Are You Sharing Too Much?
500 Million Yahoo! Accounts Breached
Even if you don't use Yahoo Mail you may be using services like Tumblr, Flickr and Fantasy Football which were affected by the Yahoo! breach. Here's what to do.
10 years ago, corporations would have paid millions of dollars for the type of information that your customers VOLUNTARILY share on social media now. — Kyle Reyes — The Parallel Universe and Facebook Dark Posts
Inappropriate postings on social media sites can lead to abuses of privacy and embarrassing leaks like the ones you see in the media and on the Web.
- 10 things you should never share on social media.
- Help stop cyberbullying: Words Can Save.
- The art of social media scams and how to avoid them.
We now share publicly many things we'd never have done only a couple of decades ago.
For example, one report noted the surprising number of people reporting details about the loss of their virginity on social media sites — virtually in real time.
This isn't a wise choice.
Employers, potential dating partners and spouses are just some of those that might check for information about your past. Snowden's revelations about what the NSA and others are storing should also concern you.
One thing that I think continues to be an issue is social network security, and people's inability to believe, for whatever reason, that what they put on social networks isn't automatically going to someday be public. — Tom's Guide
What message would a video or photo of you doing stupid things send to these folks?
Something that seemed funny at the time, might cost you that prized promotion or your dream relationship one day by portraying you as immature and irresponsible.
If it is re-posted elsewhere you might lose the ability to remove it later.
Think Before Posting
Think before posting comments that could potentially come back to haunt you.
It appears that some folks are using the right to be forgotten (a European law) to do exactly this, but it is backfiring on them. The Streisand effect refers to the attention you bring to yourself with such requests, the reverse of what you intended.
- Protecting yourself on social networks is part of EFF's Surveillance Self-Defense.
- 6 spooky ways local law enforcement is watching you.
- Social media and law enforcement: Who gets what data and when? 2011 report by EFF has links to comparisons in .PDF and .XLS formats.
- Social Networking Monitoring by EFF lists reports about government agency monitoring of social networking services.
- Social Networking Privacy reports by EPIC.
- Identity Theft Resource Center: Social networking and identity theft.
- Safe and Savvy — Protecting the Irreplaceable is a blog sponsored by F-Secure which posts great information about remaining safe on social media sites.
Your 2000 “friends” on Facebook are not really your friends — they are potential leaks.
Check Your Account Settings
Minimize the amount of information that you are sharing by changing the privacy settings to provide information only to trusted friends and family:
- Most social networking sites allow you to create multiple groups, each with different privacy settings.
- Don't share vital information that could be used for identity theft such as your birth date, place of birth, mother's maiden name, etc.
- Minimize what can be searched by anyone or included in search engines like Google or Bing.
- Watch for inappropriate postings about you but posted by others. Take steps to have them removed.
- If you click on a scam and it creates a posting on your wall, remove it by going to your profile. Hovering over a posting shows an arrow on the right that gives several options, including “remove post.”
Norton Safe Web is a free Facebook app that will scan your newsfeeds for the Lifejacking scam and other fake links.
Read the Terms of Service
The terms of service are a legally-binding contract on the users of a social media site, just as they are with software or other places where electronic agreements are used.
These are often complex and change constantly.
You shouldn't click to accept the agreements without understanding what you're agreeing to.
- Be aware of what you're giving away.
- In many cases you are agreeing that your content will be owned by the social media site. This is understandable, given that their site has no value without content, but it may also mean you may not be able to use the same material elsewhere.
- Posting copyrighted content can result in legal action.
In general, the larger a terms of service agreement is, the more rights and freedom you're giving up.
Most Don't Read Terms of Service
Use Secure Passwords
Be sure that the information you use to log into your account is difficult to guess. Weak passwords can allow others to log into your account without your permission.
Don't Post Password Recovery Information
Watch that you don't unknowingly give away the key information needed to “recover” your password.
Many folks routinely post the sort of information used when you've forgotten your password such as where you were born, your favourite teacher or sports teams, family names and relationships, etc.
Because this information is so frequently posted on social media sites it create a huge risk to all your on-line accounts (including access to your bank account).
Deactivate or Delete Your Account
If you are no longer using a social media site (i.e. if you've moved to another site or just don't check your account any longer) you should delete (not suspend) that account for your own protection.
- How to Delete an Account from Any Website posted by PC Magazine.
Who Owns Your Private Data?
…[P]eople believe they own their data. Even though the user agreement might technically give companies the right to sell the data, change the access rules to that data, or otherwise own that data, we — the users — believe otherwise. — Bruce Schneier
You are the Product
If the service is free, then you are the product. — The Day We Lost Everything
Facebook makes money from advertising, so they make it complicated for you to use their site in a way that interrupts their ability to collect your personal information for advertisers. Although we can stop Facebook and Facebook advertisers from tracking you when you are not on Facebook (blocking “Like” buttons, etc.) there's nothing that our tracker blocking — or anyone else — can do about Facebook when you are actually ON Facebook. Anything you voluntarily post, including photos, comments, interests, and your location, is used for tracking purposes.
