Social Network Sites: a threat to our privacy?

Downloads:

(requires a PDF reader)

Abstract
This research project aims to explore the reasons why students choose to
use social networking sites, yet make so much personal information, such as
name, date of birth, and even contact details for example e-mail address and
phone numbers visible for anyone to read. Facebook and MySpace are popular
social network sites among students.

Therefore this research project will focus primarily on these
sites. The key foci of this research are
to: i) Identify how many students within the University of Hull have personal
identifiable information about them which is viewable and ii) Take a sample of
students and perform an in-depth analysis of why they have or have not chosen
to make information about them visible.

1. Introduction

As described in the abstract this research revolves around privacy on MySpace and Facebook, and whether these sites pose a risk to our privacy. The research is divided into sections,
starting with the background giving a general overview of social networking,
then looking at Facebook and MySpace in more detail in regards to the privacy
they offer. The next part of the paper describes the process of conduction the
research and hypothesis, finally the paper will demonstrate the results and
conclusions drawn from the research.

2. Background
With the introduction of the internet and in particular, the world wide web, people
have sought ways to communicate with one another and make new ‘friends’ over
greater distances. According to an article by Marc Cieslak; “In recent years the interaction between web-users has grown dramatically, spawning a new generation of networking sites. The notion
of Web 2.0…where content is created and shared by users has given birth to
some of the most popular sites the internet has ever seen. So much so, that
anybody who is anyone wants to be part of the online social networking scene.”
Furthermore the idea of privacy in social network could be described as a paradox; because
information about you is shared with other members of the network thus there is
little or no privacy.
Correspondingly,in Howard Rheingold’s book, Smart Mobs, he identifies that social networking
sites are places of information; “Every time someone interacts with another
person, there is the potential to exchange information…The structure of
everyone’s links to everyone else in a network that acts as a channel through
which news, job tips, possible romantic partners”(2002, 56).

With the notion of information available to other people it brings risks to social
networking sites. These risks include cyber-stalking, where individuals can
view their victims’ profile and access information, such as their e-mail
address and telephone numbers and harass or contact their victims in an
unsolicited manner. Additionally with social networks there is the threat of
identity theft, “It is not just the average net user who is a fan of social
network sites, so are hi-tech criminals.” (Ward, 2008) criminals use social
networking sites to gain personal information off victims’ profiles. David
Porter, head of security and risk at Detica, stated “It is remarkable that
people use social networking websites to publish details about their lives,
loves, jobs and hobbies to the entire world that they would not dream of
sharing with a stranger in a bar…Such data is invaluable to identity
fraudsters.” (Ward, 2008)

In addition cyber-stalking, other risks to our privacy from social networking sites include using them as a means of surveillance.
Social networks could be described as “big brother” in reference to the novel
1984 by George Orwell because, similar to stalking users are able to see what

other members have being doing by looking at status updates, profile
information. One article by Josh Smith entitled “Big Brothers, Big Facebook:
Your Orwellian Community” reports on the notion of privacy and the idea of
Facebook being used as a surveillance method. Within it he states that “Some of
the aspects of the privacy policy are downright creepy and confusing.” (Smith,
2005) and continues “Who knows where the information they collect … or what
they intend to do with it.” (Smith, 2005)

Ironically, recently social networking sites such as Facebook are being used to fight crime. A recent example of this is Greater Manchester Police “have developed an application for the popular
social networking site that allows users to submit intelligence about crimes as
well as keeping them up to date with news stories… users get a news feed
alongside links to a crime-reporting form, force website and YouTube videos.” (Channel
4 News, 2008)

continuing on the theme of crime preventionand surveillance, Facebook users in Africa are urged to report sightings of wanted men, similar to that of the application developed by Greater Manchester
Police.

Additionally within the media, there have been reports of university students being disciplined and even suspended from university from photographs that have been viewed of what the students have
been doing. Is this an invasion of students’ privacy? Or is it indeed the fault
of the student for making these publicly available. The answer is debatable.
Ultimately, privacy could be exploited by law officials to track criminals, or
perhaps in the future it could lead to Facebook or MySpace profile content
being used for evidence in trial; a potential idea for future research.

