Between Google Buzz and Facebook, discussions centered on privacy and the implications of using social networks having been hot topics so far this year. The issue certainly isn’t new, but it’s reaching critical mass now because of the players involved. With over 500 million unique users, Facebook is sitting on an exceedingly rich vein of personal information and usage data, and Google, of course, pretty much knows everything you’d ever need to learn. Both have advertisers chomping at the bit to know as much about you as possible to make that next sale. What’s their only barrier? Your privacy.
Right now, the primary difference between Facebook and Google is the basic structure of their networks. Google, for the most part, is an open network: various and sundry details about you and your browsing habits are collected and retained as you go about your business on the web, but these remain generally anonymous. Buzz started off on the wrong foot by trying to mix this anonymous, open data set with the more closed network of Gmail. Facebook, on the other hand, started off as a more closed network, where your information stayed relatively safe within the confines of your personal network. Their privacy settings, however, have evolved towards making much of your profile public by default, often with little fanfare or notice. The shifting walls of security in both Buzz and Facebook have given their users and privacy advocates plenty of heartburn. It’s good to see a constant hum of awareness about what is truly private and public, as a lot of folks don’t seem to be aware of what’s happening to their data, but there’s one key observation that I see missing from these discussions: social networks only know what you tell them. If you don’t want your personal details to be shared under any means or circumstances, then don’t share them in the first place. You’ll cease to be concerned about your privacy if you don’t sacrifice it. Facebook is not magical; it won’t tell CNN what shows you watch and suggest articles without your intervention.
Of course, I understand that one of the main points of social networks is the sharing of information. You obviously can’t and shouldn’t be fearful of sharing, but you can be aware of how much you do share. The very nature of these networks will make people who follow you seem eerily clairvoyant about your comings and goings, but if you keep your details to a relatively general and innocuous nature, there’s neither harm nor foul. To that end, I’ve collected a few thoughts I hope will get you thinking more about your social privacy.
Always assume you’re talking in a room where you can be overheard. Closed networks like Facebook can be penetrated by those willing to be patient and creative, so don’t share things that would make you embarrassed, get you kicked out of your preferred religious place of worship, fired, or cause you to be incarcerated if it were suddenly made public to everyone. Stick to the facts. Don’t overshare. Be very mindful about broadcasting your location on tools like Fourquare. Folks running on the right side of the law are not the only ones being creative with these networks.
Never settle for the default settings. If you’re just joining a social network, check your surroundings carefully before you reveal anything significant about yourself. Is the network open or closed by default? Is there an all-or-nothing set of options, or can you customize? A great quote I read on Twitter this week made the analogy that leaving your default settings unchanged was “like streaking in public”.
Stay informed about your network. If there’s an option to receive e-mails whenever the network makes a change, sign up for it. Follow resources like the Electronic Frontier Foundation and Help Net Security to learn about changes in privacy policies or security incidents that you may need to worry about. It never hurts to review your account preferences on a regular basis to confirm that you’re sharing (or hiding) exactly what you want.
Avoid revealing “security questions”. Banking and financial websites like to ask you “security questions” they feel “only you can answer” should you forget your user name or password. They’re usually along the lines of “what was your first pet’s name?” or “what is your mother’s maiden name?”, and are intended to decrease the likelihood of someone getting access to your account. People tend to be nice and chatty on social networks, and it’s become much easier for scammers to learn more about you. Social engineers look at what you post, what you like, who you talk to and follow, and use these details to fill in the blanks. Avoid talking about the subjects of your security questions or pick ones that are more obscure. The same goes for passwords: find something memorable but ephemeral: What song has been in your head recently? Was state does last week’s Powerball winner live in? What’s your cat’s least favorite toy? You get the idea.
Keep an eye on your friends. In networks like Facebook, where you can be tagged to photos or videos taken of you, with or without your knowledge, it’s important to stay aware of what your friends and colleagues are doing with your data, and, to a larger extent, your reputation. Make sure your account notifications are set up so that you’re sent an e-mail or text whenever someone associates anything in their profile with you. Don’t be afraid to tell people you don’t want anything posted without your permission; it is you, after all. Also, don’t “friend” people who you think will be less than trustworthy with your personal information. Check to see how much they make public, and then imagine how much of your profile would end up there if they start tagging your posts.
The struggles with your public presence and what you choose to keep private will continue to change as social networks progress in their evolution, but you can stay ahead of the game with a dose of skepticism and some healthy common sense.
