Social Media and “The Right to Be Forgotten”

ART03 Image ED2- Social Media and Right to be ForgottenDo you want all of your personal information to be available to whomever wants to search on Google, Facebook, LinkedIn or one of the other social media sites?

What about those compromising pictures a friend took when you were in college, or the fact that you were once arrested for drunk driving? Did you have to file for bankruptcy when the economy tanked, or have you ever been divorced? How much did your house sell for, and how much do you pay in real estate taxes? Did you vote Republican? What are the names of your pets? Your relatives? Did you disclose in one of those dating preference surveys that you like “long walks in the woods,” “men who take charge,” and “would skinny dip at midnight under a full moon”?

All this and more is available online, and you have no way of removing it, whether or not it is damaging to your career, your marriage or your personal reputation. Eric Posner, University of Chicago law professor, quoted in the Chicago Tribune, says, “Privacy allows us to experiment, make mistakes, and start afresh if we mess up. It is this potential for rehabilitation, for second chances, that is under assault from Google.” [1]

The chart below illustrates what can be gleaned from some of the most popular internet sites–and most of the sites don’t even have to be hacked, we willingly provide the information which can be viewed by countless others.

nolan_1_cropped

How Social Media Exposes Your Personal Information

The European Union Court of Justice recently upheld a complaint against Google to have personal information removed from their site. 90 percent of Europe’s search market is dominated by Google, and whether or not this ruling is enforceable, the public wants to have some say over what the Internet keeps alive forever. As Time magazine reports, “Make no mistake, this is a watershed moment in human history: mankind, after spending untold millennia looking for ways to be remembered by posterity, must now beg to be forgotten instead.” [2]

The European Union aside, experts believe this will never happen in the U.S. because of the First Amendment, which most Americans believe overrides the right to privacy. The Index on Censorship, an international organization promoting free speech, has said, “Before personal data became a commodity mined by corporations and attackers alike, the need for a legal stance on the identity of the ‘owner’ of data relating to oneself may have seemed laughable. However that has landed us in the situation of today when entities that mine and monetize our data can refer to this very welcome EU ruling as ‘disappointing’. Commercially disappointing it may be, however it is a step, albeit a small one, in the right direction.” [3]

In an article about social media, Naomi Troni asks, “Was it really just a generation ago that people kept all but their most basic information under virtual lock and key? Today, we happily share our date and place of birth, name of our first pet, mother’s maiden name, favorite movie or book, favorite color, first school teacher—and countless other bits of information required by online services as part of their security procedures.” [4] Not only do we gladly share all kinds of personal experiences and opinions, but we do so for free. We are so accustomed to providing our opinions about purchases, blogging about our vacations, and taking surveys about our political preferences that we seldom even think twice before posting all kinds of information that used to be private. Familiarity has bred complacency and even foolhardiness; we’ve all heard about people uploading pretty much everything, including the most intimate pictures—images that they wish they could take back. Unfortunately, once it’s out there—it’s out there!

A European global survey conducted among 7,213 adults in 19 countries found that 55 percent of respondents are worried that “technology is robbing us of our privacy”; the figure was above 60 percent in a number of countries including the United States and China. And it’s not just snooping companies and hackers that consumers fear. Nearly half the sample (47 percent)—and a majority of Millennials—worry that friends or family will share inappropriate personal information about them online. Around one third overall already regret posting personal information about themselves. [5]

Is Facebook Your “Friend” or “Frenemy”?

George Bronk looked for email accounts on Facebook pages, then gleaned enough personal information from postings to answer basic “lost” password security questions such as the name of an elementary school or favorite color. After he changed passwords and took over accounts, he would search folders for compromising photos. He would then blackmail women, threatening to email the photos to the families, friends and co-workers of the victims. [6]

Facebook and other social media sites are great for staying in touch and sharing small and big moments with family, friends and assorted other connections. The key is making sure you’re presenting the most appropriate profile possible to each “friend.” If the flurry of publicity surrounding posting nude or inappropriate pictures on the Internet hasn’t made you more cautious, maybe knowing that people like Bronk may be stalking you—some for monetary rewards and others because they are sexual predators—will. Perhaps knowing that potential clients, your boss and even attorneys engaged in jury selection have been known to access your social media pages will discourage you from posting that picture of your bachelor party. A recent FindLaw survey found that 29 percent of social media users ages 18 to 34 have posted a photo, a comment or personal information that they fear could have repercussions at work. [7] Thankfully, legislation is addressing the need to restrict an employer’s access to job applicants’ and employees’ personal data, but it is being done on a state-by-state basis.

