Are You Sharing Too Much?
500 Million Yahoo! Accounts Breached
Even if you don't use Yahoo Mail you may be using services like Tumblr, Flickr and Fantasy Football which were affected by the Yahoo! breach. Here's what to do.
There are dozens of social media services. I've only covered a few of the most common on this page, but the principles are the same with other services.
I strongly recommend that you consider carefully the services you choose and what you post on them.
When asked, most people state that they use Facebook to keep in touch with friends and family, but there is far more posted there and I'm not the only one that has concerns with the integrity of that service.
Social Media Can Cut Both Ways
Inappropriate postings on social media sites can lead to abuses of privacy, embarrassing leaks and clashes of cultures like the ones you see in the media and on the Web.
Postings can be misinterpreted and spiral into negative publicity when popular culture clashes with corporate culture.
The risk with this medium of communication is that there is minimal control, and a bad post, a hack, or an incorrect statement can make the organization look inexperienced and offensive at worst. Furthermore, social media provide more information about the employees and their functions, which can be useful information for someone who is trying to socially engineer a hack. — Carlos Pelaez
United Airlines Gaffs
An example is how United Airlines badly handled two incidents on social media in the last while:
- A couple of teens were prevented from boarding because they were wearing leggings which was against company policy for the airlines family.
- A doctor was dragged off a flight because United had overbooked.
United Airlines may have been within their rights in both cases (although it could be said that they badly overreacted). However, the travelling public saw it differently and this could cost the company millions in lost business during the peak summer travel season.
- 10 things you should never share on social media.
- Help stop cyberbullying: Words Can Save.
- The art of social media scams and how to avoid them.
- Why I deleted my social media.
10 years ago, corporations would have paid millions of dollars for the type of information that your customers VOLUNTARILY share on social media now. — Kyle Reyes — The Parallel Universe and Facebook Dark Posts
We now share publicly many things we'd never have done only a couple of decades ago.
For example, one report noted the surprising number of people reporting details about the loss of their virginity on social media sites — virtually in real time.
This isn't a wise choice.
Employers, customers, potential dating partners and spouses are just some of those that might check for information about your past. Snowden's revelations about what the NSA and others are storing should also concern you.
New U.S. border policies require you to provide access to your smart phone and social media. What you've posted may keep you from enjoying your vacation or even lead to unpleasant interrogations.
One thing that I think continues to be an issue is social network security, and people's inability to believe, for whatever reason, that what they put on social networks isn't automatically going to someday be public. — Tom's Guide
What message would a video or photo of you doing stupid things send to these folks?
Something that seemed funny at the time, might cost you that prized promotion or your dream relationship one day by portraying you as immature and irresponsible.
If it is re-posted elsewhere you might lose the ability to remove it later.
In the past, when a business folded, it physically closed. However, with brand deaths in the digital age, what will happen to the experiences, communications, customer data, and associated information left behind? — fastcodesign.com
Think Before Posting
Think before posting comments that could potentially come back to haunt you.
It appears that some folks are using the right to be forgotten (a European law) to do exactly this, but it is backfiring on them. The Streisand effect refers to the attention you bring to yourself with such requests, the reverse of what you intended.
- Protecting yourself on social networks is part of EFF's Surveillance Self-Defense.
- 6 spooky ways local law enforcement is watching you.
- Social media and law enforcement: Who gets what data and when? 2011 report by EFF has links to comparisons in .PDF and .XLS formats.
- Social Networking Monitoring by EFF lists reports about government agency monitoring of social networking services.
- Social Networking Privacy reports by EPIC.
- Identity Theft Resource Center: Social networking and identity theft.
- Safe and Savvy — Protecting the Irreplaceable is a blog sponsored by F-Secure which posts great information about remaining safe on social media sites.
Your 2000 “friends” on Facebook are not really your friends — they are potential leaks.
Check Your Account Settings
Minimize the amount of information that you are sharing by changing the privacy settings to provide information only to trusted friends and family:
- Most social networking sites allow you to create multiple groups, each with different privacy settings.
- Don't share vital information that could be used for identity theft such as your birth date, place of birth, mother's maiden name, etc.
- Minimize what can be searched by anyone or included in search engines like Google or Bing.
- Watch for inappropriate postings about you but posted by others. Take steps to have them removed.
