It has been suggested that this article should be split into articles titled Potential dangers of social networking sites, Privacy concerns of Facebook and Concerns of Snapchat. (discuss) (June 2020)

Since the arrival of early social networking sites in the early 2000s, online social networking platforms have expanded exponentially, with the biggest names in social media in the mid-2010s being Facebook, Instagram, Twitter and Snapchat. The massive influx of personal information that has become available online and stored in the cloud has put user privacy at the forefront of discussion regarding the database's ability to safely store such personal information. The extent to which users and social media platform administrators can access user profiles has become a new topic of ethical consideration, and the legality, awareness, and boundaries of subsequent privacy violations are critical concerns in advance of the technological age.^[1]

A social network is a social structure made up of a set of social actors (such as individuals or organizations), sets of dyadic ties, and other social interactions between actors. Privacy concerns with social networking services is a subset of data privacy, involving the right of mandating personal privacy concerning storing, re-purposing, provision to third parties, and displaying of information pertaining to oneself via the Internet. Social network security and privacy issues result from the large amounts of information these sites process each day. Features that invite users to participate in—messages, invitations, photos, open platform applications and other applications are often the venues for others to gain access to a user's private information. In addition, the technologies needed to deal with user's information may intrude their privacy.

The advent of the Web 2.0 has caused social profiling and is a growing concern for internet privacy.^[2] Web 2.0 is the system that facilitates participatory information sharing and collaboration on the Internet, in social networking media websites like Facebook and MySpace.^[2] These social networking sites have seen a boom in their popularity beginning in the late 2000s. Through these websites many people are giving their personal information out on the internet. These social networks keep track of all interactions used on their sites and save them for later use.^[3] Issues include cyberstalking, location disclosure, social profiling, third party personal information disclosure, and government use of social network websites in investigations without the safeguard of a search warrant.

History

Before social networking sites exploded over the past decade, there were earlier forms of social networking that dated back to 1997 such as Six Degrees and Friendster. While these two social media platforms were introduced, additional forms of social networking included: online multiplayer games, blog and forum sites, newsgroups, mailings lists and dating services. They created a backbone for the new modern sites. Since the start of these sites, privacy has become a concern for the public. In 1996, a young woman in New York City was on a first date with an online acquaintance and later sued for sexual harassment after her date tried to play out some of the sexual fantasies they had discussed while online. This is just an early example of many more issues to come regarding internet privacy.^[4]

In the past, social networking sites primarily consisted of the capability to chat with others in a chat room, which was far less popular than social networks today. People using these sites were seen as "techies" unlike users in the current era. One of the early privacy cases was in regards to MySpace, due to "stalking of minors, bullying, and privacy issues", which inevitably led to the adoption of "age requirements and other safety measures".^[5] It is very common in society now for events such as stalking and "catfishing" to occur.

According to Kelly Quinn, “the use of social media has become ubiquitous, with 73% of all U.S. adults using social network sites today and significantly higher levels of use among young adults and females." Social media sites have grown in popularity over the past decade, and they only continue to grow. A majority of the United States population uses some sort of social media site.^[6]

Causes

There are several causes that contribute to the invasion of privacy throughout social networking platforms. It has been recognized that “by design, social media technologies contest mechanisms for control and access to personal information, as the sharing of user-generated content is central to their function." This proves that social networking companies need private information to become public so their sites can operate. They require people to share and connect with each other.^[6] This may not necessarily be a bad thing; however, one must be aware of the privacy concerns. Even with privacy settings, posts on the internet can still be shared with people beyond a user's followers or friends. One reason for this is that “English law is currently incapable of protecting those who share on social media from having their information disseminated further than they intend." Information always has the chance to be unintentionally spread online. Once something is posted on the internet, it becomes public and is no longer private. Users can turn privacy settings on for their accounts; however, that does not guarantee that information will not go beyond their intended audience. Pictures and posts can be saved and posts may never really get deleted. In 2013, the Pew Research Center found that "60% of teenage Facebook users have private profiles.” This proves that privacy is definitely something that people still wish to obtain.^[7]