As far as potential jury selection, Philip K. Anthony, the CEO of a national trial consulting firm, DecisionQuest, suggests that certain people are too liberal to ever be picked for a criminal case. However, if they are working in an analytics field, they may be selected for an intellectual property case where their ability to analyze data and be precise would be an asset. [8] Much of the data gathered to help in jury selection can be found on social media sites. Lawyers look at sites like Facebook, LinkedIn and Twitter to see how a jury member thinks. They then use this data to try to pick jurors who are sympathetic to their client or to disqualify an unsympathetic prospective juror. Also, after a verdict has been reached, what a juror reveals about the trial on these social media sites can potentially be used as a means for an appeal. [9]

Legislation to restrict employers’ access to applicants’ and employees’ personal online content continues its rapid expansion in 2014. Wisconsin and Tennessee became the 13th and 14th states to adopt a social media password protection law. The new laws prohibit an employer from requesting or requiring that applicants or employees disclose their passwords for personal Internet accounts. [10]

The victims of George Bronk all thought they had robust passwords, but he still managed to figure them out. His case illustrates the vulnerability of all Internet users. Whenever you access an online site, whether you are ordering a book, checking your bank balance, sending tweets, or just browsing for new lamps, you are adding to your digital footprint. Behind the scenes, data aggregators and information brokers are compiling huge amounts of information about your personal preferences and habits, and they know your interests and hobbies, your financial transactions, your life events like marriages and divorces, and much, much more. They get this from cookies, public records, your online search results, the products you have purchased and the emails you open, to name a few. It is estimated that on average, they collect 1,500 pieces of unique personal information on each individual. [11] And I’d bet you never realized you were that interesting to someone!

The reason you are so interesting is that this information can be used for marketing and decision making. The average person receives four unsolicited emails per day as a result of the information that the data aggregators collect and sell to “Customer Intelligence Providers”, companies who do targeted research around individual users and groups of users. After the data is analyzed, a company can then target advertisements and solicitations based on your preferences.

The Chicago Tribune reported that “ENOVA International…analyzes more than two dozen data sources to determine, in less than 10 minutes, whether an applicant will qualify for one of its three-year, $10,000 loans. ….[C]ompanies find it easier to capture, store, crunch and share the data in ways that help their businesses serve customers, predict their behavior, innovate, improve productivity and cut costs…it includes blog posts, social-media feeds, GPS tracking data, online chat rooms, and most audio and video content.” [12]

Over 500 million tweets are sent daily, a number that is more than doubling each year. What is said on Twitter and other social media sites is valuable to researchers, advertisers and campaign managers, but gathering those tweets presents an ethical quandary. Individual tweeters are not consenting to be part of any research. [13]

What Can You Do?

You have to realize that when using Facebook, MySpace, Twitter and other social media sites, nothing you put on them is truly private. Yes, you can control how users see or don’t see your profile. But every time you ‘like’ a product or even look at a page, the company itself is taking note. This doesn’t mean that someday Facebook will malevolently release your every click to the world. But it’s also not your private diary, and what you do on the website is collected and cataloged. You should always keep that in mind when you’re using a service.

Remember that even potential employers may review public parts of your footprint, such as your social media presence, when considering you for a job—just one more reason to be aware of what information is out there and to make sure it is accurate.

Parents need to monitor what images their children are presenting online because anything that might be perceived as suggestive or for mature audiences may attract undesirable attention including sexual predators. If your child is under 13, the Children’s Online Privacy Protection Act and Rule requires social networking websites to get parental consent before they collect, maintain or use a child’s personal information. Keep the computer in a common area such as the den, family room or kitchen where you can regularly monitor your children when they are online and set time limits.

