Are You Sharing Too Much?
There are dozens of social media services. I've only covered a few of the most common on this page, but the principles are the same.
I strongly recommend that you consider carefully the services you choose and how you use them.
[R]esearch has consistently shown that users of online platforms rarely adjust default privacy settings and often fail to understand what information they are sharing. — The Washington Post
Think Before Posting
Think before posting comments that could potentially come back to haunt you.
When posting or storing information on social media you are no longer in control of what happens to it. There is a good chance that sooner or later you'll find that your trust has been violated.
Anything you voluntarily post [on Facebook], including photos, comments, interests, and your location, is used for tracking purposes. Our best advice is to set strict privacy settings, limit what you share, and avoid games & apps (they are marketing companies in disguise). Facebook isn't truly a free service; it is paid for by its users' information. — DoNotTrackMe (now, Blur)
10 years ago, corporations would have paid millions of dollars for the type of information that your customers VOLUNTARILY share on social media now. — Kyle Reyes
- How to make your social media accounts as private as possible.
- How to start fresh again on social media.
- Social Networking Privacy reports by EPIC.
Employers, customers, potential dating partners and spouses are just some of those that might check for information about your past. Something that seemed funny at the time, might cost you that prized promotion or your dream relationship one day by portraying you as immature and irresponsible.
In the past, when a business folded, it physically closed. However, with brand deaths in the digital age, what will happen to the experiences, communications, customer data, and associated information left behind? — fastcodesign.com
Snowden's revelations about what the NSA and others are storing should also concern you.
Don't Log into Sites with Your Social Media Accounts
By signing into a website using your Facebook, LinkedIn or Twitter account may be convenient but you're giving that website unlimited access to your social media profile (your interests, friends, occupation, religion, political views hobbies, etc.) which can allow for much more personalized interactions with you (i.e. targeted ads).
Fake news is a huge problem on the Net. Social media sites have allowed things to go viral based upon emotion and at face value.
Consider this sobering statistic from a recent MIT study: on Twitter, lies are 70% more likely to be retweeted than facts. Somehow, the information age became the misinformation age. — Mozilla
Truth in what we read online has degraded into "post-truth" where emotion and what we believe is seen as more important than facts.
After much discussion, debate, and research, the Oxford Dictionaries Word of the Year 2016 is post-truth — an adjective defined as “relating to or denoting circumstances in which objective facts are less influential in shaping public opinion than appeals to emotion and personal belief”. — Oxford Dictionaries
Your 2000 “friends” on Facebook are not really your friends — they are potential leaks. Posting on social media is the antithesis of privacy.
Check Your Account Privacy Settings
The search features of social media sites like Facebook have been used for malicious purposes and to add posted personal information like phone numbers, email address, hobbies, home town, photos and more to what they already know.
You shouldn't have to be a settings wizard in order to enjoy a popular platform in a safe, private way. Platforms should protect your privacy by default and by design, collecting information only with your affirmative, informed consent. You should have meaningful control over your information and your experience.
And, if you decide that a particular platform isn't doing a good enough job protecting the data you've entrusted it with, you should be able to leave and take all your information with you.These are just a few of the privacy rights that any responsible social media platform should provide for its users. — EFF
Minimize the amount of information that you are sharing by changing the privacy settings to provide information only to trusted friends and family:
- Most social networking sites allow you to create multiple groups, each with different privacy settings.
- Don't share vital information that could be used for identity theft such as your birth date, place of birth, mother's maiden name, etc.
- Minimize what can be searched by anyone or included in search engines like Google or Bing.
- Watch for inappropriate postings about you but posted by others. Take steps to have them removed.
- If you click on a scam and it creates a posting on your wall, remove it by going to your profile. Hovering over a posting shows an arrow on the right that gives several options, including “remove post.”
Read the Terms of Service
The terms of service are a legally-binding contract on the users of a social media site, just as they are with software or other places where electronic agreements are used.
These are often complex and change constantly.
You shouldn't click to accept the agreements without understanding what you're agreeing to.
- Be aware of what you're giving away.
- In many cases you are agreeing that your content will be owned by the social media site. This is understandable, given that their site has no value without content, but it may also mean you may not be able to use the same material elsewhere.
