Facebook Privacy Settings Get Needed Update

,

Facebook Privacy Settings… Some may say it’s too little, too late. I’m relieved that Facebook is finally responding to concerns about their confusing and weak privacy settings.  The social media giant (who has been losing customers of late) has recently made several changes to their settings.

Facebook Privacy Settings Update

  1. Additional photo settings.  Your current profile photo and cover photos have traditionally been public by default. Soon, Facebook will let you change the privacy setting of your old cover photos.
  1. More visible mobile sharing settings.  When you use your mobile phone to post, it is somewhat difficult to find who your audience is because the audience selector has been hidden behind an icon and this could lead to unintended sharing.  In this Facebook privacy settings update, they will move the audience selector to the top of the update status box in a new “To:” field similar to what you see when you compose an email so you’ll be able to see more easily with whom you are sharing.
  1. Default settings for new users.  Instead of automatically defaulting to “public”, new users will now have their default set to “friends”.  They will also be alerted to choose an audience when they post for the first time. This is a significant step in the right direction of a business best practice called Privacy by Default.
  1. Privacy checkup tool.   Users may encounter a “privacy dinosaur” (pictured above) that pops up to lead them through a privacy checkup.  (At this time, it is not a consistent feature: Facebook is “experimenting” with it.) The privacy checkup tool will cover a number of settings, including who they’re posting to, which apps they use, and the privacy of their profile information.
  1. Public posting reminder .  The privacy dinosaur will also remind you when you’re about to post publicly to prevent you from sharing an update with more people than you intended.
  1. Anonymous login.   This feature allows you to log into apps so you don’t have to remember usernames and passwords, but it doesn’t share personal information from Facebook. Traditionally, people using Facebook Login would need to allow the website or app to access certain information in their profiles. I’m also happy to see Facebook moving in this direction, as universal logins are one of the easiest backdoors for cyber criminals to exploit.

Facebook has been criticized for having unreasonably complicated privacy settings, had to pay a $20 million settlement for giving away users’ personal information, and frankly never seemed to care very much about personal privacy.

I’m guessing that Facebook has learned a valuable lesson: that by giving their customers the privacy controls they desire, they are creating happier, more loyal users, which is a long-term strategy for success. The need for change hasn’t disappeared, but these Facebook privacy settings are a step forward.

John Sileo is an an award-winning author and keynote speaker on identity theft, social media privacy, fraud training & technology defense. John specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael RayAnderson Cooper & Fox Business. Contact him directly on 800.258.8076.

Mobile Device Statistics on Our Children

I found these mobile device statistics on our children’s use of technology to be eye-opening. 38% of kids under 2 have used a mobile device – the digital babysitter, I suppose. Anyway, I think it’s important that we know what direction our kids are heading and what we, as parents, are doing to point them there. Part of security involves access: how much they have, how well they are monitored and what the consequences are for improper use.

Zero_to_Eight_2013_infographic

John Sileo is an author and highly engaging speaker on internet privacy, identity theft and technology security. He is CEO of The Sileo Group, which helps organizations to protect the privacy that drives their profitability. His recent engagements include presentations at The Pentagon, Visa, Homeland Security and Northrop Grumman as well as media appearances on 60 MinutesAnderson Cooper and Fox Business. Contact him directly on 800.258.8076.

Internet Privacy & Kids: Social Network Monitoring in Schools

librarians-watching computer useSocial network monitoring becomes big business. Fresh off the heels of learning that the NSA has been gleaning data about us using information found on social networking sites comes the news that a school district in California is paying a monitoring service to watch and report on what students are posting on sites like Twitter, Facebook and Instagram.

Glendale Unified School District is paying $40,000 over the next year to a company called Geo Listening to monitor its students’ social media activity.  This program was introduced after one of their students, 15-year-old Drew Ferraro, committed suicide by jumping from the roof of Crescenta Valley High School.  It started as a pilot project in three schools last year and is now being rolled out to all middle and high schools across the district.

Glendale is not the first school system to use monitoring services.  They are used fairly commonly at the college level.  Louisville and Kentucky use a social media monitoring system with their athletes that flags words for coaches that relate to drugs, sex or alcohol and they also have access to all of the athletes’ photos and videos.  (LSU, Florida, Texas A&M, Texas, Missouri, Ole Miss, South Carolina, Auburn, Baylor and New Mexico are among the other schools that use similar monitoring methods).