A person's life becomes much more public because of social networking. Social media sites have allowed people to connect with many more people than with just in person interactions. People can connect with users from all across the world that they may never have the chance to meet in person. This can have positive effects; however, this also raises many concerns about privacy. Information can be posted about a person that they do not want getting out. In the book It's Complicated, the author, Danah Boyd, explains that some people “believe that a willingness to share in public spaces—and, most certainly, any act of exhibitionism and publicity—is incompatible with a desire for personal privacy." Once something is posted on the internet, it becomes accessible to multiple people and can even be shared beyond just assumed friends or followers. Many employers now look at a person's social media before hiring them for a job or position. Social media has become a tool that people use to find out information about a person's life. Someone can learn a lot about a person based on what they post before they even meet them once in person. The ability to achieve privacy is a never ending process. Boyd describes that “achieving privacy requires the ability to control the social situation by navigating complex contextual cues, technical affordances, and social dynamics." Society is constantly changing; therefore, the ability to understand social situations to obtain privacy regularly has to be changed.^[8]

Various levels of privacy offered

Social networking sites vary in the levels of privacy offered. For some social networking sites like Facebook, providing real names and other personal information is encouraged by the site (onto a page known as a 'Profile'). This information usually consists of the birth date, current address, and telephone number(s). Some sites also allow users to provide more information about themselves such as interests, hobbies, favorite books or films, and even relationship status. However, there are other social network sites, such as Match.com, where most people prefer to be anonymous. Thus, linking users to their real identity can sometimes be rather difficult. Nevertheless, individuals can sometimes be identified with face re-identification. Studies have been done on two major social networking sites, and it is found that by overlapping 15% of the similar photographs, profile pictures with similar pictures over multiple sites can be matched to identify the users.^[9]

People concern

“According to research conducted by the Boston Consulting Group, privacy of personal data is a top issue for 76 percent of global consumers and 83 percent of U.S. consumers.”^[10] Six-in-ten Americans (61%) have said they would like to do more to protect their privacy.^[11]

For sites that do encourage information disclosure, it has been noted that a majority of the users have no trouble disclosing their personal information to a large group of people.^[9] In 2005, a study was performed to analyze data of 540 Facebook profiles of students enrolled at Carnegie Mellon University. It was revealed that 89% of the users gave genuine names, and 61% gave a photograph of themselves for easier identification.^[9] Majority of users also had not altered their privacy setting, allowing a large number of unknown users to have access to their personal information (the default setting originally allowed friends, friends of friends, and non-friends of the same network to have the full view of a user's profile). It is possible for users to block other users from locating them on Facebook, but this must be done by individual basis, and would, therefore, appear not to be commonly used for a wide number of people. Most users do not realize that while they may make use of the security features on Facebook the default setting is restored after each update. All of this has led to many concerns that users are displaying far too much information on social networking sites which may have serious implications on their privacy. Facebook was criticized due to the perceived laxity regarding privacy in the default setting for users.^[12]

The “Privacy Paradox” is a phenomenon that occurs when individuals, who state that they have concerns about their privacy online, take no action to secure their accounts.^[13] Furthermore, while individuals may take extra security steps for other online accounts, such as those related to banking or finance, this does not extend to social media accounts.^[13] Some of these basic or simple security steps would include deleting cookies, browser history, or checking one's computer for spyware.^[13] Some may attribute this lack of action to “third-person bias”. This occurs when people are aware of risks, but then do not believe that these risks apply or relate to them as individuals.^[13] Another explanation is a simple risk reward analysis. Individuals may be willing to risk their privacy to reap the rewards of being active on social media.^[13] Oftentimes, the risk of being exploited for the private information shared on the internet is overshadowed by the rewards of exclusively sharing personal information that bolsters the appeal of the social media user.^[14]

In the study by Van der Velden and El Emam, teenagers are described as “active users of social media, who seem to care about privacy, but who also reveal a considerable amount of personal information.”^[15] This brings up the issue of what should be managed privately on social media, and is an example of the Privacy Paradox. This study in particular looked at teenagers with mental illness and how they interact on social media. Researchers found that “it is a place where teenage patients stay up-to-date about their social life—it is not seen as a place to discuss their diagnosis and treatment.”^[15] Therefore, social media is a forum that needs self-protection and privacy. Privacy should be a main concern, especially for teens who may not be entirely informed about the importance and consequences of public versus private use. For example, the “discrepancy between stated privacy concerns and the disclosure of private information.”^[15]

User awareness in social networking sites

Users are often the targets as well as the source of information in social networking. Users leave digital imprints during browsing of social networking sites or services. It has been identified from few of the online studies, that users trust websites and social networking sites. As per trust referred,^[16] "trust is defined in (Mayer, Davis, and Schoorman, 1995) as "the willingness of a party to be vulnerable to the actions of another party based on the expectation that the other will perform a particular action important to the trustor, irrespective of the ability to monitor or control that other party" (p. 712)". A survey^[17] was conducted by Carnegie Mellon University, a majority of users provided their living city, phone numbers among other personal information, while user is clearly unaware of consequences of sharing certain information. Adding to this insight, is the social networking users are from various cities, remote villages, towns, cultures, traditions, religions, background, economic classes, education background, time zones and so on that highlight the significant gap in awareness.