- If you click on a scam and it creates a posting on your wall, remove it by going to your profile. Hovering over a posting shows an arrow on the right that gives several options, including “remove post.”
Norton Safe Web is a free Facebook app that will scan your newsfeeds for the Lifejacking scam and other fake links.
Read the Terms of Service
The terms of service are a legally-binding contract on the users of a social media site, just as they are with software or other places where electronic agreements are used.
These are often complex and change constantly.
You shouldn't click to accept the agreements without understanding what you're agreeing to.
- Be aware of what you're giving away.
- In many cases you are agreeing that your content will be owned by the social media site. This is understandable, given that their site has no value without content, but it may also mean you may not be able to use the same material elsewhere.
- Posting copyrighted content can result in legal action.
In general, the larger a terms of service agreement is, the more rights and freedom you're giving up.
Most Don't Read Terms of Service
Use Secure Passwords
Be sure that the information you use to log into your account is difficult to guess. Weak passwords can allow others to log into your account without your permission.
Don't Post Password Recovery Information
Watch that you don't unknowingly give away the key information needed to “recover” your password.
Many folks routinely post the sort of information used when you've forgotten your password such as where you were born, your favourite teacher or sports teams, family names and relationships, etc.
Because this information is so frequently posted on social media sites it create a huge risk to all your on-line accounts (including access to your bank account).
Deactivate or Delete Your Account
If you are no longer using a social media site (i.e. if you've moved to another site or just don't check your account any longer) you should delete (not suspend) that account for your own protection.
- How to Delete an Account from Any Website posted by PC Magazine.
Who Owns Your Private Data?
Your right to withhold private information ends the minute you post it onto a social media site. While the terms may allow you to remove it later, it could have gone viral and you no longer control its propagation.
A movie called The Circle takes the right to privacy to the extreme. The company's CEO states:
Privacy is theft! Knowing is good but knowing everything is better.
…[P]eople believe they own their data. Even though the user agreement might technically give companies the right to sell the data, change the access rules to that data, or otherwise own that data, we — the users — believe otherwise. — Bruce Schneier
You are the Product
If the service is free, then you are the product. — The Day We Lost Everything
Facebook is probably the largest social media site. Most people say they use it to communicate with family and friends, but there is a huge amount of sharing of third-party images and gossip.
While this may be entertaining, too many people take what they read on Facebook seriously, and they shouldn't.
Facebook allows a wide mass of its users the freedom to spread fake news (which they won't regulate), while simultaneously working to prevent another group from sharing actual news. — Damon Beres on Mashable
Fake news is a huge problem on the Net. Part of the problem is that social media sites have allowed things to go viral based upon emotion and at face value. Seldom does anyone fact-check the story before reposting rumours and innuendo.
If Wikipedia's rules were applied to Facebook? Oh my God! They'd lose 99 percent of their content. — Victor Grigas on Vice.com
Privacy? What Privacy?
Facebook makes money from advertising, so they make it complicated for you to use their site in a way that interrupts their ability to collect your personal information for advertisers.
Although we can stop Facebook and Facebook advertisers from tracking you when you are not on Facebook (blocking “Like” buttons, etc.) there's nothing that our tracker blocking — or anyone else — can do about Facebook when you are actually ON Facebook. Anything you voluntarily post, including photos, comments, interests, and your location, is used for tracking purposes.
Our best advice is to set strict privacy settings, limit what you share, and avoid games & apps (they are marketing companies in disguise). Facebook isn't truly a free service; it is paid for by its users' information. — Blur (formerly DoNotTrackMe)
Facebook's Zuckerberg said in 2010 that the age of privacy is over. This is the same guy that bought all the houses surrounding his to increase his privacy while making his living mining the privacy of others.
- 98 personal data points that Facebook uses to target ads to you.
- Facebook's DeepText seeks to understand everything you post.
- You won't like what your Facebook 'Likes' reveal.
- How you can use Facebook to track your friends' sleeping habits.
- The Evolution of Privacy on Facebook — changes in default profile settings over time.
- Facebook gathered 1200 pages of data on an Irish law student.
- “Facebook security” posts on ZoneAlarm's blog.
The Facebook IPO scandal showed more concern about being the largest IPO in history than telling the truth. Facebook isn't your "friend."
Controlling Your Facebook Privacy
The following sites will give you some tools to manage your Facebook privacy settings:
- Facebook privacy tips: How to share without oversharing from the Mozilla blog.