Recent updates make the Children’s Online Privacy Protection Act (COPPA) more relevant in the social media and mobile phone age, and places some additional burdens on companies that target kids under 13. The rules went live over objections from industry groups that recently requested a postponement. Websites and phone apps that collect photos or geo-location data from children must now obtain express permission from parents, putting that data in the same category as kids’ email or home addresses. [14]

The new rules also make firms more responsible for data collection by third parties, a loophole that had been exploited by marketers in the past. Parents might not notice much change at first but some apps that kids use might begin requesting parental permissions via emails or other methods. Parents should make sure kids don’t circumvent those rules by using a fake email address to grant themselves permission. [15]

Facebook apologized for leaking contact information for an estimated six million users of the world’s largest social network. But according to computer security experts, the site may be drastically underestimating the extent to which personal data was leaked, suggesting the number of Americans affected is indeed far higher. Further, many will never even know their data was compromised. [16]

Facebook has updated its privacy settings time and time again to make them more user friendly, so customizing your settings is a fairly straightforward procedure. It’s an important one, too, since Facebook tends to automatically “opt” you in to new information sharing unless you go through and manually adjust the settings to the level of transparency you want.

If you subscribe to any social media, you must read their Statement of Rights and “opt out” of features you do not want. If you do not, you may find that all of your data is subject to being sold to a third-party vendor or used by the marketing arm of the social media site. Since they are the largest social network, we have provided an example of some of Facebook’s Statement of Rights at the end of this section, which is similar to that of other social networks.

Facebook is not alone in selling your data. MySpace has had to agree, as part of a legal settlement with the FTC, to establish a comprehensive privacy program designed to protect consumers’ information; they will be subjected to third-party audits of their privacy program for the next 20 years. The FTC claimed that MySpace shared personally identifiable information with advertisers who could use MySpace’s Friend ID to locate a user’s profile, which included, in most instances, the user’s full name, as well as age, gender and profile picture. [17]

MySpace also falsely certified that it complied with the U.S.-E.U. Safe Harbor Framework, according to the FTC, and the FTC accused Myspace of violating their own privacy policy, which stated they would not share users’ personally identifiable information with third parties unless permission had been given to do so. [18]

When it comes to advertising, Facebook hasn’t changed its ways, but is instead trying to explain its practices and resolve previous ambiguity that upset some people so much that they sued the social network. In 2011, Facebook was accused of violating users’ right to privacy by publicizing their “likes” in advertisements without asking them or compensating them. Since then, Facebook made changes to the two key documents that govern its service, in part to settle a two-year legal battle around its practice of using member data in advertisements. The social network has made updates, some of which have been court-ordered, to its Statement of Rights and Responsibilities and Data Use Policy legal documents to better inform members on how their data is used for advertising purposes and provide additional clarity on its data collection practices.
To sum it up, remember these five important tips for protecting yourself and your data on social media sites:

  1. Don’t be too personal. Keep most of your life private and think twice before posting information about yourself or your family.
  2. Lock your phone. It may end up in the hands of strangers, giving access to your social accounts where they can target your friends using your profile as bait.
  3. Use a unique password for each social media site and change your password often.
  4. Choose your social network carefully. Evaluate the site that you plan to use and make sure you understand the privacy policy.
  5. Talk to your children about social networking.
Privacy Software

Privacy software is built to protect the privacy of its users and typically works in conjunction with Internet usage to control or limit the amount of information made available to third-parties. The software can apply encryption or filtering of various kinds.

Privacy software can refer to two different types of protection. One type is protecting a user’s Internet privacy from the World Wide Web. There are software products that will mask or hide a user’s IP address from the outside world in order to protect the user from identity theft. The second type of protection is hiding or deleting the user’s Internet traces that are left on their PC after they have been surfing the Internet. This software will erase all of the user’s Internet traces and encrypt the rest of that user’s traces so that others using their PC will not know where they have been surfing.

Even TechMedia Network, one of the companies that uses data to tailor personalized purchase recommendations to technology consumers, says, “We must protect ourselves from hackers who want to steal identities, as well as from legitimate businesses who want to know our patterns so that they can advertise based on known interests. We could become indignant that it is now necessary to buy products to maintain privacy that we should never have lost. But surely a more useful response is the determination to defend now against inevitable attacks on our privacy.” [19]

The top rated privacy software for 2014, according to TechMedia Network, is CyberScrub Privacy Suite, followed by Pareto Logic Privacy Control and WinSweeper. All three have excellent ratings. In order to know what to look for when you are evaluating privacy software, TechMedia Network recommends: [20]

