Privacy concerns with social networking services
Encyclopedia
Privacy concerns with social networking services have become a controversial and much publicised topic since the creation and increasing popularity of social networking sites such as Bebo
, Myspace
and the currently most used social networking site, Facebook
. Issues relating to stalking, identity theft, sexual predators and employment consistently arise, as well as the ethics regarding data storage and the management and sharing of such data. A security issue occurs when a hacker gains unauthorized access to a site's protected coding or written language. Privacy issues don't necessarily have to involve security breaches. The potential harm to an individual user really boils down to how much a user engages in a social networking site, as well as the amount of the information they're willing to share. A user with more viewers or apart of groups is a lot more likely to be harmed by a breach than someone who barely uses the site.
, a week pseduonymity is encouraged. There are others, such as Match.com
, where the use is designed to encourage anonymity, and thus linking users to individuals can be difficult. However, even with sites that discourage the use of real names, individuals can be identified, such as through face re-identification. It has been estimated by studying two major social networking sites that a 15% overlap of the same or similar photographs makes it possible to identify profiles with similar pictures on other sites. With sites that do encourage information disclosure, it has been noticed that the majority users seem happy to disclose as much information as possible and to as many people as possible.< In 2005, a studied was performed in which data was analysed from 5, 540 Facebook profiles from students at Carnegie Mellon University
. It was revealed that 89% gave a name that was likely to be genuine, and 61% gave a photograph suitable for direct identification.< The visibility of this personal information is highly variable. The vast majority of users also had not altered their privacy setting, enabling a large number of presumably unknown users to have access to their displayed personal information (the default setting originally allowed friends, friends of friends, and non friends of the same network to have full view of a user‘s profile). It is possible for a user to block other users from seeing their presence on Facebook, but this must be done on an individual by individual basis, and would therefore appear not to be commonly used for a wide number of people. All of this has led to many concerns that users are displaying far too much information on social networking sites which may have serious implications on their privacy. Facebook has especially been criticised due to the perceived laxity regarding privacy in the default setting for users, which evidence suggests most do not alter.
The reason social network security and privacy lapses exist results simply from the astronomical amounts of information the sites process each and every day that end up making it that much easier to exploit a single flaw in the system. Features that invite user participation -- messages, invitations, photos, open platform applications, etc. -- are often the avenues used to gain access to private information, especially in the case of Facebook. Adrienne Felt, a Ph.D. candidate at Berkeley, made small headlines last year when she exposed a potentially devastating hole in the framework of Facebook's third-party application programming interface (API) which allows for easy theft of private information. Felt and her co-researchers found that third-party platform applications for Facebook gave developers access to far more information (addresses, pictures, interests, etc.) than needed to run the app.This potential privacy breach is actually built into the systematic framework of Facebook, and unfortunately the flaw renders the system almost indefensible. "The question for social networks is resolving the difference between mistakes in implementation and what the design of the application platform is intended to allow," David Evans, Assistant Professor of Computer Science at the University of Virginia, says. There's also the question of whom we should hold responsible for the over-sharing of user data? That resolution isn't likely to come anytime soon, says Evans, because a new, more regulated API would require Facebook "to break a lot of applications, and a lot of companies are trying to make money off applications now." Felt agrees, noting that now "there are marketing businesses built on top of the idea that third parties can get access to data on Facebook."
, which can then be used as part of identity theft
. In response, various groups have advised that users either do not display their birthday, or hide it from Facebook ‘friends’ they do not personally know. Cases have also appeared of users having photographs stolen from social networking sites in order to assist in identity theft. There is little evidence that many most users of social networking sites are talking full measures to protect themselves from identity theft.
who, under a false name, added over 3, 000 friends and went on to rape and murder a 17 year old girl in 2009.
users on social networking sites has been noted. A study of Facebook profiles from students at Carnegie Mellon University revealed that about 800 profiles included current resident and at least two classes being studied, theoretically allowing viewers to know the precise location of individuals at specific times. AOL
attracted controversy over its instant messenger AIM which permits users to add ‘buddies’ without their knowing, and therefore track when a user is online. Concerns have also been raised over the relative ease for people to read private messages or e-mails on social networking sites.
after a video of him using a golf club as a light sabre was posted on the internet without his consent. The video quickly became a hit, much to the embarrassment of the teenager who claims to have suffered as a result. Along with other incidents of videos being posted on social networking sites, this highlights the ability for personal information to be rapidly transferred between users.
