How safe is your information on Facebook?

17 August 2011

Written by: Samantha Afetian

Facebook made the headlines again last week as reports suggesting its impending demise went viral.

A video from the ‘hacktivist’ group Anonymous announced that Facebook would be its next target. The video calls on hackers to ‘kill Facebook for the sake of [their] own privacy.’

‘Facebook has been selling information to government agencies and giving clandestine access to information security firms so that they can spy on people from all around the world,’ the robotic voice of the Anonymous YouTube video says.

‘Facebook knows more about you than your family,’ claims the video.

While the Facebook attack planned for November 5 has recently been disowned by the Anonymous collective, the big question still remains: do the owners of ‘Operation Facebook’ have a point?

Although the video makes some outrageous claims, it does touch on the fact that information shared on Facebook may not be as private as we think.

People are generally unaware that Facebook’s Privacy Policy states that all information set to the privacy setting of ‘everyone’ is ‘publicly available information’.

‘Such information may, for example, be accessed by everyone on the internet (including people not logged into Facebook), be indexed by third party search engines, and be imported, exported, distributed, and redistributed by us and others without privacy limitations,’ the policy states.

That means that anything posted on Facebook with the ‘everyone’ setting is essentially fair game on the web. Every picture, status update and video set to ‘everyone’ can be accessed by anyone, anywhere on the World Wide Web (and possibly even legally distributed by Facebook). The same goes for any personal information posted without a privacy lock, such as a phone number or place of work.

Didn’t know that? Better check your settings. Certain information posted on Facebook is defaulted to ‘everyone’.

Examples are now coming to light where Facebook’s new facial recognition software may be violating users’ privacy. In Germany, Facebook has already been threatened with legal action for violating privacy and data protection laws by collecting and storing biometric facial profiles without proper consent.

Researchers have also raised concerns about a wider application of Facebook’s facial recognition software.  A recent study conducted at Heinz College at Carnegie Mellon University by Alessandro Acquisti suggests those fears are warranted.

The associate professor of information technology and public policy said that Facebook’s software has ‘ominous risks for privacy’, reported Cnet.

Acquisti assembled a database of about 25,000 photographs taken from students’ Facebook profiles, and then used the facial recognition software to put a name to the faces of pictures of student volunteers he took on campus. The software was able to put a name to 31 percent of the students in the pictures within three seconds of comparisons.

These results have put researchers on alert.

‘Other than adapting to a world where every stranger in the street could predict quite accurately sensitive information about you (such as your social security number, but also your credit score, or sexual orientation), we need to think about policy solutions that can balance the benefits and risks of peer-based face recognition,’ researchers claimed in a summary of their work posted online. ‘Self-regulation, or opt-in mechanisms, are not going to work, since the results we presented are based on publicly available information.’

Facebook’s privacy policy states that ‘your name and profile picture do not have privacy settings.’

There are also currently no opt-out options for the facial recognition software, which means that the biometric facial profiles of the more than 750 million users on Facebook have already been collected and stored somewhere in a database.

Perhaps the hackers waging war against Facebook are on to something. While Facebook may not explicitly violate its users’ personal privacy, there is strong evidence to conclude that Facebook is dangerously close to doing so.

Samantha Afetian is a Journalism student at La Trobe University, currently on exchange from San Diego State University, and a member of upstart’s editorial team.  You can follow her on Twitter: @Sam Afetian.