  1. While you are connected to the Internet, the software should maintain your privacy, and after your surfing session is over, it should erase evidence that might allow someone to reconstruct which sites you visited and what you did.
  2. Privacy software should include browser cleaning, which removes data that accumulates in the address bar history, cookies, visited sites, downloads and favorites list. Other areas that require cleaning are the temporary Internet files and Windows system features such as the temporary files, recycle bin, computer history and clipboard. You might also consider file shredding and free-space wiping.
  3. Will the product let you pick which cookies and files to keep and which to remove? You need a program that is easy to use and has software that is easy to program.
  4. Consider support options and available hours for obtaining help from a help desk. Is there in-context help?
Facebook’s Statement of Rights

After a court settlement, Facebook’s proposed Statement of Rights section on advertisements reads:

You give us permission to use your name, and profile picture, content, and information in connection with commercial, sponsored, or related content (such as a brand you like) served or enhanced by us. This means, for example, that you permit a business or other entity to pay us to display your name and/or profile picture with your content or information, without any compensation to you. If you have selected a specific audience for your content or information, we will respect your choice when we use it. If you are under the age of eighteen (18), or under any other applicable age of majority, you represent that at least one of your parents or legal guardians has also agreed to the terms of this section (and the use of your name, profile picture, content, and information) on your behalf. [21]

The new advertising section in the revised data policy, meanwhile, is even more extensive and includes examples of how member data can be used alongside ads. Part of the rewritten section reads:

In addition to delivering relevant ads, Facebook sometimes pairs ads with social context, meaning stories about social actions that you or your friends have taken. For example, an ad for a sushi restaurant’s Facebook Page may be paired with a News Feed story that one of your friends likes that page.

When you read the rest of the proposed terms of service, you’ll find additional language changes meant to clarify what you can expect or not expect from your social-networking experience. The company now explains that if you want a third-party application you’ve connected to Facebook to delete your data, you’ll have to go to the app-maker to make the request; in other words, Facebook isn’t responsible. Facebook also explains that users are responsible for carrier data charges when using Facebook from their mobile devices. [22]

In addition, the social network’s data policy makes it clear that it receives data on the type of device a person is using to run Facebook and includes more detail on the types of data, such as mobile phone number or operating system, that it receives from the devices members use to install Facebook apps or access the social network.

Online Marketplaces

Police in Chicago have labeled Craigslist crimes as “robbery by appointment” because criminals in the Windy City regularly use Craigslist to identify victims and have the luxury of scheduling their crimes. The most notorious crime led to an entire family being taken hostage and the father shot dead in front of his wife and children, who were also assaulted. [23]

In Craigslist’s defense, millions of transactions have taken place safely using their service. It’s sad to think that you can’t trust anyone, but you don’t want to be the next victim, so it pays to be careful. Craigslist and other sites that act as online marketplaces might seem harmless—just a kind of online flea market—but you have to be wary. Whether you’re selling a table or meeting a mate, reading between the lines is crucial to determining ahead of time if someone might be a bit iffy. When selling or buying something on Craigslist, protect yourself as much as possible. Always have a buddy with you as backup in case something bad happens. Instead of giving your name and address to a total stranger, arrange to meet Craigslist buyers or sellers during the day in a public place. The right public place is somewhere that’s not too crowded but has people around because you want people to notice if something goes wrong. And stick to the old adage, “If an ad seems too good to be true, it probably is.”

So everyone knows that Craigslist deals carry certain risks. Yet it’s still difficult to get a big-picture perspective of both the scale and the general tenor of crime on Craigslist. We logged 74 different incidents occurring on Craigslist in 27 states and the District of Columbia within 30 days. Eleven of the incidents resulted in violence. Three of those resulted in death. Another eight carried a threat of violence. While the overall range of crimes that were committed was fairly wide, most tended to fall into a few distinct categories. Surprising to no one, the single most prevalent crime was robbery, attempted robbery, or assault. People arranged a meeting over Craigslist and then, during the meeting, one party would rob and/or assault the other. [24]

What Can You Do?

If you do have to give out your phone number, sign up for Gmail and get a free Google Voice number, which you can use to forward calls to your cell phone or landline. You’ll be able to give this secondary number to someone you meet on Craigslist without revealing your primary contact info. Then, if something goes wrong, you’ll be able to block them or just drop the Google number. It’s an easy way to protect your privacy and your existing phone lines.

Google’s own site says, “Google Voice isn’t a phone service, but it lets you manage all of your phones. Google Voice works with mobile phones, desk phones, work phones, and VoIP lines. There’s nothing to download, upload, or install, and you don’t have to make or take calls using a computer. Google Voice will let you define which phones ring, based on who’s calling, and even let you listen in on voicemail before answering the call.” [25]

Not a bad way to screen calls—not only for online selling, but also for managing those intrusive telemarketing calls.