Our best advice is to set strict privacy settings, limit what you share, and avoid games & apps (they are marketing companies in disguise). Facebook isn't truly a free service; it is paid for by its users' information. — Blur (formerly DoNotTrackMe)
Facebook allows a wide mass of its users the freedom to spread fake news (which they won't regulate), while simultaneously working to prevent another group from sharing actual news. — Damon Beres on Mashable
Privacy? What Privacy?
Facebook's Zuckerberg said in 2010 that the age of privacy is over. This is the same guy that bought all the houses surrounding his to increase his privacy while making his living mining the privacy of others.
- 98 personal data points that Facebook uses to target ads to you.
- Facebook's DeepText seeks to understand everything you post.
- You won't like what your Facebook 'Likes' reveal.
- How you can use Facebook to track your friends' sleeping habits.
- The Evolution of Privacy on Facebook — changes in default profile settings over time.
- Facebook gathered 1200 pages of data on an Irish law student.
- “Facebook security” posts on ZoneAlarm's blog.
The Facebook IPO scandal showed more concern about being the largest IPO in history than telling the truth. Facebook isn't your "friend."
Controlling Your Facebook Privacy
The following sites will give you some tools to manage your Facebook privacy settings:
- Facebook Security: How to keep your account secure is Facebook's own information on security.
- 11 things you might want to stop doing or delete from your Facebook profile to protect your privacy .
- Facebook privacy: A bewildering tangle of options posted by The New York Times in 2010.
- Facebook's new click bait rule.
- Don't be too quick to accept that Friend Request!
- Facebook privacy: Secrets unveiled posted by PC World.
- 10 privacy settings every Facebook user should know (2011).
- What does Facebook publish about you and your friends? Enter your Facebook ID or alias to find out.
- How to turn on login approvals on Facebook.
Take a Facebook Vacation
You check to see how your life is without Facebook (a Facebook vacation) before moving to the next step: deactivating or deleting your account.
Make a final post telling your friends that you'll be on an extended Facebook vacation and don't revisit Facebook for at least 99 days (from the 99 Days of Freedom experiment in response to Facebook's controversial mood experiment involving some 700,000 unwitting users).
Deactivate or Delete Your Account
Every time problems with Facebook privacy are publicized, a huge portion of Google searches are for ways to delete a Facebook account (which removes your personal data rather than simply deactivating your account).
- Facebook's Help Center information on account deletion.
- How to deactivate your Facebook account posted by The Guardian.
ZoneAlarm offers these suggestions to make sure that you always stay safe and secure on Google+:
- Set up Circles: Google+ Circles let you create specific groups to share information with. Once you have created a circle, anything that you share in that circle can only be viewed by other members in the circle.
- Lock down you profile: Your profile, by default, can be viewed by anyone on the web. If you want to change this, make sure to change the appropriate settings so that only friends in your circles can see your information.
- Restricting Search Visibility: Another default setting of your profile is that it shows up in Google search results. If you don't want Google (or other search engines) to include you in the results, make sure to change your profile visibility settings.
- Lock down other privacy settings: There are many other customizable aspects of your profile that are less well-known. Some of these include being able to limit who can see people in your circles, and who can send you emails.
- Streaming to appropriate circles: When you create a post on Google+, you can choose which circles you want to share that post with. By default, Google+ will remember the circles in your previous post, and use those same circles for your next post.
- Remember that your posts may be public: If you comment on friends' posts, their privacy settings may allow others to see what you've written. Make sure to exercise caution!
Twitter Security & Privacy
Twitter security and privacy concerns are not as numerous as those with Facebook, but you still need to keep a closer watch:
- Twitter Twitter Terms of Service.
- Twitter Security Dos and Don'ts.
- Deactivating (then deleteing) your Twitter account.
LinkedIn Security & Privacy
LinkedIn is a little different in that it is designed for building professional networks rather than friendships. However, there are still some issues:
- LinkedIn account security and privacy: best practices.
- More than 6 million LinkedIn passwords stolen.
- Was your LinkedIn password hacked?.
- How to turn on two-step verification for your LinkedIn account.
You can close your LinkedIn account after which your account information is deleted and logs or backups are de-identified within 30 days.
Pinterest Security & Privacy
Pinterest describes itself as an online pinboard where you can organize and share the things you love. However, there are still some issues, particularly around the legality of copying images that aren't yours:
- Pinterest Copyright Policy. (See Copyright — Who Owns the Content? for more about copyright.)
- Pinterest's Acceptable Use Policy includes a note about intellectual property rights. (Canada has no such thing as a “fair use” exception.)
- The copyright question: How to protect yourself on Pinterest.
- Pinterest and legal issues: Read this before you pin anything.
- Pinterest security risks you need to know about.
- To pin or not to pin: 5 security risks businesses should understand around Pinterest and what they can do about them.
Updated: November 23, 2016