- Facebook Security: How to keep your account secure is Facebook's own information on security.
- 11 things you might want to stop doing or delete from your Facebook profile to protect your privacy .
- Facebook privacy: A bewildering tangle of options posted by The New York Times in 2010.
- Facebook's new click bait rule.
- Don't be too quick to accept that Friend Request!
- Facebook privacy: Secrets unveiled posted by PC World.
- 10 privacy settings every Facebook user should know (2011).
- What does Facebook publish about you and your friends? Enter your Facebook ID or alias to find out.
- How to turn on login approvals on Facebook.
Take a Facebook Vacation
You check to see how your life is without Facebook (a Facebook vacation) before moving to the next step: deactivating or deleting your account.
Make a final post telling your friends that you'll be on an extended Facebook vacation and don't revisit Facebook for at least 99 days (from the 99 Days of Freedom experiment in response to Facebook's controversial mood experiment involving some 700,000 unwitting users).
Deactivate or Delete Your Account
Every time problems with Facebook privacy are publicized, a huge portion of Google searches are for ways to delete a Facebook account (which removes your personal data rather than simply deactivating your account).
- Facebook's Help Center information on account deletion.
- How to deactivate your Facebook account posted by The Guardian.
ZoneAlarm offers these suggestions to make sure that you always stay safe and secure on Google+:
- Set up Circles: Google+ Circles let you create specific groups to share information with. Once you have created a circle, anything that you share in that circle can only be viewed by other members in the circle.
- Lock down you profile: Your profile, by default, can be viewed by anyone on the web. If you want to change this, make sure to change the appropriate settings so that only friends in your circles can see your information.
- Restricting Search Visibility: Another default setting of your profile is that it shows up in Google search results. If you don't want Google (or other search engines) to include you in the results, make sure to change your profile visibility settings.
- Lock down other privacy settings: There are many other customizable aspects of your profile that are less well-known. Some of these include being able to limit who can see people in your circles, and who can send you emails.
- Streaming to appropriate circles: When you create a post on Google+, you can choose which circles you want to share that post with. By default, Google+ will remember the circles in your previous post, and use those same circles for your next post.
- Remember that your posts may be public: If you comment on friends' posts, their privacy settings may allow others to see what you've written. Make sure to exercise caution!
Twitter Security & Privacy
Twitter security and privacy concerns are not as numerous as those with Facebook, but you still need to keep a closer watch:
- Twitter Terms of Service.
- Twitter Security Dos and Don'ts.
- Deactivating your Twitter account. Deactivation puts your account in a queue for permanent deletion from Twitter.
Controlling Your Twitter Privacy
The following sites will give you some tools to manage your Twitter privacy settings:
- A guide to Twitter's privacy settings from the Mozilla blog.
LinkedIn Security & Privacy
LinkedIn is a little different in that it is designed for building professional networks rather than friendships. However, there are still some issues:
- LinkedIn User Agreement.
- LinkedIn Help Center.
- LinkedIn account security and privacy: best practices.
- How to turn on two-step verification for your LinkedIn account.
You can close your LinkedIn account after which your account information is deleted and logs or backups are de-identified within 30 days.
Pinterest Security & Privacy
Pinterest describes itself as an online pinboard where you can organize and share the things you love. However, there are still some issues, particularly around the legality of copying images that aren't yours:
- Pinterest Copyright Policy. (See Copyright — Who Owns the Content? for more about copyright.)
- Pinterest's Acceptable Use Policy includes a note about intellectual property rights. (Canada has no such thing as a “fair use” exception.)
- The copyright question: How to protect yourself on Pinterest.
- Pinterest and legal issues: Read this before you pin anything.
- Pinterest security risks you need to know about.
- To pin or not to pin: 5 security risks businesses should understand around Pinterest and what they can do about them.
Instagram Security & Privacy
Instagram security and privacy concerns are not as numerous as those with Facebook, but you still need to keep a closer watch:
- Instagram Community Guidelines.
- Disabling or deleting your Instagram account.
Controlling Your Instagram Privacy
The following sites will give you some tools to manage your Instagram privacy settings:
- Understanding Instagram's privacy settings from the Mozilla blog.
- Instagram Privacy Settings & Information.
- Why do Facebook and Instagram share information?