Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

5/3/2012
03:23 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Facebook Privacy: 5 Most Ignored Mistakes

A Consumer Reports survey of Facebook users reveals many people still ignore privacy controls and sharing risks. Do you understand the common mistakes that could bite back?

6 Social Sites Sitting On The Cutting Edge
6 Social Sites Sitting On The Cutting Edge
(click image for larger view and for slideshow)
Facebook no longer represents that it offers privacy as a matter of policy, like some other companies do. It states outright that it will use your data. It has a Data Use Policy instead of a Privacy Policy.

But consider the dictionary definition of privacy: 1) The state or condition of being free from being observed or disturbed by other people; 2) The state of being free from public attention. If that's your gold standard, then you cannot use Facebook or any other online service for that matter, at least not without privacy-protecting technology. Once you venture online, once you share, you're talking about something less than privacy. Online services may talk about how they respect privacy, but they should really be talking about data usage and sharing.

Facebook's privacy settings would be better referred to as sharing settings. That might encourage more people to use them. According to Consumer Reports, 13 million out of 150 million U.S. Facebook users don't use, or are not aware of, Facebook's privacy settings.

[ Learn more about Facebook's good developer seal of approval. Read Facebook Blesses Adobe Social Marketing Apps. ]

Consumer Reports' data comes from a survey of 2,002 online households, 1,340 of which are active on Facebook. From this limited data set, the magazine has projected nationwide Facebook usage trends. The magazine's findings reveal some surprising privacy blind spots.

1. Privacy Settings

The fact that only 13 million, or 8.6%, of U.S. Facebook users, don't use, or don't know about, Facebook's privacy settings can be seen as encouraging because it's a relatively small percentage. It's high compared to the rate of illiteracy in the United States, which is about 1% or less if you accept a very lax definition of literacy. But it's about what you'd expect if you consider functional illiteracy, which suggests some 23 million U.S. adults have very low reading skills. If you use Facebook, Facebook literacy is a must.

2. Location Sharing

Consumer Reports estimates that 4.8 million people have published posts that contain details about their whereabouts during the day. The magazine calls this "a potential tip-off to burglars." While there have been reports of burglaries linked to online posts about being away from home, you have to wonder whether other methods of location broadcasting--such as leaving home, when anyone might observe your absence without leaving an online data trail--might not present more of a risk. Even so, it's probably best to think twice about saying too much about one's travel plans.

3. "Liking" Things That Could Be Used Against You

Some 4.7 million people have "liked" a Facebook page about a health condition or treatment. Consumer Reports suggests insurers could use this information against you. That may sound far-fetched, but there have already been documented cases of insurers scouring Facebook to fight fraud. And as Consumer Reports notes, the IRS and other government agencies are allowed to comb Facebook, and in some instances friend people, to fight fraud.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Deb Donston-Miller
50%
50%
Deb Donston-Miller,
User Rank: Apprentice
5/7/2012 | 1:07:51 AM
re: Facebook Privacy: 5 Most Ignored Mistakes
I've observed that far more people have made their full profiles, walls, etc. visible only to friends. That's progress. I think what's really confusing to users now is the use of Facebook and other social networking apps as a sign-on for other apps. I think the implications of doing so aren't fully understood.

Deb Donston-Miller
Contributing Editor, The BrainYard
AustinIT
50%
50%
AustinIT,
User Rank: Apprentice
5/6/2012 | 4:49:20 PM
re: Facebook Privacy: 5 Most Ignored Mistakes
Facebook and its ilk will go down as one of the biggest social experiments in history. I think entire generations of "Facebook Friends" are going to seriously regret the trail they left behind when they finally grow up and realize the damage they have done.

Information is information and you'd be really surprised at how publicly gleaned data is being used. Take a look at the insurance industry for one. They've successfully screwed the health care industry for everyone. They did it with data. I can just imagine the euphoria that all this social data has given the lawyers, PACS, and lobbyists over at the "exclusion" department. Just saying...
Bprince
50%
50%
Bprince,
User Rank: Ninja
5/6/2012 | 7:45:18 AM
re: Facebook Privacy: 5 Most Ignored Mistakes
I wonder how much of number one was affected by the switch to Timeline. I have observed some people who are friends of friends on Facebook whose privacy settings no longer seem to be as strict.
Brian Prince, InformationWeek/Dark Reading Comment Moderator
How Attackers Could Use Azure Apps to Sneak into Microsoft 365
Kelly Sheridan, Staff Editor, Dark Reading,  3/24/2020
Malicious USB Drive Hides Behind Gift Card Lure
Dark Reading Staff 3/27/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-10940
PUBLISHED: 2020-03-27
Local Privilege Escalation can occur in PHOENIX CONTACT PORTICO SERVER through 3.0.7 when installed to run as a service.
CVE-2020-10939
PUBLISHED: 2020-03-27
Insecure, default path permissions in PHOENIX CONTACT PC WORX SRT through 1.14 allow for local privilege escalation.
CVE-2020-6095
PUBLISHED: 2020-03-27
An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A specially crafted RTSP setup request can cause a null pointer deference resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability.
CVE-2020-10817
PUBLISHED: 2020-03-27
The custom-searchable-data-entry-system (aka Custom Searchable Data Entry System) plugin through 1.7.1 for WordPress allows SQL Injection. NOTE: this product is discontinued.
CVE-2020-10952
PUBLISHED: 2020-03-27
GitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push docker images.