Have you ever wondered why certain ads show up in the right hand corner of your Facebook page? A closer look at these ads and you will be surprised at the volumes they speak about your lifestyle choices – be it exclusive shoes from an e-retailer or a self-development course! How does it all happen?
The Unique Facebook ID (UID) is a number assigned to each user – this being the most public part of the Facebook profile. Anyone with a browser can look up a person’s name with the UID even if that profile is set to be private. For others, it reveals all the information they have set to share with “everyone” like age, occupation, photos, location etc.
Apps are considered to be an important way for Facebook to extend the utility of its network and converting it into a hub of activity. They are also a growing source of revenue beyond advertising for Facebook itself.
Here are a few examples to help you understand the working of the apps and how your information is used:
- Applications like FarmVille or Texas HoldEm Poker when given access to, request for permissions and data elements like your friends’ data (email address, current location, sexual preference, status updates, birthdays etc.). So even if you never connect your Facebook account to a single app, dozens of them may still have access to your profile information via your Facebook friends.
- When you keep your location up-to-date on Facebook it just gets scarier with the “Maps” feature which can be used for geo-tagging. It gathers data from a user’s location like IP address, location, type of browser used or pages visited. This data is collected even when a friend has GPS on and tags you in a photo that is being uploaded from a mobile phone.
- If you have to RSVP on Facebook to an ‘Invite’ for a party or an event hosted by your local club and you click “Attending”, your plans are aired to your entire network – whether you realise it or not!
“Sponsored Stories” are an effect of your ‘RSVP’ activity. Every time you like a brand or respond positively to a public event, companies can let your friends know that you are attending an event with hopes of getting a positive response from them too. Your information thus becomes available for brand ambassadorship!
- You find that your friend has read an article that interests you through the Washington Post Social Reader. The moment you click that link, the app requests for permission before reading the article. The working of this app doesn’t require prompts before sharing the activity. So once you start clicking, your activity is reflected on others’ mini-feed. Thus, even without direct access your reading habits are exposed for anyone to access.
- You have given access to “My Calendar Birthdays” and you have liked your bank’s Facebook page. Under your Facebook list of family members is included your mother, whose profile is searchable under both her maiden and married name.
Put the two together and any cyber crook can use this information to steal online identities, from bank accounts to email inboxes and social profiles. This not only puts your accounts at risk but it can also be used to spread spam and other malware to your friends accounts.
This provides ample opportunity for data brokers to gather data from Facebook profiles and compare it with public browsing habits, creating a mine of data that can give any ad firm or a cyber crook a field day!
How do you prevent this? Have extremely conservative privacy settings – remove applications that you don’t use and edit the settings for the ones that you do. If any application requests for data that you are not comfortable sharing, revoke that access. If access is required for that app, remove it. You can also have Internet Security software, with parental control features like Quick Heal provides, in place that would allow or block access to only specific sites.
In an attempt to have an overly social experience of making the world a smaller place to live in, what we’ve actually ended up with is a situation where the boundary between what is sacredly private and personal and what is public is heavily blurred. This is a situation that demands that users be educated about the implications of privacy policies and what it means to make personal information public.