Jul 182007

Eric Clemons’ post “Valuing Social Networking Websites” is interesting and very timely. Social engineering security and privacy issues are something I have been looking at a lot, and wrote an article addressing some of the issues a couple of months ago, “On The Internet, If It Looks, Quacks and Walks Like a Duck, Is It REALLY a Duck?”

I agree with Eric, the ways in which we stay informed is rapidly changing. Certainly the big traditional news media conglomerates recognize this and want to glom on to this unexpected evolution and reap any financial benefits possible. Social networking sites and virtual reality sites present both a challenge to the traditional news organizations, along with opportunity.

However I am concerned that information presented on social networking sites is too often taken at face value, and that details posted will be exploited. I find this as troubling, actually more so, than the commercialization of the sites.

The privacy impacts can be significant. It is very easy to post information, photos, videos, audio, and other documents about *other* people to the sites without their knowledge, much less without their permission. As I discuss in my article, the actions of others doing this have had negative consequences upon people resulting in them losing jobs and being denied college degrees, just to name a couple. It is important to remember when viewing the information on these sites that it is very easy to modify videos and photos to portray something as being “evidence” of someone doing something when in fact the image portrayed may have been created by someone else or taken completely out of context. Just look at all the politically-related videos currently on YouTube and see how much doctoring of images has been done.

The security impacts, both informational and physical can be significant. Confidential information has been posted to social networking sites negatively impacting both individuals and businesses. Physical harm has resulted from people with malicious intent showing up in meeting locations that were discussed by others on the social networking site.

These security and privacy challenges are also what make these sites so popular. The more juicy the information and images are that are posted to the sites, the more popular they will become. It will be interesting to see if or how the sites address these issues. Just a couple of days ago the Facebook Chief Privacy Officer, Chris Kelly, made great attempts within many different news reports to convince the public that security and privacy is a top priority and concern of their site.

Don’t get me wrong; I don’t think social networking sites themselves are inherently bad. However, the opportunities to do bad things with them and on them must be considered by those using them. Used appropriately, with awareness of all the issues and possibilities, these sites can be quite informative and entertaining.

Virtual reality sites present their own unique concerns. I’m currently looking at the many security and privacy issues involved and will provide some related thoughts at a later date.


Rebecca Herold

Rebecca Herold is a Senior Consultant with the Cutter Consortium's Business Technology Strategies practice. She is an information privacy, security and compliance consultant, author and instructor.


  One Response to “Privacy and Security Considerations of Social Networking Sites”

  1. Sock Puppeting and Anonymous Posts…

    The short post that I put up deals principally with making social networking websites work: Attracting traffic, converting traffic to loyal, trusting repeat users, and then monetizing this trust in various ways. Rebecca Herold raises very interesting …

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>