The survey results of the paper^[17] suggest, "These results show that the interaction of trust and privacy concern in social networking sites is not yet understood to a sufficient degree to allow accurate modeling of behavior and activity. The results of the study encourage further research in the effort to understand the development of relationships in the online social environment and the reasons for differences in behavior on different sites."

As per reference, a survey conducted among social networking users at Carnegie Mellon University was indicative of following as reasons for lack of user awareness: 1) People's disregard of privacy risks due to trust in privacy and protection offered on social networking sites.
2) Availability of user's personal details to third-party tools/applications.
3) APIs and Frameworks also enable any user, who has the fair amount of knowledge to extract the user's data.
4) Cross-site forgery and other possible website threats.

There is hence a dire need for improving User's awareness swiftly, in order to address growing security and privacy concerns caused due to merely user's unawareness. Social networking sites themselves can take a responsibility and make such awareness possible by means of participatory methods by virtual online means.^[18]

To improve user's awareness, a possible method is to have privacy-related trainings for people to understand privacy concerns with the use of social media websites or apps.^[19] The trainings can include information of how certain companies or apps help secure user's privacy, and skills to protect user's privacy.^[19]

Studies have also shown that privacy literacy plays a role in enhancing use of privacy protective measures and people that are concerned about privacy were less likely to online services and share personal information.^[20]

Data access methods

There are several ways for third parties to access user information. Flickr is an example of a social media website that provides geotagged photos that allows users to view the exact location of where a person is visiting or staying. Geotagged photos make it easy for third party users to see where an individual is located or traveling to.^[21] There is also growing use of phishing, which reveals sensitive information through secretive links and downloads through email, messages, and other communications. Social media has opened up an entirely new realm for hackers to get information from normal posts and messages.^[22]

Share it with third parties

Nearly all of the most popular applications on Facebook—including Farmville, Causes, and Quiz Planet—have been sharing users' information with advertising and tracking companies.^[23] Even though Facebook's privacy policy says they can provide "any of the non-personally identifiable attributes we have collected"^[24] to advertisers, they violate this policy. If a user clicked a specific ad in a page, Facebook will send the user address of this page to advertisers, which will directly lead to a profile page. In this case, it is easy to identify users' names.^[25] For example, Take With Me Learning is an app that allows teachers and students to keep track of their academic process. The app requires personal information that includes, school name, user's name, email, and age. But Take With Me Learning was created by a company that was known for illegally gathering student's personal information without their knowledge and selling it to advertisement companies. This company had violated the Children's Online Privacy Protection Act (COPPA), used to keep children safe from identity theft while using the internet.^[26] Most recently, Facebook has been scrutinized for the collection of users' data by Cambridge Analytica. Cambridge Analytica was collecting data from Facebook users after they agreed to take a psychology questionnaire. Not only could Cambridge Analytica access the data of the person who took the survey, they could also access all of the data of that person's Facebook friends. This data was then used to hopefully sway people's’ beliefs in hopes that they would vote for a certain politician. While what Cambridge Analytica did by collecting the data may or may not be illegal, they then transferred the data they acquired to third parties so that it could be used to sway voters.^[27] Facebook was fined £500,000 in the UK, $5bn (£4bn) in the US, and in 2020, the company was taken to court by Australia's privacy regulator with the perspective of imposing a fine of A$1.7m (£860,000).^[28]

API

Application programming interface (API) is a set of routines, protocols, and tools for building software applications. By using query language, sharing content and data between communities and applications became much easier. APIs simplify all that by limiting outside program access to a specific set of features—often enough, requests for data of one sort or another. APIs clearly define exactly how a program will interact with the rest of the software world—saving time.^[29]

An API allows software to “speak with other software.”^[30] Furthermore, an API can collect and provide information that is not publicly accessible. This is extremely enticing for researchers due to the greater number of possible avenues of research.^[30] The use of an API for data collection can be a focal point of the privacy conversation, because while the data can be anonymous, the difficulty is understanding when it becomes an invasion of privacy.^[30] Personal information can be collected in mass, but the debate over whether it breaches personal privacy is due to the inability to match this information with specific people.^[30]