This article is an excerpt from the new book from Cathy Nolan and Ashley M. Wilson, JD – The Audacity to Spy – available through Technics Publications.

 

[1] Page, Clarence, “Right to be forgotten’ won’t fly in USA”, Chicago Tribune, May 21, 2014, Section 1, p. 21

[2] Grossman, Lev, “You Have the Right to Be Forgotten”, Time, May 26, 2014, p. 17

[3] Ferguson, Rick, “‘Right to be forgotten’ is the step in the right direction”, Index on Censorship, May 21, 2014, http://www.indexoncensorship.org/2014/05/ counterpoint-right-forgotten-step-right-direction/

[4] Troni, Naomi “Social Media Privacy: A Contradiction In Terms?” Forbes, Apr. 24, 2012

[5] Troni, Naomi, Ibid

[6] Thompson, Don, “George Bronk Used Facebook to Hack Women’s Emails”, Huffington Post; Jan, 14, 2009

[7] Zukerberg, Randi, “Post More Baby Photos!”, Time, Nov. 4, 2013 pg. 22

[8] Stein, Joel, “12 Votes Down”, Time, Sept. 16, 2013 pg. 60

[9] CNN News Analyst: Aug 8, 2013; CNN

[10]0 Gordon, Philip & Hwang, Joon, “Tennessee Joins The Growing List of States Limiting Employers’ Access To Personal Online Content”, Mondaq, May 14, 2014, http://www.mondaq.com/unitedstates/x/313366/employee+rights+labour+relations/Tennessee+Joins+the+Growing+List+of+States+Limiting+Employers+Access+to+Personal+Online+Content

[11] Lin, Judy; “George Bronk Sentenced For Facebook Stalking”, Huffington Post; July 22, 2011.

[12] Yerak, Becky, “In the Growing Field of Big Data, Jobs go Unfilled” Chicago Tribune, Business Section, Aug. 25, 2013

[13] Steinmetz, Katy, “What Twitter Says to Linguists”, Time Magazine; Sept 9, 2013

[14] https://www.ftc.gov/tips-advice/business-center/guidance/complying-coppa-frequently-asked-questions

[15] Sullivan, Bob, “New online child safety rules aim to protect kids on social media, smartphones”, NBC News, Jul 1, 2013, http://www.nbcnews.com/business/ consumer/new-online-child-safety-rules-aim-protect-kids-social-media-f6C10505412

[16] http://www.techlicious.com/blog/experts-facebook-security-leak-more-extensive-than-site-is-admitting/

[17] Wyatt, Edward, “F.T.C. Charges Myspace With Breaking U.S. Law in Sharing Users’ Personal Information”, New York Times, May 9, 2012, Pg. B3. “http://www.nytimes.com/2012/05/09/technology/myspace-agrees-to-privacy-controls.html

[18] Wyatt, Edward, Ibid

[19] TechMedia Network; privacy-software-review.toptenreviews.com

[20] TechMedia Network, ibid

[21] http://www.facebook.com/policies

[22] http://www.facebook.com/legal/terms

[23] Chansanchai, Athima, “Rival links Craigslist to 12 deaths, 330 crimes in past year”, Today Tech, Feb. 25, 2011, http://www.today.com/tech/rival-links-craigslist-12-deaths-330-crimes-past-year-124931

[24] Sankin, Aaron, “Mapping of 30 Days of Craiglist Crimes”, DailyDot, May 6, 2014, http://www.dailydot.com/crime/craigslist-crime-map/

[25] Google support, “About Google Voice”, https://support.google.com/voice/ answer/115061?hl=en

Share

submit to reddit

About C Nolan and A Wilson

Catherine Nolan has an MBA in Business Administration and 25 years' experience as an Information Analyst. When she became a victim of identity fraud through the hacking of her credit card information, she began extensive investigation into credit card and identity theft. Her research led to this book which describes the many ways personal information is being compromised and how the average person can protect themselves and their digital assets. Ashley M. Wilson, JD, is an Attorney at Law practicing in Illinois and Wisconsin. She is a graduate of the University of Illinois and received her law degree at Marquette University. As an attorney she became interested in the growing threat to privacy and the lack of legal protection afforded to individuals by the government and our court system.

Top