Technology Review
FaceCloak lets users hide sensitive updates from prying eyes, including Facebook's.
Social networks are rife with examples of users failing to understand the privacy implications of posting sensitive information online.
In February, for example, school officials in Wisconsin suspended a teacher who posted on Facebook a picture of herself pointing a gun at the camera. In April, the Swiss insurance company Nationale Suisse fired an employee after she called in sick and then posted updates on the same site. Others have raised concerns about users handing so much personal information to social-networking companies themselves.
Now, researchers at the University of Waterloo in Ontario have developed a browser plug-in to help users keep their information private from prying eyes and from social-network providers as well. Urs Hengartner, an assistant professor of computer science, and his colleagues say the plug-in replaces sensitive information in a user's profile and news feed with meaningless text that can only be unscrambled by trusted friends or contacts. Dubbed FaceCloak, the tool assures its users that sensitive data stays private, Hengartner says. "If you have a particular illness, you might want to allow only your friends to see that," he says. "This leaves it up to the user to decide what information to keep away from Facebook."
The tool is the latest shot in a battle between social networks and privacy-conscious users. Most users of Facebook, MySpace, and other social networks remain unaware of the privacy implications of posting personal information to such sites, says Alessandro Acquisti, an associate professor of information systems and public policy at Carnegie Mellon University.
In 2005, Acquisti and fellow CMU researcher Ralph Gross showed that nearly 80 percent of Facebook users revealed their birthday publicly and the majority provided public access to their real-world addresses--information that could be used to commit identity theft. "You feel like you are talking to a friend casually in a conversation, but in reality you are publicizing information in a forum where it will stay for a long time," Acquisti says. "Privacy is not the first thing you think of when you use a social network."
Nowadays more people appear to be privacy conscious. In a more recent study, Acquisti's group found that 30 to 40 percent of users change the default privacy settings to take greater control of their information. But social networks themselves have not been good protectors of privacy, Acquisti says, because monetizing personal information is a potential gold mine. This is demonstrated by Facebook's Beacon advertising service, which allows affiliates to tailor advertising according to users' activities on Facebook and beyond.
Making more user information public has both privacy and security dangers, experts warn.
Economics may explain why it's so hard to find and configure privacy settings on many social networks.
Researchers find a way to identify individuals in supposedly anonymous social-network data.
Bob,
Are you aware of anyone working on a hierarchical, compartmented security scheme that could be applied to social networks? This would be much like the USG system which narrows access as information becomes increasingly sensitive.
Differentiated, encrypted data is nice but it's still basically a one size fits all solution.
Philosophically it is probably antithetical to the idea of social networking; but, yes, I am interested in being able to rank my "friends".
I am looking forward to the design of Google Wave vis-a-vis this issue.
Rip
Re: Social Networking Security
People are free to use it or not, so it's alright like this.
I agree in PART with the person who said 'don't publish to start with'. The main issue seems to be that people do not engage their brains before hitting 'publish' or 'send'. People need to think about who might be seeing their comments/pictures and whether they really want them in the public domain. Not only do they need to consider their own privacy but the privacy of others - every time they post a photo of a friend or comments about a friend without checking they are taking aways someone elses right to privacy. It's quite frightening what some people will share without second though about themselves and/or others online.
The other issue is employers and businesses now seem to think they have a right to dictate an employees behaviour outside of the work place - even where that behavior has no relationship or link to their job - it's a total violation of their employees right to privacy and the act of firing staff based on a photo seems to rely strongly on "what if" scenarios rather than any actual threat or loss of reputation. It may even be the employer that starts the public outcry and witch hunt in the first place.
I recommend Daniel J Solove's papers as interesting reads when it comes to identity, reputation and privacy online.
It irks me when social networks and websites demand our 'real names' and have a lot of mandatory fields (not that they are always given the truth) - and where people are penalised for using online identities instead of their real name and information - when often, it's the smart thing to do. Businesses wish to identify their users - either to market to them or to ensure they are an age appropriate group (often both) but the users of the same services, by sharing details, at at risk (identity theft, violation of their right to privacy, damage to reputation). There is a gap between what might be helpful from a legal/business sense and what might be smart from a personal point of view.
I have no answers - but I certainly have lots of questions on these matters. There's a wealth of articles on issues of privacy; reputation and identity out there and I think the gap between the issues and the answers is getting wider. The topics are interesting ones that need to be considered in a little more depth by the general population.
I have searched for the plug-in, yet every citation of this returns me back to this article. While it is a good idea and maybe not practical in usage - a thought occurred. Possibly the use could be as a retraction, if one accidentally posted gibberish or something factually incorrect. Of course, this type of technology would be nice for other social networking websites like Twitter or Ping.fm
Best Regards,
--Morris
Manufacturing in the United States is in trouble. That's bad news not just for the country's economy but for the future of innovation.
On Twitter
Become a Fan on Facebook
Subscribe to the Feed
lasertekk
146 Comments
Better idea
Better idea: Don't post it in the first place. Problem solved.
Reply