There have however been some concerns with API because of the recent scandal between Facebook and the political consulting firm, Cambridge Analytica. What happened was “Facebook allowed a third-party developer to engineer an application for the sole purpose of gathering data. And the developer was able to exploit a loophole to gather information on not only people who used the app but all their friends — without them knowing.” ^[31]

In 2020, critics praised Apple and Google for their contact tracing API that had technical specifications that were conscious of privacy concerns.^[32]

Search engines

Search engines are an easy way to find information without scanning every site yourself. Keywords that are typed into a search box will lead to the results. So it is necessary to make sure that the keywords typed are precise and correct. There are many such search engines, some of which may lead the user to fake sites which may obtain personal information or are laden with viruses. Furthermore, some search engines, like DuckDuckGo, will not violate the user's privacy.^[33]

Location data

On most social media websites, user's geographical location can be gathered either by users (through voluntary check-in applications like Foursquare and Facebook Places) or by applications (through technologies like IP address geolocation, cellphone network triangulation, RFID and GPS). The approach used matters less than the result which holds that the content produced is coupled with the geographical location where the user produced it. Additionally, many applications attach the contents of other forms of information like OS language, device type and capture time. The result is that by posting, tweeting or taking pictures, users produce and share an enormous amount of personal information.^[34]

Email and phone number leaks

Many large platforms reveal a part of a user's email address or phone number when using the 'forgotten password' function. Often the whole email address can be derived from this hint and phone digits can be compared with known numbers.^[35]

Benefit from data

By using this accessible data along with data mining technology, users' information can be used in different ways to improve customer service.

According your retweets, likes, and hashtags, Twitter can recommend some topics and advertisements. Twitter's suggestions for whom to follow^[36] are done by this recommendation system. Commerce, such as Amazon, make use of users' information to recommend items for users. Recommendations are based on at least prior purchases, shopping cart, and wishlist. Affinity analysis is a data mining technique that used to understand the purchase behavior of customers.

By using machine learning method, whether a user is a potential follower of Starbucks can be predicted.^[37] In that case, it is possible to improve the quality and coverage of applications. In addition, user profiles can be used to identify similar users.

According to Gary Kovacs's speech about Tracking our online trackers, when he used the internet to find an answer to a question, "We are not even 2 bites into breakfast and there are already nearly 25 sites that are tracking me", and he was navigated by 4 of them.^[38]

Privacy concerns

Studies have shown that people's belief in the right to privacy is the most pivotal predictor in their attitudes concerning online privacy.^[39]

Social profiling and third party disclosure

The Privacy Act of 1974 (a United States federal law) states:

"No agency shall disclose any record which is contained in a system of records by any means of communication to any person, or to another agency, except pursuant to a written request by, or with the prior written consent of, the individual to whom the record pertains ." 5 U.S.C. § 552a(b).

Disclosure in this context refers to any means of communication, be it written, oral, electronic or mechanical. This states that agencies are forbidden to give out, or disclose, the information of an individual without being given consent by the individual to release that information. However, it falls on the individual to prove that a wrongful disclosure, or disclosure in general, has occurred.^[40] Because of this social networking sites such as Facebook ask for permission when a third-party application is requesting the user's information.

Although The Privacy Act of 1974 does a lot to limit privacy invasion through third party disclosure, it does list a series of twelve exceptions that deem disclosure permissible:

1. For members of an agency who need such information "in the performance of their duties".

2. If the Freedom of Information Act requires such information

3. If the information that is disclosed "is compatible with the purpose for which it was collected".

4. If the Bureau of Census needs such information to complete a particular census.

5. If the third party explicitly informs the individual that the information collected will serve only as a form of "statistical research" and is not "individually identifiable".

6. If it is historically relevant to be added to the National Archives and Records Administration.

7. If such information was requested by a law enforcement agency.

8. If such information is deemed beneficial to the "health or safety of an individual".

9. If such information is requested by the House of Congress or by one of its subcommittees.

10. If such information is requested by the head of the Government Accountability Office or by one "of his authorized representatives".