Privacy Features on Facebook

According to the Facebook site:

“We believe you should have control over your
information and who sees it. So in addition to the basic visibility rules –
only your friends and people in your networks can see your profile – we also
give you granular control over the information you post to the site.” (Facebook,
2008)

However on this page it does not inform the user of the full privacy controls on Facebook, instead the user has to discover them by looking in the account settings. Nevertheless, Facebook Offers the
following privacy controls:

Option to not to

  • be included in search resultsOption for
  • profile to be only viewable by friends
  • Various parts of
  • the profile to be viewable only friends, networks or anyone
  • Ability to customise who can view your contact information

In addition to the controls outlined above, by default other members of Facebook are not able to view your profile unless they are in the same network as you. However, everyone on the same network as
you is able to view your profile, unless you change the option in the settings.


Privacy Features on MySpace

Similar to Facebook, MySpace offers some privacy features, but are not enabled by
default and requires the user to enable them. MySpace offers the following
Privacy features:

Option to make
profile private
Requiring knowing someone’s surname or e-mail address in order to be a ‘friend’
Hide online
status
Controlling who can view your blog/profile by blocking users
Option to approve comments before they are visible on your profile

Larry Magid posted some advice on his article on MySpace privacy stating that “The
best way to protect your privacy on MySpace or any other service is to avoid
posting any personally identifiable information.” (Magid, 2006) This is very
true and really the only way to avoid personal details being misused.

Facebook Privacy Policy

Facebook’s privacy policy claims that the user has control over the information, yet
within the policy it has some quite disturbing revelations. For example Facebook claims to have the right
to collect information about you from other sources:
“Facebook may also collect information about you from

other sources, such as newspapers, blogs, instant messaging services, and other
users of the Facebook service through the operation of the service.” (Facebook,
2008)
Additionally Facebook may sell details to third parties; however they claim that the information is not identifiable. “Facebook may use information in your profile without identifying you as an
individual to third parties”. . (Facebook, 2008) Nevertheless it is still
sharing personal details with others.
Furthermore Facebook expands on the
point that they own the data that you post on the site for them to as they
wish:
“By posting User Content to any part of the Site, you
automatically grant, and you represent and warrant that you have the right to
grant, to the Company an irrevocable, perpetual, non-exclusive, transferable,
fully paid, worldwide license (with the right to sublicense) to use, copy,
publicly perform, publicly display, reformat, translate, excerpt (in whole or
in part) and distribute such User Content for any purpose, commercial,
advertising, or otherwise…You may remove your User Content from the Site at
any time. If you choose to remove your User Content, the license granted above
will automatically expire, however you acknowledge that the Company may retain
archived copies of your User Content.” (Facebook, 2008a)

It is paradoxical that Facebook claims the user has control over the data yet has these clauses.

Previous Works
Similar research, Facebook: Threats to Privacy, by Harvey Jones, José Hiram Soltren,
was undertaken in 2005. This research was performed on American students on
four universities; Massachusetts Institute of Technology, University of Oklahoma,
New York University, and Harvard University. One of the outcomes of their
research shows that the majority of users surveyed were “somewhat” concerned
about their privacy on Facebook, whilst the minority were very concerned about
their privacy on Facebook.
In addition, Sophos a security company did similar research on the risk to privacy on Facebook concluded that “41% of users happy to reveal all to potential identity thieves” (2007). Within this
research it involved creating a bogus profile (Freddi), and requesting to be
‘friends’ with 200 randomly selected Facebook users. Furthermore, from their
research they raised concerns how easy it was to steal information;”What’s worrying is how easy it was for Freddi to go about his business. He now has enough information to create phishing … to
guess users’ passwords, impersonate them or even stalk them” (Sophos, 2008).

Dwyer et.al carried out research comparing the privacy of MySpace and Facebook and one of the outcomes of their research was “Facebook members reveal more information” (Dwyer et.al, 2007) However, there were no real conclusions of which site posed more of a risk to privacy. This research will see if there are any similar findings with students at the University of Hull.

