Apps can pose privacy risks
One way your data can escape is through Facebook games and apps. Whenever you run one, it gets your public information, such as your name, gender, and profile photo, as well as your list of friends even if you haven’t made that list public. And if you give the app certain permissions, it can peer deeper into your data and even see information that your friends share with you, unless they have specifically forbidden sharing with apps in their own privacy settings.
The result is that unless you’ve chosen your privacy settings meticulously, a friend who runs an app could grant it access to your information without your knowledge. Given that fact, it’s troubling that our survey found that only 37 percent of Facebook users say they have used the site’s privacy tools to customize how much information apps are allowed to see.
[Related: 10 Most 'Liked' Fast-Food Chains on Facebook]
Facebook exercises only basic oversight of developers of Web-based apps, according to Kevin Johnson, security consultant at Florida-based Secure Ideas, who has developed apps and tests their security. The sole credential needed to create an app is a verified Facebook account, including a cell phone number or credit card. And the company doesn’t have to review your source code (programming instructions) before it goes live, experts told us.
Facebook counters that it watches vigilantly for apps that misbehave. “We have a dedicated team that reviews apps using a risk-based approach to ensure we address the biggest risks, rather than just doing a cursory review at the time an app is first launched,” a spokesman told us. “We also have stringent automated systems in place to quickly catch bad actors before they can gain access to user data.”
Those apps run on Facebook in an environment the site maintains for developers to build user tools. But users can also share data through another type of app—the mobile apps that you download to your Apple or Android tablet or smart phone.
Consider Highlight. This free iPhone app, developed by Math Camp, taps into certain parts of your Facebook profile that you agree to share, and then can follow your travels using your GPS data. It runs quietly on your device until it detects another person running Highlight nearby. When it does, it alerts you to each other’s presence and shows your profile photos, mutual friends, and anything else you’ve shared. It’s easy to imagine that Highlight could help you meet interesting people. Scoble says he found the app valuable for making connections at the recent South by Southwest (SXSW) technology and music conference in Austin, Texas, for example. But some privacy experts worry that such apps could also facilitate stalking and other antisocial behavior.
The vast Facebook biometric database
Privacy critics also point to one of the newer features on Facebook, Tag Suggest, which scans your photographs using facial-recognition technology. This system detects human faces in photos and then calculates a unique numerical identifier for each face based on characteristics such as the shape of the eyes and the distances between eyes, nose, and ears. It then tries to tie that face to a specific user’s name.
Tag Suggest uses this system to search photos you upload of your friends. If it finds one, it suggests that you “tag” the photo with the friend’s name. The aim is to make it easier to label photos in ways that facilitate sharing.
Tag Suggest sparked controversy last year when Facebook announced it had enabled it for some users without alerting them. Users could opt out, but first they had to notice that Tag Suggest was active. “If this new feature is as useful as Facebook claims, it should be able to stand on its own, without an automatic sign-up,” Rep. Edward Markey, D-Mass., said last June. Facebook quickly responded by making Tag Suggest messages more prominent. Users who are automatically tagged are notified and can untag themselves or ask their friends to do it. Or they can disable the feature altogether.
Once again, though, critics say the issue goes beyond specific notifications to the fact that one company now controls such a vast biometric database about so many people. Facebook already stores more than 60 billion photos and says the number grows by 250 million a day. Its recent acquisition of the popular mobile photo-sharing service Instagram promises to add even more images to this cache.
Last year, Carnegie Mellon University researchers demonstrated in an experiment the potential such a database holds for connecting the dots in people’s digital lives. Using off-the-shelf facial-recognition software that’s probably far less effective than Facebook’s, they were able to match subjects whose photos were posted on a dating site to their profile photos on Facebook.
Besides knowing what its users look like, Facebook keeps track of the other websites they visit. That happens via the “Like,” “Recommendations,” and similar buttons that so many sites include. In addition to reporting your presence, the “Like” button sends along the date and time of your visit and your IP address, whether or not you click on it. The company has acknowledged that this happens even when Facebook users are logged out, a practice that had prompted class-action lawsuits in the U.S. If you’re logged in to Facebook, it can collect even more data.