 

Mount Wachusett Community College was one of the first schools to monitor social media on a dedicated level and was recognized for being proactive by the National Council for Marketing and Public Relations.  Robin Duncan, vice president for marketing and communication at MWCC says simply, “If you don’t have someone paying attention to your new media … you’re being negligent.”

In Indiana, a high school senior, Austin Carroll, was expelled from Garrett High School and forced to enroll at an alternate school to get his diploma for a profanity-laden tweet that was flagged by his school’s social media monitoring system.  Many schools that don’t pay for a monitoring service still task their administrators with doing it.

So, while it’s nothing new for schools to monitor their students’ communications (I recall having a few notes intercepted and read by my teachers), it begs some questions:

  • Who should be in charge of monitoring our kids?
  • How much privacy should kids be allowed?
  • To what extent should schools be involved?

The answers are not straight-forward.  When daily reports of government surveillance cause a public outcry over privacy issues, we want to extend those same privileges to our kids.  Yet, there are cases like the Ohio school shooter, T.J. Lane, who killed three classmates and wounded others.  Lane had posted chilling comments on Facebook a few months before and tweeted the morning of the shooting that he was bringing a gun to school.  It was right there, publicly posted, yet no one knew to stop him.

It’s easy to blame the schools, to blame the district, to blame someone else, but as parents, WE should be the ones to monitor our kids’ posts…

  • WE need to remind them that all posts are permanent, public and exploitable – forever.
  • WE need to look for warning signs of violent intentions toward self or others, substance abuse, bullying…
  • WE need to get off our own Facebook pages and check in on our kids.
  • We need to have engaging, heart-to-heart conversations with our kids so that they feel we are the ones to reach out to when the dark days come.

The truth, however, is that some (okay-most) parents don’t do it.  As with countless other issues that we have come to expect our schools to teach (sex education, drug resistance, anti-bullying), keeping up with social media is something most parents aren’t comfortable with, don’t understand completely, or just don’t want to deal with. And that unwillingness has disastrous consequences for kids who are troubled, in trouble, or the victim of another troubled child.

Ralph Hicks, superintendent of Ashburnham-Westminster Regional School District in Massachusetts, explains that the legal doctrine “in loco parentis,” which is Latin for “in place of a parent” allows school officials to interfere in the lives of students only in issues involving the school.  More and more, that definition involves anything said about the school (or students and staff) whether the communication occurs on campus or not.

Parents (and students) who think that this monitoring is a violation of their kid’s privacy should remember that EVERYTHING BEING MONITORED IS ALREADY PUBLICSchools aren’t breaking into your child’s Facebook account, they are simply monitoring what everyone else on the Internet can see. And if it saves a life, thwarts a bully, or rescues a child in need, it’s worth it. 

John Sileo is a keynote speaker on Internet Privacy and CEO of  The Sileo Group, a think tank that trains organizations to harness the power of their digital footprint. Sileo’s clients include the Pentagon, Visa, Homeland Security and businesses looking to protect the information that makes them profitable.

Facebook Privacy: New Data Use Policy Banks on User Laziness

,

facebook privacy 2Is there such a thing as Facebook privacy? You’ve might have heard that Facebook is proposing a new Data Use Policy and Statement of Rights and Responsibilities (formerly known as a privacy policy). No one refers to it as a Privacy Policy anymore, because there is absolutely no sign of privacy left. And if you read the email from Facebook alerting you to the changes, or even the summary of changes that they provide, you are left with no clear idea of the magnitude of those alterations (you’d have to read the actual suggested changes).

Facebook is masking privacy erosion with a deceptive executive summary. The latest changes make me very uncomfortable in three ways:

  1. It appears that Facebook has left open the option to collect and utilize your mobile phone number when you access Facebook from your mobile device. That is valuable information to advertisers who want to text, call or serve up ads to you directly.
  2. Facebook is already using, and will continue to use facial recognition software to identify photos that you are in (even if they aren’t your photos), and recommend that they be tagged with your identity. Now they are considering adding your profile photo as a benchmark for the facial recognition software. In other words, the minute any photo is put up with you in it, it can be tagged and exposed to the rest of the world. You can change your Timeline & Tagging Settings to stop non-consensual tagging.
  3. By default and unless you make somewhat complicated changes, your photos can be used in advertisements. Any photos you load to Facebook can be served up to your network in connection with items you have “Liked”, which means that your picture (or worse yet, your child’s) can show up next to the raunchy movie you just “Liked”.

