Rachel Levy: Digital Marketing & Social Media

Hello Rachel

That's exactly what I think about it too. I mean even if Facebook was very secure – it is still out in the cloud. And that's what people always have to remember. So everything they put on the net – it doesn't matter where – COULD ALWAYS be read or seen by someone else.

Everyone has to think about his postings / pics / status updates and not to put that on the internet. It always happens that platforms get hacked or whatever. And then?

You're not naive about the security. Every single person is self responsible for the data he puts on the internet. So think before you publish, so easy. What's the worst that could happen when the publicity sees it? People who put sensitive or for them negative data (like pics of being drunk) out to the cloud, are a bit not so smart anyway ;)

And then there's also the financial aspect. Facebook is free. Always remember: you get what you pay for. If people want to have security, they should use a paid and a in security highly maintained platform.

Happy social media-ing :)

Andrea

Identity Theft is a real possibility on Facebook. Why? Because people are giving out the town where they were born, what schools they attended, even mother's maiden name, etc. Hackers can use such info to phish scam you into maybe even giving them your Social Security number or other personal info. http://tinyurl.com/29c3uf9

There are three intertwined issues.

The first is in regards to what data you put up there and how secure it is. As Andrea says, you are responsible for self-censoring, just as you are in any public space. However, consider what would happen if you commented on some medical condition… that you were concerned over a close relative's recent diagnosis of cancer. (I am not wishing it upon you by any means!!!) That information is sold to an advertiser who might then resell it. Or, worse, it's hacked out of the system. Now a potential employer can find it and not make an offer of employment. “Illegal!” you say? Clearly you don't understand “at will” employment.

The second is whether you can or should expect that your information might be kept in confidence… private. For instance, you're quite public about your life — we know you're “actively dating” — but we don't know whom. If you called a friend on your mobile and told them, you'd expect the friend to keep that information private. What if the phone company tapped your phone, and sold the information to… well… anyone who wanted to know? (Suppose their right to do so were buried somewhere in that mobile phone service agreement you signed when you got your phone, although they **promised** they'll never let anyone know the information they gather.) Be careful — however you answer for a phone should apply regardless of the medium. Are you really willing to censor yourself for every medium except face-to-face?

You might be horrified to know that telephone switches have this capability built in. It's completely undetectable by you. Take it from a an ex telecom engineer — I've literally seen the development requirement. The only thing that stops them from using it is that it's illegal for them to do so in this country, though not necessarily for international calls. However, hackers have used this capability. (There's a famous case in Greece.) Now extrapolate to Facebook: more hackers, less security, and a company whose business model is based on selling your data.

The third issue is one of making changes to the policies above. If I know the relative security and privacy of my data, I can make intelligent choices on what I share. If Facebook as a medium is not secure, I can choose to use the phone (or a secure file sharing site). A lot of the current problem stems from Facebook's changing the rules, as they've done several times since they began. And each time they change the rules, Facebook resets your privacy options to “opt out”. Today, your niece's pictures are protected, but tomorrow Facebook could change the rules — say add a category like Networks — with an opt out. That defeats any/all previous intelligent decisions you've made. That's just not cool.

Great point, thanks for the comment!

Dan – Wow, thanks for the thorough analysis. Great thoughts all around. I
like the “real life examples” — helps make it real for me.

Wow after reading this post I felt pretty much like you did Rachel. Then I went through the comments..and wow. There are soo many great explanations and points about privacy that I never would have thought of on my own. So I just wanted to say thanks to everyone who commented before me. This was a great post to get a conversation going though so nice work there too!! I can't believe I've been following you on Twitter for so long and this is the first time to the site..I'm hooked (and subscribed) :)

Hi Rachel,

Not sure if “naive” is the appropriate term here. As “MITDGreenb” indicates, the issues of privacy and security are not so easily apparent or separated. Are you really being “naive” if an underlying application (like Facebook, or Twitter, or Foursquare, or … you get the picture) changes the rules to suit their business model frequently? No. How can you, as an end-user, ever possibly keep up with the vagaries of a for-profit enterprise and how it decides to use your data?

You mention that FB should suffer some sort of backlash because of this. I would've have to agree, but FB isn't the only culprit here. The rapid advancement of technology has made information available through a variety of channels (i.e., web, mobile, IVR, etc.) when we want, how we want it and on whatever device we choose to use. This infinite flexibility puts an incredible strain on the infrastructures of those companies that ply their trade, or are looking to be, in the social media space.

Existing “legacy” enterprises often have an advantage where security and privacy are concerned (often, but not always) as they've been at it a lot longer (i.e., locking down your information) and their policies generally translate well to the web or mobile space. This doesn't mean that there won't be breaches but, generally speaking, all (most?) of those breaches occur from inside a company than from someone hacking from the outside.

Like you, I'm very open about what information is out there; I'm also a very late entrant to the FB sweepstakes, for very good reasons (security and privacy are but two of those reasons.) I take great pains to ensure that whatever information is out there about me that I have, or had, a direct hand in the validity and security of that information. This works for me because I've been in IT for 25+ years; my methods DO NOT translate very well to the general public because we cannot expect non-IT folks to have the necessary background to actively police themselves and/or the sites that they frequent … and so, we rely on the FB's of the world to provide the security and privacy that our information deserves; and this is the fundamental problem — we eagerly abdicate our responsibility to protect our information to the likes of FB and companies like it.

I would inform your readers that they should ACTIVELY take charge of whatever information they decide to publicly publish AND ensure that they remain vigilant to whatever changes get announced by the FB's of the world (e.g., since I joined FB, I've had to modify my settings in response to FB's policy changes.) Is this a lot of work? Sure it is, but what price would you place on protecting yourself and gaining peace of mind?

A friend of mine just tweeted this scanner for Facebook privacy. I am going to give it a try.
http://www.reclaimprivacy.org/

I recently learned from an AT&T engineer that their staff routinely listen-in on calls made through their network.

I agree with you. Was just trying to understand the implications of those
changes on people

Thanks for all of your comments on this post. I really appreciate it! Yes,
when I ran that search tool yesterday, that was one area that was called out
for me. I changed that. Thx for the article.

they have a habit of stepping on peoples toes and then thinking it is ok to just say sorry afterwards

Well, I think it depends on what you use it for. I have all my “tweets” (Twitter posts) automatically appear in Facebook, reply to people commenting in Facebook and see what my friends are doing, but I don't do much else there. Although my Facebook profile is private, I assume everything I post there would be publicly available at some point, and I post accordingly.

Between hackers, nosy administrators, forwarded e-mails, copy & pasted posts, spyware, warrants, court orders, tracking software and companies going out of business selling all your data, anything you post online is subject to disclosure at some point in some way, legally or illegally.

Basically if you don't want people to know, don't post in on the internet. After all, privacy on the internet was an afterthought.