The company also said that it collects data from people who are not its users and have never visited its site. That rang alarm bells among privacy watchdogs since an IP address can function “like DNA at a crime scene,” according to Lori Andrews, a law professor at the Illinois Institute of Technology. “There often will be enough data points connected with your IP address to clearly identify you.”
In November, regulators in Germany found that such information was being collected on Facebook users for up to two years even after they deactivated their accounts. Facebook said that was needed to enhance security, a claim German regulators rejected. Both sides say they are willing to talk, but Facebook’s website says it doesn’t share such data without your permission and deletes it or makes the information anonymous within 90 days. The Irish Data Protection Commission concluded last year that the information Facebook gathered from third-party websites was not used for advertising or profiling.
Employers, insurers, and the IRS watch social networks
Some of the greatest threats to privacy have nothing to do with fancy technology but simply with poor judgment about what information to post and for whom. Here are groups that use such data:
Decision makers. Insurers, employers, and college admissions officers sometimes use social media to evaluate people. They may, for example, turn to a service such as Social Intelligence that scours public postings on Facebook and other social networks as part of a background check. Among the red flags employers look for, the company says, are sexually explicit photos or videos, racist remarks, and evidence of illegal activities. It also reports that 69 percent of human-resource officers have rejected job applicants based on social media reviews that turned up any of those flags.
“We can now collect information on buying behaviors, geospatial and location information, social media and Internet usage, and more,” says a recent report from Novarica, a New York-based research and consulting firm serving insurers and financial service companies. “Our electronic trails have been digitized, formatted, standardized, analyzed and modeled, and are up for sale. As intimidating as this may sound to the individual, it is a great opportunity for businesses to use this data.”
The fact that insurers can mine social media should serve as a warning to Facebook users who publicly post information about their medical or health issues.
The same goes for would-be college students. Last year, Kaplan Test Prep found that almost a quarter of admissions officers had checked out applicants’ Facebook or other social pages. Twelve percent said that what they found had hurt the applicants’ chances, including things like photos of alcohol use, which are notoriously common on young people’s pages.
Government investigators. IRS agents can scan public postings on Facebook as part of research to “assist in resolving a taxpayer case,” according to a 2009 training manual obtained by the Electronic Frontier Foundation, a privacy and consumer rights group. The manual offers an example that reads like a “Seinfeld” episode: An IRS officer learns that a taxpayer he’s investigating is a comedian who posts a video on a social network to promote previous and upcoming performances. It suggests the agent contact past performance locations to find out how much the comedian was paid or serve the performer a summons at a future venue.
Comics can relax about at least one point: The manual bars agents from “friending” a taxpayer to gain access to data. But that’s not true of a memo the U.S. Citizenship and Immigration Services wrote for investigators at the Office of Fraud Detection and National Security trying to spot immigration fraud. “Many of these people accept cyber-friends that they don’t even know,” the memo notes. “This provides an excellent vantage point for FDNS to observe the daily life of beneficiaries and petitioners who are suspected of fraudulent activities.”
Enemies or criminals. Last September, someone with a gripe against Kevin Jolly gained access to the Lake Forest, Calif., lawyer’s Facebook page and launched a damaging attack. Jolly, 47, says the person downloaded his profile photo to create a fake page in his name and established contact with his Facebook friends. The perpetrator then inserted pornographic language into the fake profile and sent vulgar sexual messages daily to Jolly’s friends, family, and business colleagues.
Although Jolly reported the fake profile promptly, it took almost a month and several e-mails from Jolly for Facebook to remove it. “I can’t believe how long it took them to resolve this,” he says. “And even in a situation like mine, where someone is being personally and professionally destroyed by something abusive on Facebook, the only way they’ll communicate with you is through e-mail. Never once could I speak to a human being there.”
Contrast that with the case last year when a security flaw let outsiders grab more than a dozen of Mark Zuckerberg's private photos and post them on Imgur, a photo-sharing site. That flaw was fixed in a day. Facebook says that by making users resort to online tools to access customer service, the company can process many more inquiries than it could through a telephone call center.
Even your own Facebook friends can occasionally be a risk. Our survey projects that something like 20 million U.S. Facebook users aren’t fully comfortable with all their friends in matters of personal security, either because they don’t know some of them very well—or because they know them quite well enough to understand how poor their judgment really is.