Social networks are wildly popular but can be pretty risky if you want or need to maintain privacy. Sharing is great – you just need to be careful about what kind of information you share and who you are sharing it with. A German IT security group released a report earlier this year on the dangers of social networking and how to be smarter about using them. We take a look at a few of their recommendations for keeping more of your privacy intact on Facebook and Co..
Digital security is not only about protecting your email communications and using secure passwords. It’s also about how you manage your online identity in social networks such as Facebook, LinkedIn, Twitter or Google+.
It’s true that for journalists, the use of social networks can be useful. Reporters can find contacts, share their work, build up a following, even crowdsource information. But there are downsides to these very public forums. Your social media profiles can be used to discover your interests, activities, social interactions and even your address and phone number.
This kind of knowledge in the wrong hands can be perilous for some.
Recently, the Fraunhofer Institute of Secure Information Technology, a German research organization devoted to IT security, published an extensive report (in German) that explores the potential dangers of social network use. The analysis also provides tips on how to minimize the risks.
Here are some of the most important issues touched on in the report.
Dangers of using social networks
When using social networks, you should keep in mind that privacy protection is very difficult, if not impossible. In fact, your default attitude should be: “I’m giving up a lot of my privacy here.”
Many users are unaware (blissfully or not), that uploading data to a social network like Facebook and others entails giving up a lot of rights to that information, often irrevocably. Sometimes that involves information going to marketers and advertisers so they can tailor ads to you. But sometimes it involves giving it to other parties.
Even if you have set your settings in a way that limits the sharing of your information, users should simply assume that their data could fairly easily be accessed by a court order or government programs such as Prism, the mass electronic surveillance data mining program known to have been operated by the US National Security Agency (NSA) since 2007. (It has been reported that Facebook was a provider of data to Prism alongside Microsoft, Skype, Google and Yahoo.)
In Europe, Facebook has generated anger over collecting “shadow profiles” of persons who don’t have a Facebook account and saving the postings and messages that users have deleted. Moreover, photos you think you deleted on Facebook used to take up to three years to disappear! Things have gotten a lot better now, however photos still can remain on Facebook servers for a while even after you’ve erase them.
The simple lesson: be careful about what you post
Facebook, in particular, has come under a lot of fire for its privacy policies. News about the frequent changes, such as default settings or new functions that can erode users’ privacy further, are often not communicated as directly and clearly as many would like. For those who want the latest information should go to the Facebook Site Governance page and click “like”.
In addition, while location-based services can be great to getting directions or finding good, nearby restaurants, they can be dangerous for journalists and their sources in crisis regions.
Services and apps like Foursquare, Google Places, Google Latitude, Facebook Places and Twitter mobile app are based on the user location data. You can deactivate location data on Google and Facebook, however, keep in mind that other people can reveal your location by tagging you on a photo or mentioning you in a status update.
So there are lots of challenges out there for privacy-loving people signed up on social networking services. But there are a few ways to stay safer. Let’s look at a few. We’ll focus on the world’s most popular social-media site.
Stop Facebook tracking your activity on other websites
Many websites integrate social plugins from social media services in the interests of marketing and advertising to people who visit them. This allows social media sites to gather data about users and sometimes learn about their surfing habits.
In 2008, Facebook launched Facebook Connect, which is technology that enables users to connect their Facebook account with any partner website. While it adds convenience, it also increases Facebook’s tracking capabilities. So, to prevent Facebook from tracking your activity on other pages where the Facebook Connect login is used, install the extension Facebook Disconnect which is available for Chrome, Safari and Firefox browsers and blocks all traffic from third-party sites to Facebook servers.
Also, it’s a good idea, Fraunhofer says, not to leave Facebook running in the background or open on one of your browser tabs. Log in, check your newsfeed and log out.
Beware of malware and viruses
Social networks like Facebook are fertile territory for cyberattacks and they’re being increasingly used to spread malware or use phishing methods to access your private data (read about an example sent to Syrian activists). The nature of social networks is that it connects you to people you know and may trust, so many people click on links or messages without thinking twice.
Cybercriminals and some government authorities are adapting and adopting new ways to escape detection by using social networks.
In general, never open attachments – even from friends you know – on social networks unless you are expecting the attachment. Also be suspicious of any link, message r wall posting that requires an additional log in or requires you to check your account information. It’s the same caution you should apply to email attachments. A message to you out of the blue and lacking context should raise a red flag.
Always update your software as soon as updates are released, make sure you’ve got a good anti-virus program running and install a firewall.
Be smart about your social media interaction
Think before you click OK on a dialog box that pops up in Facebook or other services. Often without realizing, you’re giving away the keys to the house. Better to refuse to allow access to certain things. Some of the functionality might be gone, and maybe you can’t play Farmville all day, but you’ll sleep better at night knowing that you’re making it harder for Facebook to track your activity, and maybe those of your contacts.
- Never let Facebook and other social media import the data from your address book. This happens especially easily when accessing Facebook on a smartphone or tablet.
- Don’t use the Find Friends app.
- Be cautious when installing external apps. Do you really need it, and does it ask to access your profile information and contacts? Many of them do.
- See what you’ve installed. Go to Settings and then click on Apps on the left-hand side of the screen. That will take you to a page where you can check on the apps you’ve authorized and remove those you don’t use anymore. (I just did this and removed about six apps I didn’t even know I had installed.)
Be cautious about contacts
- Always think twice before adding someone to your contacts. Do you know this person? Trust them?
- It’s a good idea to group your contacts so that you can show certain information to certain groups of people instead of sharing with everyone.
- Check the rights you’ve granted your contacts. Pay attention to crucial functions like tagging you in photos or commenting on your wall.
Adjust, and keep adjusting, your privacy settings
- Always keep in mind you privacy settings. Define who can see your personal information. In that case, be stingy rather than generous with your infomation.
- If you don’t want your profile information to be seen outside of Facebook, make sure that search engines can’t find your timeline (Settings -> Privacy –> Who can look me up?).
- If you don’t want your friends to see ads based on your activity such as liking a page, go to Settings -> Ads and change the settings.
- Facebook is notorious about changing its privacy settings and default options. So keep abreast of the changes or as we said before, like the Facebook Site Governance page.
Protect your account from hackers
- Use secure passwords and two-step authentication (Account settings -> Security -> Login Approvals). Two-step authentification can stop someone taking over your account even if they have your password. You can read more about it here.
Tactical Tech have an excellent Facebook Security Guide guide which leads through how to change basic settings, how to update privacy settings, and how to deactivate or delete your Facebook account.
To learn more about the extensive data Faceook stores about you, visit Europe-vs-Facebook.org.
Written by Natalia Karbasova and Kyle James, edited by Kate Hairsine