As quoted in the British newspaper, The Register, Facebook is practically flaunting your addiction to their social network, knowing you will likely do nothing about it:

“You give us permission to use your name, profile picture, content, and information in connection with commercial, sponsored, or related content (such as a brand you like) served or enhanced by us. This means, for example, that you permit a business or other entity to pay us to display your name and/or profile picture with your content or information, without any compensation to you… You understand that we may not always identify paid services and communications as such.”

Facebook is so confident that you won’t make the necessary changes to your privacy settings (let alone actually deleting your Facebook account), that they can arrogantly announce these changes without fear of reprisal. They are literally banking on your apathy.

There is good news! You have two clear options:

  1. You have 7 days to comment on Facebook’s new policies before they take effect. If there is a strong enough backlash against these erosive changes, they will rethink their position (maybe – or they might just outlast you until you’ve stopped paying attention). But the backlash won’t happen without your input.
  2. You can outright delete your Facebook account, but don’t do it until you have downloaded a copy of your data, posts, pictures and such. Even then, they reserve the right to use the data you already posted for a certain period of time.

In the coming days, I will post a video on how to do both of these items.

John Sileo is a keynote speaker and CEO of The Sileo Group, a privacy think tank that trains organizations to harness the power of their digital footprint. Sileo’s clients include the Pentagon, Visa, Homeland Security and businesses looking to protect the information that makes them profitable.

 

 

How To Turn Off Facebook Graph Search

,

Do you want to know how to turn off Facebook Graph Search?

If you walk onto a used-car lot and brag to the salesman that you’re rich, who’s to blame: the salesman for exploiting that information to sell you a car for more than it’s worth, or you for naively sharing in the first place? Both! The same is true in the hacking of the Facebook Graph Search data; Facebook AND poorly informed users SHARE the responsibility for this latest breach.

In case you haven’t heard the latest, Brandon Copley, a mobile developer in Dallas, Texas, was able to exploit Facebook’s Graph Search to collect 2.5 million phone numbers of Facebook users.  Copley is not a malicious hacker; he was simply trying to show how vulnerable the information is that people leave “public” on Facebook.

In a note from Facebook to its users, Facebook acknowledged the “bug”.  They went on to explain how it happened and said they immediately disabled the tool in question until it was fixed.  They also issued a cease and desist letter to Copley stating, “You are unlawfully acquiring Facebook user data. It appears that you are accessing Facebook through automated means and stealing Facebook access tokens in order to scrape data from Facebook’s site without permission.”  Copley argued that, “Facebook is denying its users the right to privacy by allowing our phone numbers to be publicly searchable as the default setting.”

What is Facebook’s responsibility regarding Graph Search?

Facebook is at fault for allowing robo-harvesting of your personal data through Graph Search. They should plug this search engine hole immediately – we’ll see that soon. They also need to plug a series of related breaches.

What is our responsibility as users?

We have to remember that Facebook is a social network, a term that openly admits to the sharing of data, which is why Facebook DOESN’T HAVE a privacy policy, they have a Data Use Policy. And make no mistake; the Facebook Data Use Policy says that by default, they will share everything possible unless we tell them otherwise. In other words, we’re giving them a lot of our information for a pretty used car.

What steps can our viewers take right now? (See video)

  1. Share only what you want made public.  Remember, the default setting is to make everything public; it is your responsibility to go in and change your settings.
  2. Read & understand the Data Use Policy, otherwise, you have no way of knowing how Facebook is making your data available to others.
  3. Customize privacy settings to limit access. To do this well, it will take about 60 minutes of your time, but it will be well worth the effort.

John Sileo is a keynote speaker and CEO of The Sileo Group, a privacy think tank that trains organizations to harness the power of their digital footprint. Sileo’s clients include the Pentagon, Visa, Homeland Security and businesses looking to protect the information that makes them profitable. Contact him directly on 800-258-8076.

 

Online Privacy and Teens: Help Them Care if They Don't

,

facebook teenBefore you read this article, stop and picture yourself as a 16 year old.  Now that you’ve recovered from the trauma of that, think about this question: what thoughts consumed your time – your favorite band, your first car, your first love, your first job, your first password?  Certainly not the latter, and you most likely weren’t thinking about online privacy issues.

It’s no surprise then that today’s teens don’t think about them much either, although they do more than most of us ever had to.  The Pew Research Center recently conducted a survey entitled Teens, Social Media, and Privacy and found a variety of interesting statistics.

