coordinates into the photo and automatically send this information to the application. Anybody using the application can search for a specific person and then find their immediate location. This poses many potential threats to users who share their information with a large group of followers.
Facebook "Places," is a Facebook service, which publicizes user location information to the networking community. Users are allowed to "check-in" at various locations including retail stores, convenience stores, and restaurants. Also, users are able to create their own "place," disclosing personal information onto the Internet. This form of location tracking is automated and must be turned off manually. Various settings must be turned off and manipulated in order for the user to ensure privacy. According to epic.org, Facebook users are recommended to: (1) disable "Friends can check me in to Places," (2) customize "Places I Check In," (3) disable "People Here Now," and (4) uncheck "Places I've Visited.". Moreover, the Federal Trade Commission has received two complaints in regards to Facebook's "unfair and deceptive" trade practices, which are used to target advertising sectors of the online community. "Places" tracks user location information and is used primarily for advertising purposes. Each location tracked allows third party advertisers to customize advertisements that suit one's interests. Currently, the Federal Trade Commissioner along with the Electronic Privacy Information Center are shedding light on the issues of location data tracking on social networking sites.
Unintentional fame
Privacy concerns have also been raised over a number of high-profile incidents which can be considered embarrassing for users. Various internet memes have been started on social networking sites, or been used as a means towards their spread across the internet. In 2002, a Canadian teenager became known as the Star Wars Kid after a video of him using a golf club as a light sabre was posted on the internet without his consent. The video quickly became a hit, much to the embarrassment of the teenager, who claims to have suffered as a result. Along with other incidents of videos being posted on social networking sites, this highlights the ability for personal information to be rapidly transferred between users.
Employment
Issues relating to privacy and employment are becoming a concern with regards to social networking sites. As of 2008, it has been estimated by CareerBuilder.com that one in five employers search social networking sites in order to screen potential candidates (increasing from only 11% in 2006). For the majority of employers, such action is to acquire negative information about candidates. For example, 41% of managers considered information relating to candidates' alcohol and drug use to be a top concern. Other concerns investigated via social networking sites included poor communication skills, inappropriate photographs, inaccurate qualifications and bad-mouthing former employers/colleagues. However, 24% manager claimed that information found on a social networking site persuaded them to hire a candidate, suggesting that a user image can be used in a positive way.
While there is little doubt that employers will continue to use social networking sites as a means of monitoring staff and screening potential candidates, it has been noted that such actions may be illegal under in jurisdictions. According to Workforce.com, employers who use Facebook or Myspace could potentially face legal action:
If a potential employer uses a social networking site to check out a job candidate and then rejects that person based on what they see, he or she could be charged with discrimination. On August 1, 2012, Illinois joined the state of Maryland (law passed in March 2012) in prohibiting employer access to social media web sites of their employees and prospective employees. A number of other states that are also considering such prohibitory legislation (California, Delaware, Massachusetts, Michigan, Minnesota, Missouri, New Jersey, New York, Ohio, South Carolina and Washington), as is the United States Congress. In April 2012, the Social Networking Online Protection Act (2012 H.R. 5050) was introduced in the United States House of Representatives, and the Password Protection Act of 2012 (2012 S. 3074) was introduced in the United States Senate in May 2012, which prohibit employers from requiring access to their employees' social media web sites.
Monitoring of social networking sites is not limited to potential workers. Issues relating to privacy are becoming an increasing concern for those currently in employment. A number of high-profile cases have appeared in which individuals have been sacked for posting comments on social networking which have been considered disparaging to their current employers or fellow workers. In 2009, sixteen-year-old Kimberley Swann was sacked from her position at Ivell Marketing and Logistics Limited after describing her job as 'boring'. In 2008, Virgin Atlantic sacked thirteen cabin crew staff, after it emerged they used had criticized the company's safety standards and called passengers 'chavs' on Facebook. There is no federal law that we are aware of that an employer is breaking by monitoring employees on social networking sites. In fact, employers can even hire third-party companies to monitor online employee activity for them. According to an article by Read Write Web employers use the service to "make sure that employees don't leak sensitive information on social networks or engage in any behavior that could damage a company's reputation." While employers may have found such usages of social networking sites convenient, complaints have been put forward by civil liberties groups and trade unions on the invasive approach adopted by many employers. In response to the Kimberley Swann case, Brendan Barber, of the TUC union stated that:
Most employers wouldn't dream of following their staff down the pub to see if they were sounding off about work to their friends," he said. "Just because snooping on personal conversations is possible these days, it doesn't make it healthy."
