Are You Sharing Too Much?
Inappropriate postings on social media sites can lead to abuses of privacy and embarrassing leaks like the ones you see in the media and on the Web.
We now share publicly many things we'd never have done only a couple of decades ago.
10 years ago, corporations would have paid millions of dollars for the type of information that your customers VOLUNTARILY share on social media now.
— Kyle Reyes — The Parallel Universe and Facebook Dark Posts
One report noted the surprising number of people reporting details about the loss of their virginity on social media sites — virtually in real time.
This isn't a wise choice.
Employers, potential dating partners and spouses are just some that might check for information about your past. Snowden's revelations about what the NSA and others are storing should also concern you.
What message would a video or photo of you doing stupid things send to these folks?
Something that seemed funny at the time, might cost you that prized promotion or your dream relationship one day by portraying you as immature and irresponsible.
If it is re-posted elsewhere you might lose the ability to remove it later.
Think Before Posting
Think before posting comments that could potentially come back to haunt you.
It appears that some folks are using the right to be forgotten (a European law) to do exactly this, but it is backfiring on them. The Streisand effect refers to the attention you bring to yourself with such requests, the reverse of what you intended.
- Protecting yourself on social networks.
- Social Media and Law Enforcement: Who Gets What Data and When? 2011 report by EFF has links to comparisons in .PDF and .XLS formats.
- Social Networking Monitoring by EFF lists reports about government agency monitoring of social networking services.
- Social Networking Privacy reports by EPIC.
- Identity Theft Resource Center: Social Networking and Identity Theft.
- Safe and Savvy — Protecting the Irreplaceable — is a blog sponsored by F-Secure which posts great information about remaining safe on social media sites.
Your 2000 “friends” on Facebook are not really your friends — they are potential leaks.
Check Your Account Settings
Minimize the amount of information that you are sharing by changing the privacy settings to provide information only to trusted friends and family:
- Most social networking sites allow you to create multiple groups, each with different privacy settings.
- Don't share vital information that could be used for identity theft such as your birth date, place of birth, mother's maiden name, etc.
- Minimize what can be searched by anyone or included in search engines like Google or Bing.
- Watch for inappropriate postings about you but posted by others. Take steps to have them removed.
- If you click on a scam and it creates a posting on your wall, remove it by going to your Profile. Hovering over a posting shows an arrow on the right that gives several options, including “remove post.”
Norton Safe Web is a free Facebook app that will scan your newsfeeds for the Lifejacking scam and other fake links.
Read the Terms of Service
The terms of service are a legally-binding contract on the users of a social media site, just as they are with software or other places where electronic agreements are used.
These are often complex and change constantly.
You shouldn't click to accept the agreements without understanding what you're agreeing to.
- Be aware of what you're giving away.
- In many cases you are agreeing that your content will be owned by the social media site. This is understandable, given that their site has no value without content, but it may also mean you may not be able to use the same material elsewhere.
- Posting copyrighted content can result in legal action.
In general, the larger a terms of service agreement is, the more rights and freedom you're giving up.
Most Don't Read Terms of Service
— ZoneAlarm Security Blog
Use Secure Passwords
Be sure that the information you use to log into your account is difficult to guess. Weak passwords can allow others to log into your account without your permission.
Don't Post Password Recovery Information
Watch that you don't unknowingly give away the key information needed to “recover” your password.
Many folks routinely post the sort of information used when you've forgotten your password such as where you were born, your favourite teacher, family names and relationships, etc.
Because this information is so frequently posted on social media sites it create a huge risk to all your on-line accounts (including access to your bank account).
Deactivate or Delete Your Account
If you are no longer using a social media site (i.e. if you've moved to another site or just don't check your account any longer) you should delete (not suspend) that account for your own protection.
- How to Delete an Account from Any Website posted by PC Magazine.
Who Owns Your Private Data?
…[P]eople believe they own their data. Even though the user agreement might technically give companies the right to sell the data, change the access rules to that data, or otherwise own that data, we — the users — believe otherwise.
— Bruce Schneier
You are the Product
If the service is free, then you are the product.
— The Day We Lost Everything
Facebook makes money from advertising, so they make it complicated for you to use their site in a way that interrupts their ability to collect your personal information for advertisers. Although we can stop Facebook and Facebook advertisers from tracking you when you are not on Facebook (blocking “Like” buttons, etc.) there's nothing that our tracker blocking — or anyone else — can do about Facebook when you are actually ON Facebook. Anything you voluntarily post, including photos, comments, interests, and your location, is used for tracking purposes.