While there is little doubt that employers will continue to use social networking sites as a means of monitoring staff and screening potential candidates, it has been noted that such actions may be illegal under in jurisdictions. According to Workforce.com, employers who use Facebook or Myspace could potentially face legal action:
If a potential employer uses a social networking site to check out a job candidate and then rejects that person based on what they see, he or she could be charged with discrimination.
Monitoring of social networking sites is not limited to potential workers. Issues relating to privacy are becoming an increasing concern for those currently in employment. A number of high profile cases have appeared in which individuals have been sacked for posting comments on social networking which have been considered disparaging to their current employers or fellow workers. In 2009, sixteen year old Kimberley Swann was sacked from her position at Ivell Marketing and Logistics Limited after describing her job as ‘boring’. In 2008, Virgin Atlantic sacked thirteen cabin crew staff, after it emerged they used had criticised the company’s safety standards and called passengers ‘chavs’ on Facebook. While employers may have found such usages of social networking sites convenient, complaints have been put forward by civil liberties groups and trade unions on the invasive approach adopted by many employers. In response to the Kimberley Swann case, Brendan Barber, of the TUC union stated that:
Most employers wouldn't dream of following their staff down the pub to see if they were sounding off about work to their friends," he said.
"Just because snooping on personal conversations is possible these days, it doesn't make it healthy."
Monitoring of staff’s social networking activities is also becoming an increasingly common method of ensuring that employees are not browsing websites during work hours. It was estimated in 2010 that an average of two million employees spent over an hour a day on social networking sites, costing potentially £14 billion.
and the UK based Chartered Institute of Library and Information Professionals
, which affirms a commitment to upholding privacy as a fundamental right. In 2008, a study was performed in fourteen public libraries in the UK which found that 50% blocked access to social networking sites. Many school libraries have also blocked Facebook out of fear that children may be disclosing too much information on Facebook. However, as of 2011, Facebook has taken efforts to combat this concern by deleting profiles of users under the age of thirteen.
Bebo
Bebo is a social networking website launched in July 2005. It is currently owned and operated by Criterion Capital Partners after taking over from AOL in June 2010....
, Myspace
Myspace
Myspace is a social networking service owned by Specific Media LLC and pop star Justin Timberlake. Myspace launched in August 2003 and is headquartered in Beverly Hills, California. In August 2011, Myspace had 33.1 million unique U.S. visitors....
and the currently most used social networking site, Facebook
Facebook
Facebook is a social networking service and website launched in February 2004, operated and privately owned by Facebook, Inc. , Facebook has more than 800 million active users. Users must register before using the site, after which they may create a personal profile, add other users as...
. Issues relating to stalking, identity theft, sexual predators and employment consistently arise, as well as the ethics regarding data storage and the management and sharing of such data. A security issue occurs when a hacker gains unauthorized access to a site's protected coding or written language. Privacy issues don't necessarily have to involve security breaches. The potential harm to an individual user really boils down to how much a user engages in a social networking site, as well as the amount of the information they're willing to share. A user with more viewers or apart of groups is a lot more likely to be harmed by a breach than someone who barely uses the site.
Overview
Social networking sites greatly vary in the levels of privacy offered or even required. With some sites, such as Facebook, the use of real names and uploading of personal information is encouraged (onto a page known as a ‘Profile‘). This may include birthday, address, telephone number, and more intimate details such as interests, hobbies, favourite books/films//music, relationship status and sexual preference. With others, such as FriendsterFriendster
Friendster is a social gaming site that is based in Malaysia, KL. The company now operates mainly from the three Asian countries namely in the Philippines, Malaysia and Singapore....