4. Hypothesis

The research revolves around if Social
Networks are threat to our Privacy? Or is it not the students that are a threat
to themselves? The majority students within the university have personal
viewable and they are aware of the risks to their privacy but are not concerned
about it. In addition this research will attempt to find reasons to why
students post personal information about themselves online. Using the Project
Aims & Objectives and methodology, the research will prove or disprove this
hypothesis.

5. Methodology

This research utilized a mixed methodology and employed two methods of data collection. The initial part of the research, will involved viewing 100 students of the University of Hull Profiles. 50
profiles that are on the University of Hull group on MySpace and 50 profiles on
the University Of Hull network on Facebook and recorded how many of these
profiles have personally identifiable information: full name, contact details
and date of birth viewable. None of the
details found were recorded; only the statistics of how many have information
viewable and the results analysed and represented in charts.

The next stage of the research involved producing a survey which will be sent out to 50 students. When designing the survey the questions were designed to be simple and straightforward by mainly using multiple choice answers and limited number of questions in order to receive as
many responses as possible. The survey was created using a web-based survey (surveymonkey.com)
and was sent out via email to 50 students with the expectation that most would
complete the short survey. The web based survey was approached because it
offered a convenient and simple way for the recipients of the survey to
complete in addition to the researcher analysis of the results was made simpler
using the tools provided.
5. Results


Facebook Profiles

A sample of 50 students chosen at random from the University of Hull Network page, out of those
randomly selected 28 were female the remaining were male. Figure 1 outlines a
summary of the findings (the % refers to the percentage of profiles viewed with
information visable):

Full name Address e-mail Tel. num Date of birth Personal info* Private profile
% 98 6 38 14 70 100 12

MySpace Profiles

A sample of 50 students were chosen at random from the University of Hull group out of those selected 27 were female, the remainder male. Figure 2 outlines a summary of the findings:

Full name Address e-mail Tel. num Date of birth Personal info* Private profile
% 26 0 8 0 24 32 32

Comparison of the Results
On first viewing of the results it is clear that Facebook users have more personal identifiable info.
One reason for this is that Facebook requires you to enter this information
when joining and the information is displayed by default on Facebook. If the
user wishes to hide this information then it must be altered in the privacy
settings.
Another comparison using the results (figures 3 and 4) was to see if there females were more likely to have their
profile set as private. In MySpace is was clearer that females were more likely
to have their profile set as private, however in MySpace it was equal, this
could be due to the relatively small sample size so further research is
required.

Graph Comparing Gender

Graph Comparing Gender

graph comparing profiles set to private

graph comparing profiles set to private

.4. Survey Results
A short survey was sent to 50 students of which 24 responded. Out of the respondents 14 were male and 10 female.

Survey Results

Survey Results

Fig 5

Figure 5 Shows that only
33.3% of the respondents had their profile set as private, and 8% were unsure
if their profile was private. Of the 8% one was male and the other female. Interestingly
from the results it was more likely that males had their profile set as private
(6 males had it private whereas 2 females had it set as private); however more
males responded to the survey than females.


how many read privacy policy

how many read privacy policy

Fig 6

Worryingly, from figure 6 it
shows that over 80% of respondents did not read the privacy policy when they
subscribed to sites such as Facebook.


survey results

survey results

Fig 7

From Figure 7, it seems that
most users are aware of the risks to privacy but are not too concerned and
interestingly 12.5% are not bothered by the risks to privacy. Is this because
they are not aware of the risks? Further research maybe required.

Finally
a question in the survey enquired to why they have put personal information on
their profile, not all responded to this question, but responses were:

  • Because it asked for it
  • So people know who I am, can contact me etc.
  • So that my friends can see general information about me
  • to let people know who I am
  • name because needed
  • to identify me
  • No reason not to.
  • required for contacts
  • Because I like to know the name and age of people I am talking to, so i put mine up for others.
  • because it asks me to

A re-occurring response is
that sites ask for this information and so that people can find them.

6. Conclusion

This research does support previous finding such as Facebook members reveal more information, and that a minority of people were very concerned about their privacy online. In addition
from the survey it proves the hypothesis that most users are aware of the
privacy risks, but are not concerned. However it is harder to prove or disprove
the hypothesis that social networking sites are a risk to privacy. Nevertheless
the results suggest that it is more likely that the students themselves are
more of a risk to their privacy. We can see parallels with Kevin Mitnick’s
books “There art of Deception” where he describes “….we humans (…) remain the
most severe threat to each other’s security” (8, 2002). Whilst Social
Networking sites offer some protection for privacy, it is ultimately the user
that puts the information upon these sites. Further research into if it
possible to have personal information on these sites, yet still have privacy is
a suggestion for future research.

