It does not take a hacker to dig personal information out of social networking sites such as Facebook, Orkut, Twitter, My Space or Linkedin. Often, it’s all over there for anyone to find it.
Social networking sites help connect with friends or people already known to users and also help further develop the network by connecting to new people. While some of the social networking sites are generally for connecting with people and sharing information, others such as Linkedin help develop business or professional connections.
Even though social networking sites may differ in their purpose, they all have one aspect in common. Although the features of social networking sites differ, they all facilitate sharing of information among their users. Most of these sites allow users to post text, images, videos, and other information to their profiles. Often developing networks require providing personal information. This information is thus available for people looking for them for various purposes. This could range from less harmful spam to even identity theft. Personal information available on such sites could be put to various uses. SingleStat.us, a website which tracked people who recently changed their relationship status online is an example. The site was shut down 10 days after its launch following protest from My Space.
Users generally provide information about their location, work, hobbies, and friends. This kind of information could easily be used by another person for impersonation. Users could also unwittingly reveal their daily routine. It is also possible that friends may post information making a user vulnerable. Often information posted cannot be edited or removed. If access to the account is unrestricted, almost everyone has access to information. Young people often have less reservation about providing personal information online. This also means that employers, both prospective and current, relatives, friends, and children, can all see all the information, which is not perhaps intended for all. A prospective employer viewing a drunken photo would not be great for a user. This may also be due to lack of knowledge about protecting privacy online. Most of these sites allow information posted to be made private so only a restricted group can view it.
A user wary about providing personal information online says, “I'm very eerie about what I put on the internet, period. I havn't given out more than my name and age. I don't give where I live, my telephone number or anything. People just can' be trusted”. “At the most I would disclose my fake name and mail id..and photographs on trusted sites..but I never give my phone no...had hell lot of bad experiences!”, says another user. There are people who find that some amount of personal information revealed might be useful. A user says, “Disclosing your interests and hobbies could be a good affair, you could get new opportunities and dimensions to them!”
A request for personal information could appear to be harmless as a tweet in Twitter which says, “saw your tweet on health its confusing ya and needing a personal asst, shoot me your contact info and i'll get ya over information”. A concerned user says, “I've got this sudden paranoia that too much information about my personal life is available online so I'm slowly deleting old accounts...”
A study by security software company Sophos revealed how naive people are about giving away personal information. Sophos created a Facebook profile and contacted people. According to Sophos, nearly 72 percent of those surveyed provided email addresses, 84 per cent gave away their date of birth, about 87 per cent provided information about education or work. Nearly 78 per cent provided their address and 23 per cent provided their phone number and 26 per cent provided their instant messaging screen name. The study also shows that such networks could also reveal corporate data, which people might give away unwittingly.
A survey by global market intelligence firm, Synovate, asked social networkers to name the sites they belonged to. Users in some places seemed to favour multiple memberships and some seemed to stick to one or two major ones. The markets where social networking enthusiasts favoured many sites are UAE, India, Indonesia, and Bulgaria.
Only about half of those respondents who are members of social networking sites agreed that online social networking may pose risks. Brazilians topped the list with nearly 79 per cent being nervous about online social networking. In the US, nearly 69% acknowledged the danger while in Poland about 62 per cent were nervous about such sites. The Indians were the least concerned, with only 19 percent acknowledging the risks posed by networking sites. Nearly 57 per cent of Indians were comfortable with providing their personal information online.
The International Information Systems Security Certification Consortium (ISSCC) warns users against using their real name and date of birth on social networking sites. The ISSCC cautions users against giving out personal information unless they have initiated the contact and are sure you know who they are dealing with.
The logic here is, “You wouldn’t disclose this information to someone in the street so why do it online?” Would the users change their behaviour only if they find that their information is being used inappropriately? As a user puts it, “I've referred to My Space, almost since the beginning, as 'Legalised stalking', because people can find out what is going on in your life without even talking to you”. X