, a week pseduonymity is encouraged. There are others, such as Match.com
Match.com
Match.com is an online dating company which reportedly has more than 20 million members, made up of a 49/51 male/female ratio, and Web sites serving 25 countries in more than 8 different languages. Its headquarters are in Dallas, Texas and the company also has offices in West Hollywood, Tokyo, Rio,...
, where the use is designed to encourage anonymity, and thus linking users to individuals can be difficult. However, even with sites that discourage the use of real names, individuals can be identified, such as through face re-identification. It has been estimated by studying two major social networking sites that a 15% overlap of the same or similar photographs makes it possible to identify profiles with similar pictures on other sites. With sites that do encourage information disclosure, it has been noticed that the majority users seem happy to disclose as much information as possible and to as many people as possible.< In 2005, a studied was performed in which data was analysed from 5, 540 Facebook profiles from students at Carnegie Mellon University
Carnegie Mellon University
Carnegie Mellon University is a private research university in Pittsburgh, Pennsylvania, United States....
. It was revealed that 89% gave a name that was likely to be genuine, and 61% gave a photograph suitable for direct identification.< The visibility of this personal information is highly variable. The vast majority of users also had not altered their privacy setting, enabling a large number of presumably unknown users to have access to their displayed personal information (the default setting originally allowed friends, friends of friends, and non friends of the same network to have full view of a user‘s profile). It is possible for a user to block other users from seeing their presence on Facebook, but this must be done on an individual by individual basis, and would therefore appear not to be commonly used for a wide number of people. All of this has led to many concerns that users are displaying far too much information on social networking sites which may have serious implications on their privacy. Facebook has especially been criticised due to the perceived laxity regarding privacy in the default setting for users, which evidence suggests most do not alter.
The reason social network security and privacy lapses exist results simply from the astronomical amounts of information the sites process each and every day that end up making it that much easier to exploit a single flaw in the system. Features that invite user participation -- messages, invitations, photos, open platform applications, etc. -- are often the avenues used to gain access to private information, especially in the case of Facebook. Adrienne Felt, a Ph.D. candidate at Berkeley, made small headlines last year when she exposed a potentially devastating hole in the framework of Facebook's third-party application programming interface (API) which allows for easy theft of private information. Felt and her co-researchers found that third-party platform applications for Facebook gave developers access to far more information (addresses, pictures, interests, etc.) than needed to run the app.This potential privacy breach is actually built into the systematic framework of Facebook, and unfortunately the flaw renders the system almost indefensible. "The question for social networks is resolving the difference between mistakes in implementation and what the design of the application platform is intended to allow," David Evans, Assistant Professor of Computer Science at the University of Virginia, says. There's also the question of whom we should hold responsible for the over-sharing of user data? That resolution isn't likely to come anytime soon, says Evans, because a new, more regulated API would require Facebook "to break a lot of applications, and a lot of companies are trying to make money off applications now." Felt agrees, noting that now "there are marketing businesses built on top of the idea that third parties can get access to data on Facebook."
Storage of data
Most social networking sites require users to agree to Code of Use policy before they may use their services. Controversially, these Code of Use declarations that users must agree to often contain clauses permitting social networking operators to store data on users, or even share it with third parties. Facebook has attracted attention over its policies regarding data storage, such as making it difficult to delete an account, holding onto data after an account is de-activated and being caught sharing personal data with third parties.Identity theft
Due to the high volume of personal information often displayed on social networking sites, it is possible to make further estimations about a user, such as the person’s social security numberSocial Security number
In the United States, a Social Security number is a nine-digit number issued to U.S. citizens, permanent residents, and temporary residents under section 205 of the Social Security Act, codified as . The number is issued to an individual by the Social Security Administration, an independent...
, which can then be used as part of identity theft
Identity theft
Identity theft is a form of stealing another person's identity in which someone pretends to be someone else by assuming that person's identity, typically in order to access resources or obtain credit and other benefits in that person's name...