Our best advice is to set strict privacy settings, limit what you share, and avoid games & apps (they are marketing companies in disguise). Facebook isn't truly a free service; it is paid for by its users' information.
— Blur (formerly DoNotTrackMe)
Privacy? What Privacy?
- The Evolution of Privacy on Facebook — changes in default profile settings over time.
- The age of privacy is over according to Facebook's Zuckerberg.
- Facebook Timeline a new privacy test.
- Irish law student: Facebook gathers 1200 pages of data on him — and there's more!
- Facebook Security posts on ZoneAlarm's Blog contain information about privacy, trust, bullying and more.
The Facebook IPO scandal showed more concern about being the largest IPO in history than telling the truth. Facebook isn't your "friend."
Controlling Your Facebook Privacy
The following sites will give you some tools to manage your Facebook privacy settings:
- Facebook Security is Facebook's own information on security and includes information about threats and how to deal with them.
- Facebook Privacy: A Bewildering Tangle of Options posted by The New York Times.
- Facebook's new click bait rule will totally blow you away.
- Don't be too quick to accept that friend request!
- Facebook Privacy: Secrets Unveiled posted by PC World.
- 10 privacy settings every Facebook user should know (2011).
- What does Facebook publish about you and your friends? Enter your Facebook ID or alias to find out.
- ReclaimPrivacy.org provides an independent and open tool for scanning your Facebook privacy settings.
- How to turn on login approvals on Facebook.
Take a Facebook Vacation
You check to see how your life is without Facebook (a Facebook vacation) before moving to the next step: deactivating or deleting your account.
99 Days of Freedom offers you the ability to do this while letting your Facebook friends know why you're not responding to their posts by using the image to the right as your profile picture plus a “final post” (at least for 99 days).
In response to Facebook's controversial mood experiment involving some 700,000 unwitting users, we present you 99 Days of Freedom; an online study on how life without Facebook impacts user happiness. Joining is very simple: follow our three step instruction to join the experiment for as long as you like. We can't wait to hear how you spend your time off.
— 99 Days of Freedom
Deactivate or Delete Your Account
Every time problems with Facebook privacy are publicized, a huge portion of Google searches are for ways to delete a Facebook account (which removes your personal data rather than simply deactivating your account).
- Facebook's Help Center information on account deletion.
- How to deactivate your Facebook account posted by The Guardian.
ZoneAlarm offers these suggestions to make sure that you always stay safe and secure on Google+:
- Set up Circles: Google+ Circles let you create specific groups to share information with. Once you have created a circle, anything that you share in that circle can only be viewed by other members in the circle.
- Lock down you profile: Your profile, by default, can be viewed by anyone on the web. If you want to change this, make sure to change the appropriate settings so that only friends in your circles can see your information.
- Restricting Search Visibility: Another default setting of your profile is that it shows up in Google search results. If you don't want Google (or other search engines) to include you in the results, make sure to change your profile visibility settings.
- Lock down other privacy settings: There are many other customizable aspects of your profile that are less well-known. Some of these include being able to limit who can see people in your circles, and who can send you emails.
- Streaming to appropriate circles: When you create a post on Google+, you can choose which circles you want to share that post with. By default, Google+ will remember the circles in your previous post, and use those same circles for your next post.
- Remember that your posts may be public: If you comment on friends' posts, their privacy settings may allow others to see what you've written. Make sure to exercise caution!
Twitter Security & Privacy
Twitter security and privacy concerns are not as numerous as those with Facebook, but you still need to keep a closer watch:
LinkedIn Security & Privacy
LinkedIn is a little different in that it is designed for building professional networks rather than friendships. However, there are still some issues:
- LinkedIn Account Security and Privacy — Best Practices.
- More than 6 million LinkedIn passwords stolen.
- Was your LinkedIn password hacked?.
- How to turn on two-step verification for your LinkedIn account.
You can close your LinkedIn account after which your account information is deleted and logs or backups are de-identified within 30 days.
Pinterest Security & Privacy
Pinterest describes itself as an online pinboard where you can organize and share the things you love. However, there are still some issues, particularly around the legality of copying images that aren't yours:
- Pinterest Acceptable Use Policy includes a note about intellectual property rights (copyright).
- A lawyer digs into the issues of ownership on Pinterest. She considers Pinterest an enabler of illegal activity.
- Why I tearfully deleted my Pinterest inspiration boards looks at the intricacy of legal arguments for “fair use” on Pinterest. (Canada has no such thing as a “fair use” exception.)
- Pinterest Security Risks You Need to Know About.
Updated: April 13, 2015