11. If such information is requested through a court order.

12. If such information is requested through the Debt Collection Act.^[40]

Social profiling allows for Facebook and other social networking media websites of filtering through the advertisements, assigning specific ones to specific age groups, gender groups, and even ethnicities.^[2]

Data aggregation sites like Spokeo have highlighted the feasibility of aggregating social data across social sites as well as integrating it with public records. A 2011 study^[41] highlighted these issues by measuring the amount of unintended information leakage over a large number of users with the varying number of social networks. It identified and measured information that could be used in attacks against what-you-know security.

Studies^[42][43] have also pointed to most social networks unintentionally providing third party advertising and tracking sites with personal information. It raises the issue of private information inadvertently being sent to third party advertising sites via Referrer strings or cookies.

Civil libertarians worry that social networking sites, particularly Facebook, have greatly diminished user confidentiality in numerous ways.^[44] For one thing, when social media platforms store private data, they also have complete access to that material as well. To sustain their profitability, applications like Facebook examine and market personal information by logging data through cookies, small files that stockpile the data on someone's device. Companies, such as Facebook, carry extensive amounts of private user information on file, regarding individuals’, “likes, dislikes, and preferences”, which are of high value to marketers.^[45] As Facebook reveals user information to advertising and marketing organizations, personalized endorsements will appear on news feeds based on “surfing behavior, hobbies, or pop culture preferences”.^[44] For those reasons, Facebook's critics fear that social networking companies may seek business ventures with stockholders by sharing user information in the exchange of profits. Additionally, they argue that since Facebook demonstrates an illusion of privacy presented by a “for-friends-only” type of platform, individuals find themselves more inclined to showcase more personal information online. According to the critics, users might notice that the sponsorships and commercials are tailored to their disclosed private data, which could result in a sense of betrayal.^[44]

Institutional

A number of institutions have expressed concern over the lack of privacy granted to users on social networking sites. These include schools, libraries, and Government agencies.^[46]

Libraries

Libraries in the particular, being concerned with the privacy of individuals, have debated on allowing library patrons to access social networking sites on public library computers. While only 19% of librarians reportedly express real concern over social networking privacy, they have been particularly vocal in voicing their concerns.^[47] Some have argued that the lack of privacy found on social networking sites is contrary to the ethics supported by Library organizations, and the latter should thus be extremely apprehensive about dealing with the former.^[47] Supporters of this view present their argument from the code of ethics held by both the American Library Association and the UK based Chartered Institute of Library and Information Professionals, which affirms a commitment to upholding privacy as a fundamental right.^[47] In 2008, a study was performed in fourteen public libraries in the UK which found that 50% blocked access to social networking sites.^[48] Many school libraries have also blocked Facebook out of fear that children may be disclosing too much information on Facebook. However, as of 2011, Facebook has taken efforts to combat this concern by deleting profiles of users under the age of thirteen.^[49]

Potential dangers

Identity theft

As there is so much information provided other things can be deduced, such as the person's social security number, which can then be used as part of identity theft.^[50] In 2009, researchers at Carnegie Mellon University published a study showing that it is possible to predict most and sometimes all of an individual's 9-digit Social Security number using information gleaned from social networks and online databases. (See Predicting Social Security Numbers from Public Data by Acquisti and Gross).^[51] In response, various groups have advised that users either do not display their number, or hide it from Facebook 'friends' they do not personally know.^[52] Cases have also appeared of users having photographs stolen from social networking sites in order to assist in identity theft.^[53] According to the Huffington Post, Bulgarian IT consultant Bogomil Shopov claimed in a recent blog to have purchased personal information on more than 1 million Facebook users, for the shockingly low price of US$5.00. The data reportedly included users' full names, email addresses, and links to their Facebook pages.^[54] The following information could be used to steal the users' identities : Full names including middle name, date of birth, hometown, relationship status, residential information, other hobbies and interest.

Preteens and early teenagers

Among all other age groups, in general, the most vulnerable victims of private-information-sharing behavior are preteens and early teenagers. According to research, many teens report that social media and social networking services are important to building relationships and friendships. With this fact comes privacy concerns such as identity theft, stealing of personal information, and data usage by advertising companies. Besides from using social media to connect, teenagers use social networking services for political purposes and obtaining information. However, sometimes social media can become the place for harassment and disrespectful political debates that fuels resentment and rises privacy concerns.^[11][55] Zdroj:https://en.wikipedia.org?pojem=Privacy_concerns_with_social_networking_services
Text je dostupný za podmienok Creative Commons Attribution/Share-Alike License 3.0 Unported; prípadne za ďalších podmienok. Podrobnejšie informácie nájdete na stránke Podmienky použitia.