Is the FBI Watching Your Every Move on Facebook?
It seems 2010 may be the year personal privacy makes a comeback -- that, or it's taking its final breath before it sinks into the tarpits. Every week brings news of some new affront to our personal data, accompanied by a backlash. Lately these stories have been bubbling up on an almost daily basis.
It started late last year, when Facebook arbitrarily changed its default privacy settings to make more of your profile information accessible to Google and other Facebook users. You could of course change those settings, but most people didn't. That earned Facebook a class-action suit and ongoing scrutiny by the FTC.
[ Want to cash in on your IT experiences? InfoWorld is looking for stories of an amazing or amusing IT adventure, lesson learned, or war tale from the trenches. Send your story to firstname.lastname@example.org. If we publish it, we'll keep you anonymous and send you a $50 American Express gift cheque. ]
Then Google introduced its Twitter wannabe service, Buzz. That emerged from the womb with two left feet, both of which it immediately thrust into its own mouth. The biggest problem? Buzz inadvertently shared information about Gmail users' frequent contacts that Gmailers had assumed was private. Google has been eating crow by the family-sized bucket -- and tweaking Buzz to make it more respectful of personal privacy -- ever since.
Last week Netflix canceled its second contest to have math geeks tweak its recommendations engine after the "anonymous" data used by researchers in the first contest proved not quite as anonymous as Netflix thought. A pair of University of Texas researchers proved they could identify individuals by cross-checking their movie preferences with other publicly available information.
At South by Southwest last Friday, Microsoft social media researcher Danah Boyd gave a keynote detailing how privacy has been eroded, largely because the people who build services like Google Buzz and Facebook (aka, "privileged straight white male technology executives") don't understand the differences between privacy online and how it works in the real world.
Yesterday brought yet more proof that putting all your personal eggs into a social network basket may not be such a hot idea, especially if you (or your friends) stumble into the crosshairs of law enforcement.
The Electronic Frontier Foundation released documents it acquired via a Freedom of Information Act request about federal activity on social networks. Among them: a Department of Justice presentation on how to use Facebook, MySpace, Twitter, LinkedIn, and so on to gather intel on suspects and witnesses, friendly or otherwise.
(My theory: They finally heard about Mafia Wars on Facebook and decided to take a closer look.)
The document implies cops are going undercover -- using false identities to befriend suspects and learn more about them -- which violates the terms of service for most of these networks. (You never lie on your Facebook profile, do you?)
The arguments given for going undercover: "communicate with suspects/targets; gain access to nonpublic info; map social relationships/networks."
So if the feds are investigating one of your Facebook/MySpace/Twitter buddies, they could very well be investigating you. And if they're adding you to that "social map," what about your friends? At what point does the map stop? Does it even have borders?
Another key question: If an agent violates a service's TOS, is the evidence he or she gathers admissible in court? The documents ask this question; unfortunately, they don't answer it, nor do they explicitly state anyone is doing this.
Still, you gotta figure they are. Cops have been infiltrating "suspicious" organizations for years, mostly with good intent, sometimes with a political agenda attached. It's natural to assume they'd do it in the virtual world, but in the past you had to be an active member of such an org to fall under suspicion; now all you need to do is say yes to the wrong friend request.
I know what some of you are saying: "I never use Facebook/Twitter etc, so I'm not worried." But not using these things is not an option for many of us; that's like saying "I never use a phone because it might be tapped." (By the way, it probably is -- at least, the data stream.) It's also a little like saying, "I only use a typewriter because computers are the devil's spawn."
The only logical response is to be a lot less cavalier about the information you share and with whom you share it. So let's just say it: The social networking honeymoon is officially over. Time to get a lot more serious about what we do and don't do online.
Is privacy worth fighting for? What do you do to protect yourself online? Weigh in below or email me: email@example.com. Then hoist a brew for me -- it is St. Patty's day, after all.