- Posting copyrighted content can result in legal action.
In general, the larger a terms of service agreement is, the more rights and freedom you're giving up.
Most Don't Read Terms of Service
Most people don't read the entire terms of service, simply glancing at it.
Most people balk when seeing large blocks of legal speak. Hence, the term tldr (too long; didn't read).
Use Secure Passwords
Be sure that the information you use to log into your account is difficult to guess. Weak passwords can allow others to log into your account without your permission.
Don't Post Password Recovery Information
Watch that you don't unknowingly give away the key information needed to “recover” your password.
Many folks routinely post the sort of information used when you've forgotten your password such as where you were born, your favourite teacher or sports teams, family names and relationships, pets, etc.
We found that 51% of people believe there is no way a hacker could guess one of their passwords from information they've shared on social media. But we know hackers aren't dumb — if you're being targeted and don't have a strong password guarding your account, it would take a hacker seconds to do a search on your social media profile, learn the name of your pet, family member — even learn when your anniversary is — and use that info to guess your password. Don't make it that easy for them — try to be a bit discreet on social media. — LastPass Blog
Because this information is so frequently posted on social media sites it create a huge risk to all your on-line accounts (including access to your bank account).
Deactivate or Delete Your Account
If you are no longer using a social media site (i.e. if you've moved to another site or just don't check your account any longer) you should delete (not suspend) that account for your own protection.
- How to Delete an Account from Any Website posted by PC Magazine.
Who Owns Your Private Data?
Your right to withhold private information ends the minute you post it onto a social media site. While the terms may allow you to remove it later, it could have gone viral and you no longer control its propagation.
A movie called The Circle takes the right to privacy to the extreme. The company's CEO states:
Privacy is theft! Knowing is good but knowing everything is better.
…[P]eople believe they own their data. Even though the user agreement might technically give companies the right to sell the data, change the access rules to that data, or otherwise own that data, we — the users — believe otherwise. — Bruce Schneier
If the service is free, then you are the product. — The Day We Lost Everything
Facebook is NOT Your "Friend."
Most people say they use Facebook to communicate with family and friends.
Facebook has always been slightly worse than all the other tech companies with dodgy privacy records, but now, it's in its own league. Getting off isn't just necessary to protect yourself, it's necessary to protect your friends and family too. — Salim Virani
Facebook is not a social media company; it is the largest data mining operation in existence. — Illinois' Cook County's lawsuit against Facebook
Facebook just made the stunning admission that 100 percent of its 2 billion users have likely had their personal data stolen by “malicious actors.” — The Washington Post
Whatever Mark Zuckerberg says about human community or his legacy, his company is acting in its own interests — and against the public good. — The Atlantic
Facebook has promoted fake news and manipulated their user base and greatly influencing elections in the U.S. and the UK (possibly elsewhere).
On its own, the [Cambridge Analytica] scandal is more than a little troubling, and it provides a startling look into how little the world's biggest social media platform is concerned about personal data. Let's be clear. This doesn't involve an actual data breach. It's merely a policy no one at Facebook cared about. — Luke Larsen
There is a huge amount of sharing of third-party images and gossip. Seldom does anyone fact-check the story before reposting rumours and innuendo.
Facebook allows a wide mass of its users the freedom to spread fake news (which they won't regulate), while simultaneously working to prevent another group from sharing actual news. — Damon Beres
If Wikipedia's rules were applied to Facebook? Oh my God! They'd lose 99 percent of their content. — Victor Grigas
Privacy? What Privacy?
If only Mark Zuckerberg cared about the privacy of the rest of the world as much as he did his own. — Joe Veix
Facebook makes money from advertising, so they make it complicated for you to use their site in a way that interrupts their ability to collect your personal information for advertisers.
When Facebook sends you an email notifying you about new activity on your account, "it opens an app in background, and now Facebook knows where you are, the device you're using, the last picture you've taken — they get everything." — Wired
- Facebook Privacy Settings: 18 changes you should make right away.
- “Facebook security” posts on ZoneAlarm's blog.
- Privacy, sharing, and trust: The Facebook study (2016).
- 98 personal data points that Facebook uses to target ads to you.
- You won't like what your Facebook 'Likes' reveal.
