Security & Privacy + Security News

We all kinda love Facebook, even though many of us hate to admit it. The social networking behemoth is integrating with everything else on the web, bit by bit, whether we like it or not. And they’re not the only site doing this—what a lot of Internet users still fail to realize is that for social networking sites, the users are their product. Everything we like, everything we enter on partnered websites, we need to consider it public information because it is of value to those sites and their advertisers.

There have been two particularly galling examples of the lack of privacy on Facebook recently:

1. Exploiting Our “Likes”

With no particular rhyme or reason as to which page is chosen, Facebook has been putting posts in people’s newsfeed from pages that a user Likes. It could be a page that you Liked months ago that you may not even remember is in your list. Most of us at one point or another have probably Liked pages that might displease a coworker, friend or relative. For some of us, this might not actually be a problem. But for others it could cause embarrassment or even worse. Oh, you didn’t mean to out your political affiliation, your sexual orientation or maybe your questionable musical taste? Too bad, that’s just not in the advertisers’ best interest.

This is a more prominent extension of the sidebar item that tells us which of our friends have Liked pages we too might like. The main difference with this new action is that to those people not looking closely, it might appear that the friend in question has actually shared the article Facebook is posting on the friends’ behalf.

On Facebook, we can see your Likes in the sidebar…

…and now we see shared posts from your Likes in the newsfeed.

The newsfeed is supposed to be just about things that we intentionally post. This latest action changes that. We can no longer trust that what shows up in our newsfeed is content that has been knowingly generated by a person. It could be posted by an advertising-bot that has no concern for what might be considered private information.

2. Trumpeting Our Personal Information

The second instance has to do with Glassdoor, a site that is integrated with Facebook. Ostensibly Glassdoor relies on anonymous salary and company-related information from its users, but when its data is correlated with Facebook friend lists, it could be revealing more information than anyone intended. What is not “Personally Identifiable Information” by itself becomes far more so when it’s paired with the right bit of context.

Most of us consider salary talk taboo. I could count on one hand the number of people who I have told how much money I make, and I’d still have several fingers left over. And yet, people are posting this information “anonymously” online. I understand, from a certain perspective, why this is useful and for a greater good. But would people be doing it if they realized how easily this information could be tracked back to them when a friend list is associated with their data? It behooves a company, if they want people to keep sharing anonymously, to better protect their users’ privacy.

Sign into Glassdoor with Facebook…

…and see your Facebook connections.

Regardless of how locked down and protected we keep our settings, social networking sites contain people who we know to varying degrees. For any number of reasons, most of us don’t wish to share every detail of our lives with everyone we connect with on the Internet, even if that person is a very close friend. The Intertubes are leaky; this is a fact of life. It may be accidental because someone made a mistake, or it may be entirely intentional because a company’s privacy practices are shady. Either way, we need to be aware that what we’re sharing may not be as private as we think.

It certainly decreases the value of being able to freely express ourselves on social networking sites if we have to be concerned with what one person can see versus another. But we need to weigh the value of sharing in light of this lack of privacy.

If you do wish to reign in that privacy a little bit longer, here are a couple tips:

• Go through your Likes list and make sure it doesn’t contain anything you wouldn’t want all your friends to see
• Check sites where you have posted potentially damning data. Make sure what you have out there is something you would be okay with your grandma, your neighbor or your boss knowing about you.

Does this increasing lack of privacy concern you? If so, are you fighting tooth and nail to retain what privacy remains? Or are you quietly adjusting to a new age of digital overexposure?