Monitoring of staff's social networking activities is also becoming an increasingly common method of ensuring that employees are not browsing websites during work hours. It was estimated in 2010 that an average of two million employees spent over an hour a day on social networking sites, costing potentially £14 billion.
Online victimization
Social networks are designed for individuals to socially interact with other people over the Internet. However, some individuals engaged in undesirable online social behaviors creating negative impacts on other people's online experiences. It has created a wide range of online interpersonal victimization. Some studies have shown that social network victimization appears largely in adolescent and teens, and the type of victimization includes sexual advances and harassment. Recent research has reported approximately 9% of online victimization involves social network activities. It has been noted that many of these victims are girls who have sexually appealed over these social network sites. Research concludes that many of social network victimizations are associated with user behaviors and interaction with one another. Negative social behaviors such as aggressive attitudes and discussing sexual related topics motivate the offenders to achieve their goals. All in all, positive online social behaviors is promoted to help reduce and avoid online victimization.
Surveillance
While the concept of a worldwide communicative network seems to adhere to the public sphere model, market forces control access to such a resource. In 2010 investigation by The Wall Street Journal found that many of the most popular applications on Facebook were transmitting identifying information about users and their friends to advertisers and internet tracking companies, which is a violation of Facebook's privacy policy. The Wall Street Journal analyzed the ten most popular Facebook apps, including Zynga's FarmVille, with 57 million users, and Zynga's Mafia Wars with 21.9 million users, and found that they were transmitting Facebook user IDs to data aggregators. Every online move leaves cyber footprints that are rapidly becoming fodder for research without you ever realizing it. Using social media for academic research is accelerating and raising ethical concerns along the way, as vast amounts of information collected by private companies -- including Google, Microsoft, Facebook and Twitter -- are giving new insight into all aspects of everyday life. Our social media "audience" is bigger than we actually know; our followers or friends aren't the only ones that can see information about us. Social media sites are collecting data from us just by searching something such as "favorite restaurant" on our search engine. Facebook is transformed from a public space to a behavioral laboratory," says the study, which cites a Harvard-based research project of 1,700 college-based Facebook users in which it became possible to "deanonymize parts of the data set," or cross-reference anonymous data to make student identification possible. Some of Facebook's research on user behavior found that 71% of people drafted at least one post that they never posted. Another analyzed 400,000 posts and found that children's communication with parents decreases in frequency from age 13 but then rises when they move out.
Law enforcement prowling the networks
The FBI has dedicated undercover agents on Facebook, Twitter, MySpace, LinkedIn. One example of investigators using Facebook to nab a criminal is the case of Maxi Sopo. Charged with bank fraud, and having escaped to Mexico, he was nowhere to be found until he started posting on Facebook. Although his profile was private, his list of friends was not, and through this vector, they eventually caught him.
In recent years, some state and local law enforcement agencies have also begun to rely on social media websites as resources. Although obtaining records of information not shared publicly by or about site users often requires a subpoena, public pages on sites such as Facebook and MySpace offer access to personal information that can be valuable to law enforcement. Police departments have reported using social media websites to assist in investigations, locate and track suspects, and monitor gang activity.
Mob rule
The idea of the 'mob rule' can be described as a situation in which control is held by those outside the conventional or lawful realm. In response to the News International phone hacking scandal involving News of the World in the United Kingdom, a report was written to enact new media privacy regulations.
The British author of the Leveson Report on the ethics of the British press, Lord Justice Leveson, has drawn attention to the need to take action on protecting privacy on the internet. This movement is described by Lord Justice Leveson as a global megaphone for gossip: "There is not only a danger of trial by Twitter, but also of an unending punishment, and no prospect of rehabilitation, by Google".