- The Evolution of Privacy on Facebook — changes in default profile settings over time.
- Facebook's DeepText seeks to understand everything you post.
- Facebook gathered 1200 pages of data on an Irish law student.
- How you can use Facebook to track your friends' sleeping habits.
- A short history of Facebook's privacy gaffes.
Controlling Your Facebook Privacy
The following sites will give you some tools to manage your Facebook privacy settings:
- How to change your Facebook settings to opt out of platform API sharing.
- Facebook privacy tips: How to share without oversharing from the Mozilla blog.
- Facebook Security: How to keep your account secure is Facebook's own information on security.
- 11 things you might want to stop doing or delete from your Facebook profile to protect your privacy .
Deactivate or Delete Your Account
Every time problems with Facebook privacy are publicized, a huge portion of Google searches are for ways to delete a Facebook account (which removes your personal data rather than simply deactivating your account).
- Facebook's Help Center information on account deletion.
- How to deactivate your Facebook account posted by The Guardian.
Google is Tracking You
However, you should be aware that other Google services also track your activity and share share this information with each other. Google Chrome constantly tracks you (especially if you're signed in).
Every time you use a Google service, software or product, it captures a bit of the information that makes you who you are—your browsing habits, search queries, location, device types, voice, etc.—and stores it in its huge data centers, and it uses that data to make its services smarter, to make its ads more targeted and efficient, and of course to rake in more cash from its ad delivery network. — Ben Dickson
ZoneAlarm offers these suggestions to make sure that you always stay safe and secure on Google+:
- Set up Circles: Google+ Circles let you create specific groups to share information with. Once you have created a circle, anything that you share in that circle can only be viewed by other members in the circle.
- Lock down you profile: Your profile, by default, can be viewed by anyone on the web. If you want to change this, make sure to change the appropriate settings so that only friends in your circles can see your information.
- Restricting Search Visibility: Another default setting of your profile is that it shows up in Google search results. If you don't want Google (or other search engines) to include you in the results, make sure to change your profile visibility settings.
- Lock down other privacy settings: There are many other customizable aspects of your profile that are less well-known. Some of these include being able to limit who can see people in your circles, and who can send you emails.
- Streaming to appropriate circles: When you create a post on Google+, you can choose which circles you want to share that post with. By default, Google+ will remember the circles in your previous post, and use those same circles for your next post.
- Remember that your posts may be public: If you comment on friends' posts, their privacy settings may allow others to see what you've written. Make sure to exercise caution!
Twitter Security & Privacy
Twitter security and privacy concerns are not as numerous as those with Facebook, but you still need to keep a closer watch:
- Twitter terms of service.
- Twitter rules and policies.
- Deactivating your Twitter account.
Controlling Your Twitter Privacy
The following sites will give you some tools to manage your Twitter privacy settings:
LinkedIn Security & Privacy
LinkedIn is a little different in that it is designed for building professional networks rather than friendships. However, there are still some issues:
- LinkedIn user agreement.
- LinkedIn help.
- LinkedIn account security and privacy: best practices.
- How to turn on two-step verification for your LinkedIn account.
You can close your LinkedIn account after which your account information is deleted and logs or backups are de-identified within 30 days.
Pinterest Security & Privacy
Pinterest describes itself as an online pinboard where you can organize and share the things you love. However, there are still some issues, particularly around the legality of copying images that aren't yours:
- Copyright on Pinterest. (See Copyright — Who Owns the Content? for more about copyright.)
- Pinterest's community guidelines.
- The copyright question: How to protect yourself on Pinterest.
- Pinterest – Copyright infringement made cool?
- 3 Pinterest security issues, and what you can do about them.
- To pin or not to pin: 5 security risks businesses should understand around Pinterest and what they can do about them.
Instagram Security & Privacy
Instagram security and privacy concerns are not as numerous as those with Facebook, but you still need to keep a closer watch:
- Instagram Community Guidelines.
- Disabling or deleting your Instagram account.
Controlling Your Instagram Privacy
The following sites will give you some tools to manage your Instagram privacy settings:
- Understanding Instagram's privacy settings from the Mozilla blog.
- Instagram Privacy Settings & Information.
- Why do Facebook and Instagram share information?