Consumer Reports released its annual report on Internet privacy and security Thursday, placing Facebook front and center. Issues covered by the influential consumer watchdog group included updates on data leaks, hacks, scams, and the like, while featuring a separate report focusing entirely on Facebook and how the social network deals with privacy, security and the very personal information we so willingly share.
The "State of the Net" research and statistics from Consumer Reports suggest that there is an overall increase in certain digital problems — such as ID thefts, phishing schemes, and security breaches — in the past year, while issues related malware and unauthorized credit charges are occurring neither more nor less frequently than in the prior 12 months. The most startling findings however, involve how much Facebook knows about its nearly 900 million members, and how much we freely offer — information mined by employers, insurers, the IRS, divorce lawyers, as well as identity thieves and other criminals.
While U.S. legislators speak out against employers requesting Facebook passwords from employees, the following information — much of it sensitive and potentially damaging — doesn't require special access to uncover:
- 4.7 million “liked” a Facebook page about health conditions or treatments (details an insurer might use against you).
- 4.8 million have used Facebook to say where they planned to go on a certain day (a potential tip-off for burglars)
- 20.4 million included their birth date, which can be used by identity thieves
- 39.3 million identified family members in their profile
- 900K discussed finances on their wall
- 1.6 million liked a page pertaining to racial or ethnic affiliations
- 2.3 million liked a page regarding sexual orientation
- 7.7 million liked a page pertaining to a religious affiliation
- 2.6 million discussed their recreational use of alcohol on their wall
- 4.6 million discussed their love life on their wall
For its study, Consumer Reports "queried Facebook and interviewed some two dozen others, including security experts, privacy lawyers, app developers, and victims of security and privacy abuse." It "dug into private, academic, and government research, as well as Facebook’s labyrinthian policies and controls." It also "surveyed 2,002 online households, including 1,340 that are active on Facebook" and projected the resulting data to estimate national totals. Among its other findings, Consumer Reports noted these problems connected with the information we share:
Some don't use privacy controls. Almost 13 million users said they had never set, or didn’t know about, Facebook’s privacy tools. And 28 percent shared all, or almost all, of their wall posts with an audience wider than just their friends.
Facebook collects more data than you may imagine. For example, did you know that Facebook gets a report every time you visit a site with a Facebook “Like” button, even if you never click the button, are not a Facebook user, or are not logged in?
Your data is shared more widely than you may wish. Even if you have restricted your information to be seen by friends only, a friend who is using a Facebook app could allow your data to be transferred to a third party without your knowledge.
Legal protections are spotty. U.S. online privacy laws are weaker than those of Europe and much of the world, so you have few federal rights to see and control most of the information that social networks collect about you.
And problems are on the rise. Eleven percent of households using Facebook said they had trouble last year, ranging from someone using their log-in without permission to being harassed or threatened. That projects to 7 million households — 30 percent more than last year.
In response to the Consumer Reports study, Andrew Noyes, Facebook's manager of Public Policy Communications, gave msnbc.com the following statement:
We believe more than 900 million consumers have voluntarily decided to share and connect on Facebook because we provide them options and tools that place them in control of their information and experience. As part of our effort to empower and educate consumers, we always welcome constructive conversations about online privacy and safety.
Consumer Reports does note Facebook's efforts to simplify privacy settings and improve security — as well settle allegations from the Federal Trade Commission and submit to independent audits for the next 20 years. But the watchdog outfit also calls out Facebook's support of the controversial Cyber Intelligence Sharing and Protection Act (HR 3523), which would allow the social network to share your information with the government without judicial oversight, and states that the social network needs to do more.
Jeff Fox — a technology editor at Consumer Reports who was part of the team of survey professionals, fact checkers, reporters and editors who worked on the study — told msnbc.com that "Facebook's treatment of privacy has often been reactive rather than proactive."
"If they were proactive, we wouldn't have to tell them about some of these glitches," Fox explained, calling attention to a timeline in the Consumer Reports roundup. The social network's history of privacy and security oversteps echo complaints from other digital rights advocates including the American Civil Liberties Union and the Electronic Frontier Foundation — that Facebook fixes issues only after it's forced into the spotlight or after authorities approach the social network. "Things would be better if they were proactive and forward-thinking, rather than fixing things and apologizing after they upset people," Fox said.
Users can also do more to protect their privacy and security on Facebook, Consumer Reports noted, and offered the following tips:
Think before you type. Even if you delete an account (which takesFacebook about a month), some info can remain in Facebook’s computers for up to 90 days.
Regularly check your exposure. Each month, check out how your page looks to others.
Review individual privacy settings if necessary. Protect basic information. Set the audience for profile items, such as your town or employer. And remember: Sharing info with “friends of friends” could expose it to tens of thousands.
Know what you can’t protect. Your name and profile picture are public. To protect your identity, don’t use a photo or use one that doesn’t show your face.
“UnPublic” your wall. Set the audience for all previous wall posts to just friends.
Turn off Tag Suggest. If you’d rather not have Facebook automatically recognize your face in photos, disable that feature in your privacy settings. The information will be deleted.
Block apps and sites that snoop. Unless you intercede, friends can share personal information about you with apps. To block that, use controls to limit the info apps can see.
Keep wall posts from friends. You don’t have to share every wall post with every friend. You can also keep certain people from viewing specific items inyour profile.
When all else fails, deactivate. When you deactivate your account, Facebook retains your profile data, but the account is made temporarily inaccessible. Deleting an account, on the other hand, makes it inaccessible to you forever.
For detailed instructions on Facebook privacy tips, and to learn more about the annual "State of the Net," go to ConsumerReports.org/cro/facebookprivacy.
Want more tech news, silly puns, or amusing links? You'll get plenty of all three if you keep up with Rosa Golijan, the writer of this post, by following her on Twitter, subscribing to her Facebook posts, or circling her on Google+.
First published May 3 2012, 3:10 AM