Location updates
Foursquare, Facebook, Loopt are application which allow users to check- in and these capabilities allows a user to share their current location information to their connection. Some of them even update their travel plans on social networking applications.However, the disclosure of location information within these networks can cause privacy concerns among mobile users. Foursquare defines another framework of action for the user. It appears to be in the interest of Foursquare that users provide many personal data that are set as public. This is illustrated, among others, by the fact that, although all the respondents want high control over the (location) privacy settings, almost none of them ever checked the Foursquare privacy settings before Although there are algorithms using encryption, k-anonymity and noise injection algorithms, its better to understand how the location sharing works in these applications to see if they have good algorithms in place to protect location privacy.
Invasive privacy agreements
Another privacy issue with social networks is the privacy agreement. The privacy agreement states that the social network owns all of the content that users upload. This includes pictures, videos, and messages are all stored in the social networks database even if the user decides to terminate his or her account.
Privacy agreements often times say that they can track a user's location and activity based on the device used for the site. For example, the privacy agreement for Facebook states that "all devices that a person uses to access Facebook are recorded such as IP addresses, phone numbers, operating system and even GPS locations". One main concern about privacy agreements are the length, because they take a lot of time to fully read and understand. Most privacy agreements state the most important information at the end because it is assumed that people will not read it completely.
Reading a privacy statement in terms and conditions
Most social networking sites require users to agree to Terms of Use policies before they use their services. Controversially, these Terms of Use declarations that users must agree to often contain clauses permitting social networking operators to store data on users, or even share it with third parties. Facebook has attracted attention over its policies regarding data storage, such as making it difficult to delete an account, holding onto data after an account is de-activated and being caught sharing personal data with third parties.
This section explains how to read the Privacy statement in terms and conditions while signing up for any social networking site. Most people will skip this section while signing up and seldom understand what they are buying into. But spending a few extra minutes reading through can help tremendously.
What to look for in the Privacy Policy:
1) Who owns the data that a user posts?
2) What happens to the data when the user account is closed?
3) How does changes in the Privacy policy be made aware to its users?
4) The location of the privacy policy that is effective
5) Will the profile page be completely erased when a user deletes the account?
6) Where and how can a user complain in case of any breach in privacy?
7) For how long is the personal information stored?
These questions will give an idea on how safe the social networking site is.
Key points to protect social networking privacy
Realize the threats that will always exist
There are people out there who want--and will do just about anything--to get someone's private information. It's essential to realize that it's difficult to keep your privacy secured all the time.
Be thorough all the time
Always log out. It is dangerous to keep your device logged on since others may have access to your social profiles while you are not paying attention.
Keep your full name and address to yourself. Children's safety may be compromised if their parents post their whereabouts in a site where others know who their real identities are.
Know the sites
Read the social networking site's fine prints. Many sites push its users to agree to terms that are best for the sites--not the users. Users should be aware about the terms in case of emergencies. Exactly how to read the terms are explained above at "Reading a Privacy Statement in Terms and Conditions" part
Make sure the social networking site is safe before sharing information. Users shouldn't be sharing information if they don't know who are using the websites since their personally identifiable information could be exposed to other users of the site.
Be familiar with the privacy protection provided. Users should take the extra time to get to know the privacy protection systems of various social networks they are or will be using. Only friends should be allowed to access their information. Check the privacy or security settings on every social networking site that they might have to use.
Protect devices
Encrypt devices. Users should use complex passwords on their computers and cell phones and change them from time to time. This will protect users' information in case these devices are stolen.
Install Anti-virus software. Others would be able to use viruses and other ways to invade a user's computer if he or she installed something unsafe.
Be careful about taking drastic actions
The users' privacy may be threatened by any actions. Following actions needs special attention.
(1) Adding a new friend. Facebook reports 8.7% of its total profiles are fake. A user should be sure about who the person is before adding it as a new friend.
(2) Clicking on links. Many links which looks attractive like gift cards are specially designed by malicious users. Clicking on these links may result in losing personal information or money.