Teens share more about themselves on social media sites than they did according to the previous survey from 2006.  A few of the more significant ones:

  • 91% post a photo of themselves (up from 79%)
  • 71% post their school name (up from 49%)
  • 53% post their email address (up from 29%)
  • 20% post their cell phone number (up from 2%)

Some new questions revealed that teens also post other potentially risky information:

  • 92% post their real name
  • 82% post their birth date
  • 24% post videos of themselves
  • 16% have set their profile to automatically include their location in posts

The good news is that while teens are sharing more, they are also becoming more aware of privacy concerns; 60% of teen Facebook users set their profiles to private.  In addition, 89% of those users indicated it’s “not difficult at all” or “not too difficult” to set privacy controls.

Teens also manage their profiles in other ways to help control their reputation:

  • 59% have deleted or edited a previous post
  • 53% have deleted comments from others
  • 74% have deleted people from their network or friends list
  • 26% have posted false information to help protect their privacy

While some of these statistics would seem to indicate that teens are becoming more aware of protecting their privacy and reputation, there are still far too many that are just not concerned.  In fact, just 9% responded that they were “very concerned” and 31% were “somewhat concerned that some of the information they share on social networking sites might be accessed by third parties like advertisers or businesses without their knowledge.”  Undoubtedly, some of this lack of concern comes from simple, blissful teenage ignorance.  One teen that participated in a focus group discussion said, “Anyone who isn’t friends with me cannot see anything about my profile except my name and gender.  I don’t believe that [Facebook] would do anything with my info.”

In contrast to this, 81% of parents are “somewhat” or “very” concerned about what advertisers can learn about their children’s online behavior.  Too bad it’s not 100%, but if you’re reading this, I’m guessing you’re one of the 81%.  Because you care, and because your children quite likely do not, it may fall to you to help them be safe online.  We’ve addressed this many times in the past (in articles referenced below), but it’s so important that we wanted to revisit it.  The most basic steps:

  • Have a frank discussion about what concerns you. Discuss how advertisers use the information they can easily garner when we use social media, and warn them (AGAIN AND AGAIN!) about how strangers can access it, too.  Our Summer School for Parents article addresses the specifics in case you missed it.
  • Teach your child how to play it smart on Facebook.  We addressed this in our Facebook Privacy article with some detailed action items.
  • Check out our Smartphone Survival Guide and Facebook Safety Survival Guide if you want more specifics.

It may be hard to pull your teens off their social media sites long enough to have these discussions, but it will be worth the effort to protect their online privacy.

John Sileo is an online privacy expert and professional speaker on social media privacy. His clients include the Department of Defense, Pfizer, Visa, and Homeland Security. See his recent media appearances on 60 Minutes, Anderson Cooper and Fox Business.

 

 

 

 

 

 

 

 

 

Summer School for Parents: Protecting Your Kids' Social Media Privacy

, ,

girls phones summerSchool is out for the summer and the tasks that often fall upon the shoulders of your local schools are now sitting squarely on yours.   In addition to making sure your kids practice their math facts, read regularly and get plenty of exercise, you’ll want to watch out for how they spend their free time when it comes to using Facebook, Tumblr, Instagram, Twitter, YouTube and other sites that can expose their social media privacy.

Social Media refers to web-based and mobile applications that allow individuals and organizations to create, engage, and share new user-generated or existing content in digital environments through multi-way communication.  Okay, that’s too technical. Social media is the use of Internet tools to communicate with a broader group. Some of the most common examples are listed above.  If you have elementary aged children, they may use more secure, school-controlled forms such as Schoology, Edmodo or Club Penguin, but if your kids are older, I can almost guarantee they’re into Social Media sites whether you know if or not.

Statistics show that 73% of online adolescents visit social networking sites daily and two billion video clips are watched daily on YouTube.  The American Academy of Pediatrics recently conducted a study that found that 22 percent of teenagers log onto their favorite social media sites more than 10 times a day, and that 75 percent own cell phones.

So, how do you battle such a time-consuming, captivating influence over your children?  You don’t, because you won’t win!  Instead you look at social media privacy best practices that schools implement and do the same at home.