. In response, various groups have advised that users either do not display their birthday, or hide it from Facebook ‘friends’ they do not personally know. Cases have also appeared of users having photographs stolen from social networking sites in order to assist in identity theft. There is little evidence that many most users of social networking sites are talking full measures to protect themselves from identity theft.
Sexual predators
Most major social networking sites are committed to ensuring that use of their services are as safe as possible. However, due to the high content of personal information placed on social networking sites, as well as the ability to hide behind a pseudo-identity, such sites have become increasingly popular for sexual predators. In 2009, it was revealed that MySpace had evicted 90, 000 registered sex offenders from its site in the previous two years. However, it was also suggested that the majority of these simply transferred to using the services provided by Facebook. In response to concerns, Facebook Help Center has set up a system whereby users may notify on suspected sex offers which, if proven to be accurate, will result in their account be terminated. While the numbers may remain small, it has been noted that the number of sexual predators caught using social networking sites has been increasing, and has now reached an almost weekly basis. A number of highly publicised cases have demonstrated the threat posed for users, such as Peter ChapmanPeter Chapman
Peter Chapman is a British convicted murderer who has featured heavily in the media in the United Kingdom and has become known as the "Facebook killer." He was jailed for a minimum of 35 years in March 2010 and his crime has led to serious criticism of police monitoring and Facebook.-Life prior to...
who, under a false name, added over 3, 000 friends and went on to rape and murder a 17 year old girl in 2009.
Stalking
The potential ability for stalkingStalking
Stalking is a term commonly used to refer to unwanted and obsessive attention by an individual or group to another person. Stalking behaviors are related to harassment and intimidation and may include following the victim in person and/or monitoring them via the internet...
users on social networking sites has been noted. A study of Facebook profiles from students at Carnegie Mellon University revealed that about 800 profiles included current resident and at least two classes being studied, theoretically allowing viewers to know the precise location of individuals at specific times. AOL
AOL
AOL Inc. is an American global Internet services and media company. AOL is headquartered at 770 Broadway in New York. Founded in 1983 as Control Video Corporation, it has franchised its services to companies in several nations around the world or set up international versions of its services...
attracted controversy over its instant messenger AIM which permits users to add ‘buddies’ without their knowing, and therefore track when a user is online. Concerns have also been raised over the relative ease for people to read private messages or e-mails on social networking sites.
Unintentional fame
Privacy concerns have also been raised over a number of high profile incidents which can be considered embarrassing for users. Various internet memes have been started on social networking sites, or been used as a means towards their spread across the internet. In 2002, a Canadian teenager became known as the Star Wars KidStar Wars Kid
"Star Wars Kid" is an Internet meme involving a video of a high school student from Trois-Rivières, Quebec, Canada, wielding a golf ball retriever in imitation of Darth Maul's lightsaber moves from the Star Wars films....
after a video of him using a golf club as a light sabre was posted on the internet without his consent. The video quickly became a hit, much to the embarrassment of the teenager who claims to have suffered as a result. Along with other incidents of videos being posted on social networking sites, this highlights the ability for personal information to be rapidly transferred between users.
Employment
Issues relating to privacy and employment are becoming a concern with regards to social networking sites. As of 2008, it has been estimated by CareerBuilder.com that one in five employers search social networking sites in order to screen potential candidates (increasing from only 11% in 2006). For the majority of employers, such action is to acquire negative information about candidates. For example, 41% of managers considered information relating to candidates’ alcohol and drug use to be a top concern. Other concerns investigated via social networking sites included poor communication skills, inappropriate photographs, inaccurate qualifications and bad-mouthing former employers/colleagues. However, 24% manager claimed that information found on a social networking site persuaded them to hire a candidate, suggesting that a user image can be used in a positive way.While there is little doubt that employers will continue to use social networking sites as a means of monitoring staff and screening potential candidates, it has been noted that such actions may be illegal under in jurisdictions. According to Workforce.com, employers who use Facebook or Myspace could potentially face legal action:
If a potential employer uses a social networking site to check out a job candidate and then rejects that person based on what they see, he or she could be charged with discrimination.