(3) Think twice about posting revealing photos. A revealing photo could attract the attention of potential criminals.
Social networks
Facebook has been scrutinized for a variety of privacy concerns due to changes in its privacy settings on the site generally over time as well as privacy concerns within Facebook applications. When Facebook first began in 2004, it was focused on universities and only those with .edu address could open an account. Furthermore, only those within your own university network could see your page. Some argue that initial users were much more willing to share private information for these reasons. As time went on, Facebook became more public allowing those outside universities, and furthermore, those without a specific network, to join and see pages of those in networks that were not their own. In 2006 Facebook introduced the News Feed, a feature that would highlight recent friend activity. By 2009, Facebook made "more and more information public by default." For example, in December 2009, "Facebook drastically changed its privacy policies, allowing users to see each others' lists of friends, even if users had previously indicated they wanted to keep these lists private". Also, "the new settings made photos publicly available by default, often without users' knowledge."
Facebook recently updated its profile format allowing for people who are not "friends" of others to view personal information about other users, even when the profile is set to private. However, As of January 18, 2011 Facebook changed its decision to make home addresses and telephone numbers accessible to third party members, but it is still possible for third party members to have access to less exact personal information, like one's hometown and employment, if the user has entered the information into Facebook . EPIC Executive Director Marc Rotenberg said "Facebook is trying to blur the line between public and private information. And the request for permission does not make clear to the user why the information is needed or how it will be used."
Breakup Notifier is an example of a Facebook "cyberstalking" app that has recently been taken down. Essentially, the application notifies users when a person breaks up with their partner through Facebook, allowing users to instantly become aware of their friend's romantic activities. The concept became very popular, with the site attracting 700,000 visits in the first 36 hours; people downloaded the app 40,000 times. Just days later, the app had more than 3.6 million downloads and 9,000 Facebook likes.
It was only in 2008, four years after the first introduction of Facebook, that Facebook decided to create an option to permanently delete information. Until this point in time, it was only an option to deactivate a Facebook which still left the user's information within Facebook servers. After thousands of users complaints, Facebook obliged and created a tool which was located in the Help Section but later removed. To locate the tool to permanently delete a user's Facebook, he or she must manually search through Facebook's Help section by entering the request to delete the Facebook in the search box. Only then will a link be provided to prompt the user to delete his or her profile.
These new privacy settings enraged some users, one of whom claimed, "Facebook is trying to dupe hundreds of millions of users they've spent years attracting into exposing their data for Facebook's personal gain." However, other features like the News Feed faced an initial backlash but later became a fundamental and very much appreciated part of the Facebook experience. In response to user complaints, Facebook continued to add more and more privacy settings resulting in "50 settings and more than 170 privacy options." However, many users complained that the new privacy settings were too confusing and were aimed at increasing the amount of public information on Facebook. Facebook management responded that "there are always trade offs between providing comprehensive and precise granular controls and offering simple tools that may be broad and blunt." It appears as though users sometimes do not pay enough attention to privacy settings and arguably allow their information to be public even though it is possible to make it private. Studies have shown that users actually pay little attention to "permissions they give to third party apps."
Most users are not aware that they can modify the privacy settings and unless they modify them, their information is open to the public. On Facebook privacy settings can be accessed via the drop down menu under account in the top right corner. There users can change who can view their profile and what information can be displayed on their profile. In most cases profiles are open to either "all my network and friends" or "all of my friends." Also, information that shows on a user's profile such as birthday, religious views, and relationship status can be removed via the privacy settings. If a user is under 13 years old they are not able to make a Facebook or a MySpace account, however, this is not regulated.
Although Zuckerberg, the Facebook CEO, and others in the management team usually respond in some manner to user concerns, they have been unapologetic about the trend towards less privacy. They have stated that they must continually "be innovating and updating what our system is to reflect what the current social norms are." Their statements suggest that the Internet is becoming a more open, public space, and changes in Facebook privacy settings reflect this. However, Zuckerberg did admit that in the initial release of the News Feed, they "did a bad job of explaining what the new features were and an even worse job of giving you control of them."
