B2B Marketers » Reach Pre-Qualified IT Decision Makers with a Custom Lead Gen Program » Get Details
Welcome Guest | Sign In

Torrent of Public Facebook Info Fires Up Privacy Debate

By Kimberly Hill E-Commerce Times ECT News Network
Jul 29, 2010 2:45 PM PT

It's likely not illegal, and it may not even be improper, but the fact that security consultant Ron Bowes gathered and aggregated the information from about 100 million Facebook profiles has created quite a stir. Bowes created his data torrent to aid the development of a password-cracking-protection tool, he has said in interviews with a number of media outlets. To do that, he needed the names of many thousands of individuals and the user names they likely would have on an account.

Torrent of Public Facebook Info Fires Up Privacy Debate

However, Bowes has also made the compiled data file publicly available, and it has been replicated on many sites across the Internet, including The Pirate Bay. It contains the user name, real name, and publicly accessible information from all the users who have, knowingly or not, allowed this information to appear in the publicly searchable directory on Facebook.

For anyone who now has what was thought to be private information floating around in cyberspace, this is a very bad thing. However, it is not such a bad thing in general, Jennifer Golbeck, assistant professor of information studies at the University of Maryland, told the E-Commerce Times.

"There has to be something to spur people to be concerned about their privacy settings on Facebook," she said. Perhaps this will be it.

Online vs. Real Worlds

The issue is that users of social networking services still fail to apply the same care they have about private information in the real world to the online world, explained Golbeck.

To be sure, there is a core of Facebook users who first created their accounts as college undergraduates five years ago. Their current counterparts tend to understand much more about online common sense, Golbeck noted.

Unfortunately, many of them learned it by having pictures of themselves drunk at parties viewed by prospective employers, she added.

However, Facebook's rapid expansion into populations other than its original core means that people much less savvy about online privacy are now added to the mix. These people -- retirees, soccer moms, mid-career professionals -- have not yet taken their lumps on Facebook and thus may be naive about the potential for problems.

Our Fault, Facebook's Fault

There seems to be a consensus that Bowes did nothing particularly untoward in gathering this information, although Facebook has asserted that it has a policy against automated gathering of directory and profile information, and it appears that he did indeed step across that line.

Likewise, "Facebook did nothing improper," noted Greg Sterling, founder and principal of Sterling Market Intelligence.

Still, there is much fault to be found on both sides of the privacy equation.

The service still needs to "play a significant role in educating users about privacy and giving them tools to control who can access their information," Sterling told the E-Commerce Times.

The tools currently available are difficult to use and can be confusing, stressed Golbeck.

For example, the change in groups the service made several months ago created automated "Like" links in such information as a person's college or employer. Thus, a user appears as a friend of each group that either appears in a profile or which has been checked with the "Like" button.

This change was made largely without user knowledge, said Golbeck. In fact, as an information services professor, she still had to dig to find the information and adjust her own privacy settings to her preference.

Also at fault, of course, are members of social networks who fail to take their online privacy and security seriously enough to take the time to understand and use the privacy settings provided.

Although no protected information was released in Bowes' torrent, "many people will still be disturbed by the implications of this event -- that data can be harvested and distributed across the Internet so easily," noted Sterling.

What are those implications? Well, one is the fact that the bad guys are armed with more data.

"With this kind of information, an attacker can better appear to be someone you trust and send you links that you shouldn't click on," Rob Enderle, founder and principal of Enderle Group, told the E-Commerce Times.

In addition, "they can better impersonate you and attack others and do questionable things and have those things track back to you and not them," he added.

Waylay IO
If my employer requires me to return to the company's office full-time to perform my job, I will...
Agree, because I like my job regardless of where I perform my duties.
Comply, because I can't afford to lose my current job.
Go with the flow, but start looking for different employment.
Resign immediately, so I can dedicate all of my time to find a job that better suits my needs.
Try to negotiate a hybrid work from home / work in office arrangement with my employer.
Contact Center AI Explained by Pop Culture