Harry Chen Thinks Aloud

I value my online privacy. Recently I joined Facebook, an online social networking application. While I enjoy using it to social with my friends in different corners of the world, but also I’m concerned about my privacy in Facebook. In this blog I will summarize some general rules that Facebook users can adopt to protect their online privacy.

What to protect

Privacy protection is about control, controlling who gets to see what information. There are two kinds of information that we should control. The first kind is personal information that can be used by people to commit crimes, e.g. identify theft. The second kind is information that can potentially damage the reputation of a person or can create a false impression about a person in minds of other people.

Information of the first kind is easy to identify, which includes a person’s date of birth, social security number, current and past resident addresses, and mother’s maiden name. Information of the second kind is a bit harder to identify because it is rather subjective. Here are some obvious examples. If a person is a CEO of a company, wild party photos of that person can easily damage his/her professional reputation. If a person is seeking a career in the child care profession, rumors about that person frequently smokes marijuana can create a false image about his/her characters in the minds of potential employers.

How personal information flows in Facebook

Personal information published in Facebook flows in three different directions. (1) It flows from the person who published the information to friends in the social network. When you post a new item or write a new wall message in your Facebook profile, information flows from your profile to the eyes of your friends. (2) Information can flow in an inverse direction. When you are tagged in a friend’s video, information (the video and information about you being in the video) flows from your friend’s profile to you. (3) Information that is not explicitly protected flows freely throughout “networks”, circles of social contacts from high schools, colleges or work. If I join the UMBC network, unless I explicitly protect my profile, all my information by default is readable by anyone in the UMBC network even they are not my friends.

How to protect your privacy

Rule 1: Don’t join Facebook unless you have a good reason to join. The best way to protect your privacy is simply avoid using Facebook.

Rule 2: Don’t publish personal information that can be used by others to commit crimes. Don’t publish full details about your education history, employment history and residency history. If you choose to publish your date of birth, hide the year field. Some online website security systems authenticate your identity using answers to questions like “what’s the name of your high school?”, “what’s the name of your best man at your wedding?”. Avoid publishing information that you have used in answering those security questions.

Rule 3: Review your privacy settings every time a new application is installed. Often when a new Facebook application is installed, it’s default setting permits everyone in your network to see all activities happened in that application. Review these settings helps you to control who sees what information about you.

Rule 4: Don’t post any wall messages, photos and videos that you don’t want the whole world to see. When publishing information in Facebook, even with privacy settings enabled, you must assume that this information will be read by every person on the Internet. It’s naive to think that limiting the view permission of media files will keep your privacy safe. There is no 100% guarantee privacy protection in Facebook. Many things can go wrong in a computer system, and can cause your private information to be leaked onto the Internet. Facebook may get hacked. Software program bugs may open the back doors for Google robots to index your private party photos.

Rule 5: Don’t install any applications that may create a false image about who you are. Facebook has tons of applications. Not all are worthy your attention. Installing too many “dumb” applications can only harm your reputation and your social image, especially in the minds of those who don’t know you well.

Rule 6: Don’t publish photos and videos of others if they told you not to. Some people are very offended when seeing bad photos or videos of themselves. If you have photos of your friends, think twice about publishing them. Photos and videos may seem funny to you, but they may not be so in the eyes of your friends.

Rule 7: Don’t engage in Facebook activities that display childish behavior. Many Facebook activities seem to be fun at first, e.g., poking people, slapping your friends, throwing poop at buddies. If you’re too obsessed with these activities, it can hurt your professional reputation. If you are a manager, how would you think if an employee is constantly slapping people and throwing excrement at the others?

Rule 8: Don’t add people that you never meet. More friends in your network will only make your privacy protection task more difficult. When you have a small group of close friends, deciding what they can see is easy. If you have hundreds of friends, you will have to devise more sophisticated schemes to control the distribution of your personal information.

Concluding Remarks

It’s fun to use social networking applications like Facebook. However, you must pay close attention to how your personal information is flowed in social networks. Being too liberal about your privacy may encourage others to commit crimes and damage your reputation in minds of those who don’t know you well. Rules described here are not hard rules. They help you to begin thinking about privacy protection in Facebook. Your personal information defines who you are. If you don’t care about it, you don’t care about your life.