Facebook's privacy settings have greatly evolved and are continuing to change over time. Zuckerberg "believes the age of privacy is 'over,' and that norms have evolved considerably since he first co-founded the social networking site." Additionally, Facebook has been under fire for keeping track of one's Internet usage whether users are logged in to the social media site or not. A user may notice personalized ads under the 'Sponsored' area of the page. "The company uses cookies to log data such as the date, time, URL, and your IP address whenever you visit a site that has a Facebook plug-in, such as a 'Like' button.". Facebook claims this data is used to help improve one's experience on the website and to protect against 'malicious' activity. Another issue of privacy that Facebook uses is the new facial recognition software. This feature includes the software to identify photos that users are tagged in by developing a template based on one's facial features.[2]
Similar to Rotenberg's claim that Facebook users are unclear of how or why their information has gone public, recently the Federal Trade Commission and Commerce Department have become involved. The Federal Trade Commission has recently released a report claiming that Internet companies and other industries will soon need to increase their protection for online users. Because online users often unknowingly opt in on making their information public, the FTC is urging Internet companies to make privacy notes simpler and easier for the public to understand, therefore increasing their option to opt out. Perhaps this new policy should also be implemented in the Facebook world. The Commerce Department claims that Americans, "have been ill-served by a patchwork of privacy laws that contain broad gaps,". Because of these broad gaps, Americans are more susceptible to identity theft and having their online activity tracked by others.
Internet privacy and Facebook advertisements
The illegal activities on Facebook are very wild, especially "phishing attack" which is the most popular way of stealing other people's passwords. The Facebook users are led to land on a page where they are asked for their login information, and their personal information is stolen in that way. According to the news from PC World Business Center which was published on April 22, 2010, we can know that a hacker named Kirllos illegally stole and sold 1.5 million Facebook IDs to some business companies who want to attract potential customers by using advertisements on Facebook. Their illegal approach is that they used accounts which were bought from hackers to send advertisements to friends of users. When friends see the advertisements, they will have opinion about them, because "People will follow it because they believe it was a friend that told them to go to this link," said Randy Abrams, director of technical education with security vendor Eset. There were 2.2232% of the population on Facebook that believed or followed the advertisements of their friends. Even though the percentage is small, the amount of overall users on Facebook is more than 400 million worldwide. The influence of advertisements on Facebook is so huge and obvious. According to the blog of Alan who just posted advertisements on the Facebook, he earned $300 over the 4 days. That means he can earn $3 for every $1 put into it. The huge profit attracts hackers to steal users' login information on Facebook, and business people who want to buy accounts from hackers send advertisements to users' friends on Facebook.
Facebook friends study
A study was conducted at Northeastern University by Alan Mislove and his colleagues at the Max Planck Institute for Software Systems, where an algorithm was created to try and discover personal attributes of a Facebook user by looking at their friend's list. They looked for information such as high school and college attended, major, hometown, graduation year and even what dorm a student may have lived in. The study revealed that only 5% of people thought to change their friend's list to private. For other users, 58% displayed university attended, 42% revealed employers, 35% revealed interests and 19% gave viewers public access to where they were located. Due to the correlation of Facebook friends and universities they attend, it was easy to discover where a Facebook user was based on their list of friends. This fact is one that has become very useful to advertisers targeting their audiences but is also a big risk for the privacy of all those with Facebook accounts.
Several issues pertaining to Facebook are due to privacy concerns. An article titled, Facebook and Online Privacy: Attitudes, Behaviors, and Unintended Consequences, examines the awareness that Facebook users have on privacy issues. This study shows that the gratifications of using Facebook tend to outweigh the perceived threats to privacy. The most common strategy for privacy protection - decreasing profile visibility through restricting access to friends - is also a very weak mechanism; a quick fix rather than a systematic approach to protecting privacy. This study suggests that more education about privacy on Facebook would be beneficial to the majority of the Facebook user population.