Channel 4 news., ‘Facebook application
to fight crime’

http://www.channel4.com/news/articles/science_technology/facebook+application+to+fight+crime/2019067

,2008(accessed 28.04.08

Cieslak, M., ‘Rise of the
web’s social network’
http://news.bbc.co.uk/1/hi/programmes/click_online/5391258.stm 2006
(accessed 5.03.08)

Dwyer et.al., ‘Trust and
privacy concern within social networking sites: A comparison of Facebook and
MySpace’

http://csis.pace.edu/~dwyer/research/DwyerAMCIS2007.pdf

(accessed 28.04.08)

Facebook., ‘Privacy Policy’ < http://www.facebook.com/policy.php >2008(accessed
28.04.08)

Facebook(a)., ‘Terms of use < http://www.facebook.com/terms.php >2008(accessed
28.04.08)

Jones, H., Soltren, J,
‘Facebook: Threats to Privacy’<

http://ocw.mit.edu/NR/rdonlyres/Electrical-Engineering-and-Computer-Science/6-805Fall-2005/8EE6D1CB-A269-434E-BEF9-D5C4B4C67895/0/facebook.pdf&gt;2005

(accessed 1.03.08)

Magid, L, ‘Turn on MySpace
Privacy Features’< http://www.pcanswer.com/articles/myspaceprivacy.htm&gt;2006(accessed
28.04.08)

Mitnick, K.,2002: The Art Of
Deception: Controlling the Human Element of Security (Indiana: Wiley Publishing
Inc)

Rheingold, H., 2002: Smart
Mobs: the next Social Revolution (United States of America: Basic Books)

Smith, J ‘Big Brothers, Big
Facebook: Your Orwellian Community’<
href=”http://www.commongroundcommonsense.org/forums/lofiversion/index.php/t34949.html”>

http://www.commongroundcommonsense.org/forums/lofiversion/index.php/t34949.html

(accessed 28.04.08)

Sophus., ‘Facebook Research ID
Probe’ <http://www.sophos.com/pressoffice/news/articles/2007/08/facebook.html>2007
(accessed 28.04.08)

Ward, M., ‘Cyber thieves
target social sites’
<http://news.bbc.co.uk/1/hi/technology/7156541.stm>2008(accessed 5.03.08)


Bibliography

Barnes, S., ‘A privacy paradox: Social networking in the United States’

<http://www.firstmonday.org/issues/issue11_9/barnes/index.html>2006
(accessed 5.03.08)

Cieslak, M., ‘Rise of the
web’s social network’
<http://news.bbc.co.uk/1/hi/programmes/click_online/5391258.stm>2006
(accessed 5.03.08)

Hargittai, E., ‘Whose Space?
Differences Among Users and Non-Users of Social Network Sites’ <
http://jcmc.indiana.edu/vol13/issue1/hargittai.html&gt;2007 (accessed 5.03.08)

Jones, H., Soltren, J,
‘Facebook: Threats to Privacy’< http://ocw.mit.edu/NR/rdonlyres/Electrical-Engineering-and-Computer-Science/6-805Fall-2005/8EE6D1CB-A269-434E-BEF9-D5C4B4C67895/0/facebook.pdf&gt;2005
(accessed 1.03.08)

Mitnick, K.,2002: The Art Of
Deception: Controlling the Human Element of Security (Indiana: Wiley Publishing
Inc)

Rheingold, H., 2002: Smart
Mobs: the next Social Revolution (United States of America: Basic Books)

Ward, M., ‘Cyber thieves
target social sites’
http://news.bbc.co.uk/1/hi/technology/7156541.stm&gt;2008(accessed 5.03.08)

Wasserman, S., Galaskiewicz,
J., 1994: Advances in Social Network Analysis: Research in the Social and
Behavioral Sciences (USA: SAGE)