  • Expect the Internet to be used appropriately and responsibly and set agreements and consequences with your children if it is not.  The Family Online Safety Institute can guide your discussion and even provide a contract.
  • Expand your typical discussions about strangers to include social media
    • Don’t accept unknown friend requests
    • Don’t give out personal info – specifically: last name, phone number, address, birthdate, pictures, password, location
  • Warn kids about the dangers of clicking on pop-up ads or links with tempting offers, fun contests, or interesting questionnaires, even if they’re sent from a friend.  They may really want that free iPad being offered, but chances are it’s just a way for someone to glean their personal information.
  • Monitor the information your kids give out and their use of sites; let your children know they should have no expectation of privacy.  (Make that part of your contract.)  You can also install filtering software to monitor their social media use and even their cell phones.  A few popular ones are Net Nanny and PureSight PC to help keep your child safe online and My Mobile Watchdog to help with monitoring their cell phones.
  • Check your privacy settings for all Internet sites and make sure they are set to the strictest levels.
  • Remind your child that once it’s published, social media is public, permanent, and exploitable forever- even when “deleted”
  • If your children are not 13, keep them off of Facebook since that is their stated age limit. There are plenty of reasons, not the least of which involves the emotional repercussions of being “unfriended” or cyber bullied.  When they are ready, have your children read and study the actual Facebook user agreement and privacy policy and discuss it with them.
  • Set limits on social networking time and cell phone time, just as you would for TV hours. Many families limit total screen time, which includes everything from computers, iPads, smartphones, and video games to our old fashioned notion of television.
  • Be a good example yourself.  Monitor your own amount of time spent online and seek to find a balance of activities. When you are on you iPhone at dinner, you are letting your kids know that this is acceptable behavior.
  • Monitor your child’s activities and try to stay educated about the latest platforms!

Social Media can be a positive way for kids to continue to develop friendships while they’re home for the summer and to feel like they’re connected to a community that matters more to them than anything.  But there are risks that come with it and it’s your job as a parent to protect them from those risks just as surely as you keep them from taking candy from a stranger

Social networking has an addictive component because dopamine (a natural feel-good drug produced by the body) is released anytime we talk about ourselves. And what is social networking if not a constant exposé of what is happening in our lives? Just make sure you know what is happening in your child’s life, even in the more relaxed months of summer.

John Sileo is an online privacy expert and professional speaker on social media privacy. His clients include the Department of Defense, Pfizer, Visa, and Homeland Security. See his recent media appearances on 60 Minutes, Anderson Cooper and Fox Business.

 

Social Media Privacy Laws Provide Protection for Employers and Employees

Do you know your social media privacy rights as they pertain to your workplace?

They will be different depending on where you live because the laws vary from state to state. Utah recently became the fifth state to put into effect such a law that governs the rights of both employees and employers. Legislation has also been introduced or is pending at the Federal level and in 35 states.

This has become a hot topic because more than 90 percent of employers use social media sites to help screen applicants. Since applicants have the ability to determine their online privacy settings to decide what is out there for public viewing, some employers have asked for access to their private social media content to get the real picture.

In addition, employers contend that having access to social media accounts of employees allows them to protect sensitive company information such as trade secrets and financial figures. Employees argue that the information may be used to discriminate against them and inherently invades their privacy. In reality, most of the current legislation actually seeks to protect both sides.

Utah’s Internet Employment Privacy Act enforces protection of employees’ online identities, dictating that an “employer may not request disclosure of information related to [a] personal Internet account.” Also known as House Bill 100, this law, which applies to both employees and applicants, includes asking for usernames and passwords. If employers are found guilty of this, they may face up to a $500 fine. Additionally, the law states that employers may not “take adverse action, fail to hire, or otherwise penalize” anyone who will not disclose their information.

There are exceptions built in to protect the employer. They may legally require such information if the employer has provided the device and/or service or if the information is needed to carry out a disciplinary investigation, particularly if the employee’s actions in some way compromise the company – i.e. sharing of proprietary/confidential information or financial data. In addition, the employer can still view publicly available information in order to conduct due diligence.

In the ever-changing world of social media privacy legislation, one thing is clear; it will keep changing! Both employees and employers should check the current status in their state. The National Conference of State Legislatures provides a good listing to help you do this. As always, know your rights and act on your responsibilities.

John Sileo is a social media privacy expert and professional speaker on building digital trust. His clients include the Department of Defense, Pfizer, Visa, and Homeland Security. See his recent media appearances on 60 Minutes, Anderson Cooper and Fox Business.

Twitter privacy expert John Sileo talking with 9News on the AP hack

, ,

This Tweet disrupted the stock market as well as gold and oil prices: “Two explosions in the White House and Barack Obama is injured”.