The study also offers the perspective that most users do not realize that restricting access to their data does not sufficiently address the risks resulting from the amount, quality and persistence of data they provide. Facebook users in our study report familiarity and use of privacy settings, they are still accepting people as "friends" that they have only heard of through other or do not know at all and, therefore, most have very large groups of "friends" that have access to widely uploaded information such as full names, birthdates, hometowns, and many pictures. This study suggests that social network privacy does not merely exist within the realm of privacy settings, but privacy control is much within the hands of the user. Commentators have noted that online social networking poses a fundamental challenge to the theory of privacy as control. The stakes have been raised because digital technologies lack "the relative transience of human memory," and can be trolled or data mined for information. For users who are unaware of all privacy concerns and issues, further education on the safety of disclosing certain types of information on Facebook is highly recommended.
Spokeo
Spokeo is a "people-related" search engine with results compiled through data aggregation. The site contains information such as age, relationship status, estimated personal wealth, immediate family members and home address of individual people. This information is compiled through what is already on the internet or in other public records, but the website does not guarantee accuracy.
Spokeo has been faced with potential class action lawsuits from people who claim that the organization breaches the Fair Credit Reporting Act. In September, 2010, Jennifer Purcell claimed that the FCRA was violated by Spokeo marketing her personal information. Her case is pending in court. Also in 2010, Thomas Robins claimed that his personal information on the website was inaccurate and he was unable to edit it for accuracy. The case was dismissed because Robins did not claim that the site directly caused him actual harm. On February 15, 2011, Robins filed another suit, this time stating Spokeo has caused him "imminent and ongoing" harm.
In January 2011, the USA government obtained a court order to force the social networking site, Twitter, to reveal information applicable surrounding certain subscribers involved in the WikiLeaks cases. This outcome of this case is questionable because it deals with the user's First Amendment rights. Twitter moved to reverse the court order, and supported the idea that internet users should be notified and given an opportunity to defend their constitutional rights in court before their rights are compromised.
Twitter's privacy policy states that information is collected through their different web sites, application, SMS, services, APIs, and other third parties. When the user uses Twitter's service they consent to the collection, transfer, storage, manipulation, disclosure, and other uses of this information. In order to create a Twitter account, one must give a name, username, password, and email address. Any other information added to one's profile is completely voluntary. Twitter's servers automatically record data such as your IP address, browser type, the referring domain, pages visited, your mobile carrier, device and application IDS, and search terms. Any common account identifiers such as full IP address or username will be removed or deleted after 18 months.
Twitter allows people to share information with their followers. Any messages that are not switched from the default privacy setting are public, and thus can be viewed by anyone with a Twitter account. The most recent 20 tweets are posted on a public timeline. Despite Twitter's best efforts to protect their users privacy, personal information can still be dangerous to share. There have been incidents of leaked tweets on Twitter. Leaked tweets are tweets that have been published from a private account but have been made public. This occurs when friends of someone with a private account retweet, or copy and paste, that person's tweet and so on and so forth until the tweet is made public. This can make private information public, and could possibly be dangerous.
Another issue involving privacy on Twitter deals with users unknowingly disclosing their information through tweets. Twitter has location services attached to tweets, which some users don't even know are enabled. Many users tweet about being at home and attach their location to their tweet, revealing their personal home address. This information is represented as a latitude and longitude, which is completely open for any website or application to access. WeKnowYourHouse is an example of a website that has taken this information and posted it online for anyone to see. They provide Twitter user's names and personal addresses. The owner of the site stated that he created it as a warning to show how easy it is to find and reveal personal information without the right precautions. People also tweet about going on vacation and giving the times and places of where they are going and how long they will be gone for. This has led to numerous break ins and robberies. Twitter users can avoid location services by disabling them in their privacy settings.
Teachers and MySpace
Teachers' privacy on MySpace has created controversy across the world. They are forewarned by The Ohio News Association that if they have a MySpace account, it should be deleted. Eschool News warns, "Teachers, watch what you post online." The ONA also posted a memo advising teachers not to join these sites. Teachers can face consequences of license revocations, suspensions, and written reprimands.
