Facebook privacy settings stir debate on ID theft, worse
Women are joining Facebook in droves, but Colleen Moss refuses to sign up.
Too risky, says the head of the FBI’s North Carolina cybercrimes unit. Too many personal clues, she says, for shady characters to use for identity theft or worse.
“People need to realize that the Internet is not their personal diary,” she says. “It is a public domain, and if they don’t want people to know things about themselves, they need to keep it to themselves.”
She’s not the only one worried about privacy on social networks.
The Palo Alto, Calif.-based Facebook faces a growing backlash over its effort to push more details about its nearly 500 million members’ lives and habits from the private to the public sphere.
Facebook recently made more user information public by default, requiring members to master complex privacy steps to shield their information. This sparked a strong debate about privacy online.
Facebook officials say making more information public lets them give members a more personalized Web browsing experience and stronger connections with people and pages they like.
The QuitFacebookDay.com site encourages users to quit May 31, with nearly 15,000 pledges and counting. New scrutiny has also spawned a host of websites aimed at demonstrating how widely available sensitive posts can be. One of them, www.youropenbook.org, features a search engine that lets anyone type in a keyword or phrase – “lost my job,” for example, – and pull up every Facebook status update that contains the phrase.
But Tim Sparapani, Facebook’s head of public policy, said in a radio interview last week that the company will be rolling out simpler controls “in the next couple of weeks” in response to users’ concerns.
That might be a better reflection of business necessity than the company’s beliefs about privacy. The Wall Street Journal reported last week that Facebook’s CEO, Mark Zuckerberg, has at times overridden concerns from employees who believe Facebook should make more information private by default.
He has said he believes people will, over time, grow comfortable sharing more of their information publicly.
The whole issue makes some users uneasy.
Jim Mitchem, a Charlotte social media consultant, blogged last week that “when you think about it, Facebook’s kind of creepy. Yes, it’s brilliant in its core concept as a sharing platform … but they probably know more about your lifestyle than you’re comfortable with.”
Hal Lohn, a digital forensics expert at Central Piedmont Community College, said he doubts Facebook will give up its push to move more information to the public realm.
“If information is money,” he said, “then this is going to be the battle.”
But sharing information is what social media is all about, says one expert.
Jason Keath, a social media consultant and founder of Social Fresh, a social networking conference held across the country, said the risks inherent in sharing on a public platform like the Web are outweighed by the value of the relationships people form on social networks.
“People are social. They’re happier in relationships,” he said. “You can’t invest in relationships or build new relationships without extending some of yourself. Otherwise it’s not social and there’s no benefit.”
People just have to remember, he added, that they’re speaking in a public forum and exercise the same kind discretion they use when out in public physically.
Cybercriminals are trolling
For all the debate about privacy, some people don’t see what they should be worried about, beyond getting more e-mails from aggressive marketers and corporations.
In Great Britain and Australia, there have been high-profile murder cases in which police say the victims died at the hands of strangers they met on Facebook. But there appear to be few, if any, such cases in America.
Police and Internet security experts, however, say they see cybercriminals putting more emphasis on trolling social networks for victims.
The FBI’s Moss said she couldn’t talk about any ongoing cases, but she noted that the eight agents in her unit are handling an increasing number of cases where online criminals use social networks to pass malicious codes and viruses along social circles.
Two years ago, she noted, there were no such codes targeting social networks. By last year, 19 percent of malicious viruses and codes focused on social networks.
“We get at least two calls a week that we end up tracing” to such attacks, Moss said. “If you’re trying to make a quick buck, you go where the victims will be. And everyone knows (social networking) is the hot place to be.”
Noting that the Facebook system allows friends of friends of friends to gain access to your information, she said it isn’t hard for strangers to slip into your circle.
Criminals can use details from your page – where you work or live or hobbies you enjoy – to craft e-mails personalized to induce you to click on their malicious attachments.
Often, Moss said, those attachments can copy personal data off your hard drive.
“People have an image of unsophisticated hackers out there stealing their information,” said Adam Palmer, lead cyber-security adviser for Norton Security. “But organized crime realizes there’s big money” to be gained online.