Monitoring of social networking sites is not limited to potential workers. Issues relating to privacy are becoming an increasing concern for those currently in employment. A number of high profile cases have appeared in which individuals have been sacked for posting comments on social networking which have been considered disparaging to their current employers or fellow workers. In 2009, sixteen year old Kimberley Swann was sacked from her position at Ivell Marketing and Logistics Limited after describing her job as ‘boring’. In 2008, Virgin Atlantic sacked thirteen cabin crew staff, after it emerged they used had criticised the company’s safety standards and called passengers ‘chavs’ on Facebook. While employers may have found such usages of social networking sites convenient, complaints have been put forward by civil liberties groups and trade unions on the invasive approach adopted by many employers. In response to the Kimberley Swann case, Brendan Barber, of the TUC union stated that:
Most employers wouldn't dream of following their staff down the pub to see if they were sounding off about work to their friends," he said.
"Just because snooping on personal conversations is possible these days, it doesn't make it healthy."
Monitoring of staff’s social networking activities is also becoming an increasingly common method of ensuring that employees are not browsing websites during work hours. It was estimated in 2010 that an average of two million employees spent over an hour a day on social networking sites, costing potentially £14 billion.
Institutional concerns
A number of institutions have expressed concern over the lack of privacy granted to users on social networking sites. These include schools, libraries, and Government agencies.Libraries
Libraries in particular, being concerned with the privacy of individuals, have debated on allowing library patrons to access social networking sites on public library computers. While only 19% of librarians reportedly express real concern over social networking privacy, they have been particularly vocal in voicing their concerns. Some have argued that the lack of privacy found on social networking sites is contrary to the ethics supported by Library organisations, and the latter should thus be extremely apprehensive about dealing with the former. Supporters of this view present their argument from the code of ethics held by both the American Library AssociationAmerican Library Association
The American Library Association is a non-profit organization based in the United States that promotes libraries and library education internationally. It is the oldest and largest library association in the world, with more than 62,000 members....
and the UK based Chartered Institute of Library and Information Professionals
Chartered Institute of Library and Information Professionals
The Chartered Institute of Library and Information Professionals is a professional body representing librarians and other information professionals in the United Kingdom.-History:...
, which affirms a commitment to upholding privacy as a fundamental right. In 2008, a study was performed in fourteen public libraries in the UK which found that 50% blocked access to social networking sites. Many school libraries have also blocked Facebook out of fear that children may be disclosing too much information on Facebook. However, as of 2011, Facebook has taken efforts to combat this concern by deleting profiles of users under the age of thirteen.
Response to criticism
Many social networking organisations have responded to criticism and concerns over privacy. It is claimed that changes to default settings, the storage of data and sharing with third parties have all been updated and corrected in the light of criticism, and/or legal challenges. However, many critics remain unsatisfied, noting that fundamental changes to privacy settings in many social networking sites remain minor, and argue that social networking companies prefer to criticise users rather than adapt their policies.See also
- Social networking service
- Information privacy
- Social mediaSocial mediaThe term Social Media refers to the use of web-based and mobile technologies to turn communication into an interactive dialogue. Andreas Kaplan and Michael Haenlein define social media as "a group of Internet-based applications that build on the ideological and technological foundations of Web 2.0,...
- FacebookFacebookFacebook is a social networking service and website launched in February 2004, operated and privately owned by Facebook, Inc. , Facebook has more than 800 million active users. Users must register before using the site, after which they may create a personal profile, add other users as...
- MyspaceMyspaceMyspace is a social networking service owned by Specific Media LLC and pop star Justin Timberlake. Myspace launched in August 2003 and is headquartered in Beverly Hills, California. In August 2011, Myspace had 33.1 million unique U.S. visitors....
- Criticism of FacebookCriticism of FacebookFacebook's growth as an Internet social networking site has met criticism on a range of issues, including online privacy, child safety, and the inability to terminate accounts without first manually deleting the content. In 2008, many companies removed their advertising from the site because it was...