The Chronicle of Higher Education wrote an article on April 27, 2007, entitled "A MySpace Photo Costs a Student a Teaching Certificate" about Stacy Snyder. She was a student of Millersville University of Pennsylvania who was denied her teaching degree because of an allegedly unprofessional photo posted on MySpace, which involved her drinking with a pirate's hat on and a caption of "Drunken Pirate". As a substitute, she was given an English degree.
Other sites
Sites such as Sgrouples and Diaspora have attempted to introduce various forms of privacy protection into their networks, while companies like Safe Shepherd have created software to remove personal information from the net.
Internet privacy and Blizzard Entertainment
On July 6, 2010, Blizzard Entertainment announced that it would display the real names tied to user accounts in its game forums. On July 9, 2010, CEO and cofounder of Blizzard Mike Morhaime announced a reversal of the decision to force posters' real names to appear on Blizzard's forums. The reversal was made in response to subscriber feedback.
Snapchat
What it is:
Snapchat is a mobile application created by Stanford graduates Evan Spiegel and Bobby Murphy in September 2011. Snapchat's main feature is that the application allows users to send a photo or video, referred to as a "snap," to recipients of choice for up to ten seconds before it disappears. If recipients of a snap try and screenshot the photo or video sent, a notification is sent to the original sender that it was screenshot and by whom. Snapchat also has a "stories" feature where users can send photos to their "story" and friends can view the story as many times as they want until it disappears after twenty-four hours. Users have the ability to make their snapchat stories viewable to all of their friends on their friends list, only specific friends, or the story can be made public and viewed by anyone that has a snapchat account. In addition to the stories feature, messages can be sent through Snapchat. Messages disappear after they are opened unless manually saved by the user by holding down on the message until a "saved" notification pops up. There is no notification sent to the users that their message has been saved by the recipient, however, there is a notification sent if the message is screenshot.
Snapchat and the FTC:
In 2014, allegations were made against Snapchat by the Federal Trade Commission "FTC" for deceiving users on its privacy and security measures. Snapchat's main appeal is its marketed ability to have users' photos disappear completely after the one to ten second time frame--selected by the sender to the recipient--is up. However, the FTC made a case claiming this was false, making Snapchat in violation of regulations implemented to prevent deceptive consumer information. One focus of the case was that the reality of a "snap" lifespan is longer than most users perceive; the app's privacy policy stated that Snapchat itself temporarily stored all snaps sent, but neglected to offer users a time period during which snaps had yet to be permanently deleted and could still be retrieved. As a result, many third party applications were easily created for consumers that hold the ability to save "snaps" sent by users and screenshot "snaps" without notifying the sender. The FTC also claimed that Snapchat took information from its users such as location and contact information without their consent. Despite not being written in their privacy policy, Snapchat transmitted location information from mobile devices to its analytics tracking service provider. Although, "Snapchat's privacy policy claimed that the app collected only your email, phone number, and Facebook ID to find friends for you to connect with, if you're an IOS user and entered your phone number to find friends, Snapchat collected the names and phone numbers of all the contacts in your mobile device address books without your notice or consent." It was disclosed that the Gibsonsec security group warned Snapchat of potential issues with their security, however no actions were taken to reinforce the system. In early 2014, 4.6 million matched usernames and phone numbers of users were publicly leaked, adding to the existing privacy controversy of the application. Finally, the FTC claimed that Snapchat failed to secure its "find friends" feature by not requiring phone number verification in the registration process. Users could register accounts from numbers other than their own, giving users the ability to impersonate anyone they chose. Snapchat had to release a public statement of apology to alert users of the misconducts and change their purpose to be a "fast and fun way to communicate with photos."
Response to criticism
Many social networking organizations have responded to criticism and concerns over privacy. It is claimed that changes to default settings, the storage of data and sharing with third parties have all been updated and corrected in the light of criticism, and/or legal challenges. However, many critics remain unsatisfied, noting that fundamental changes to privacy settings in many social networking sites remain minor, and argue that social networking companies prefer to criticize users rather than adapt their policies.
Source of the article : Wikipedia
EmoticonEmoticon