I just came across this article in SitePro News. It seemed important enough to include here on my blog. In particular, I had not realized how easy it is to give away location information that can be valuable to criminals.
Article printed from SiteProNews: http://www.sitepronews.com
HTML version available at: http://www.sitepronews.com/archives.htmlSocial Networking and the Overshare Generation
By Kalena Jordan (c) 2010There have been a lot of stories in the media lately about
cyber-stalking and privacy issues on the Internet. It seems to
be a knee jerk reaction to the tsunami of social networking that
has occurred in the past few years. Or is it? Are the media
over-reacting? Or have we forgotten what privacy is in the age
of the World Wide Web?The Rise of Oversharing
Back in the late 1990′s, many people didn’t even use their
real names on the Internet. Email addresses were usually aliases
or nicknames in an attempt to retain as much privacy as
possible. But with the rise in popularity of social media
services such as Twitter (http://www.twitter.com/), Facebook
(http://www.facebook.com/) and MySpace (http://www.myspace.com/)
has come a rise in online confidence.The new Internet generation doesn’t seem to have the privacy
hang ups or suspicions their parents had about sharing
information with strangers over the net. In fact, this younger
generation of cyber savvy has an alarmingly high comfort level
when it comes to communicating personal information about their
lives on the Web.The premise is that everyone in your social circle not only
wants to know but NEEDS to know when you are buying that tall
frappuccino from @starbucks. That they need to know precisely
where you are and what you are doing every minute of the day.
This new phenomenon is called oversharing
(http://www.urbandictionary.com/define.php?term=overshare) and
it has privacy experts worried.“People put data up on the web and they just don’t realize the
implications of this data” says Martin Cocker, Executive
Director of NetSafe (http://www.netsafe.org.nz/), a non-profit
organization that promotes safe and responsible use of
Cyberspace.Location Based Oversharing
It’s not just our increasingly high comfort level with a lack
of online privacy, but the way people are sharing and
socializing online that has changed dramatically, particularly
in the past 12 months.Services like Gowalla (http://gowalla.com/) and FourSquare
(http://foursquare.com/) focus on location-based social
networking. Using your phone or mobile Internet device, you log
into these sites and announce where in the world you are and
what you are doing there e.g. “Kalena is at City Fitness Gym
taking a Zumba class.”The process is called *checking in.* You can check in from
parks, bars, museums, restaurants, libraries or anywhere you
care to create a location. The idea is to let your online
friends know where you are and you earn points, badges and
rewards (both tangible and intangible) based on your activity.Sounds like harmless fun, right? But there’s a seedier side to
location-based social networks. Not only does it encourage
stalking by your exes, your boss and your mother, but it opens
you up to the very real possibility of a criminal attack. How?Gowalla, FourSquare and other location-based social sites post
your exact geographical location including the precise GPS
co-ordinates of your current location. Some naive users of these
social sites actually register their home address as a *place*
and then *check in* when they arrive at the location of their
homes.If you are particularly obsessive about posting your location
status on either of these sites, ANYONE with an Internet
connection can track your movements at all times of the day -
when you leave home, what time you arrive at work, where you
decide to grab lunch, etc.Many people also cross-link their location status updates with
their Facebook and Twitter accounts, sharing their whereabouts
with an ever-widening public circle. Not only could stalkers
have a field day with this information, but it can make it very
easy for cyber criminals and hackers to steal your identity.Unfortunately, it’s not just your identity that can be stolen.
The Perfect Storm for Crime
If you are a regular user of location-based social networking
sites, it’s child’s play for criminals to know when you leave
your house unattended. Match this with an overshare on Twitter
about your recent iPad or flat screen TV purchase and you’ve
got the perfect storm for a break and enter.To point out how simple it is for criminals to take advantage of
our silly oversharing nature, programming students Frank
Groeneveld, Barry Borsboom, Boy van Amstel set up Please Rob Me
(http://pleaserobme.com/) in February this year. The site
consisted of a live stream of tweets from people who were
*checking in* at locations other than their Home address on
FourSquare and cross-posting the information to Twitter.The site included a location-based filter and would-be burglars
were encouraged (tongue-in-cheek) to view *recent empty homes*
and *new opportunities.* When asked why they built such a site,
Groeneveld, Orsboom and van Amstel responded:“These new technologies make it increasingly easy to share
potentially sensitive personal information, like your exact
location. The danger is publicly telling people where you are.
This is because it leaves one place you’re definitely not…
home. So here we are; on one end we’re leaving lights on when
we’re going on a holiday, and on the other we’re telling
everybody on the internet we’re not home…”Reaction to the site was enormous and angry. Groeneveld, Orsboom
and van Amstel discussed the logic behind the site in their
recent guest post (http://www.cdt.org/blogs/cdt/
over-sharing-and-location-awareness) for the Center for
Democracy and Technology:“Our intention is not, and never has been, to have people
burgled… The goal of the website is to raise some awareness on
this issue and have people think about how they use services
like Foursquare, Gowalla, BrightKite, Twitter, Google Buzz etc.
Everybody can get this information.”How Easy Is It?
David Farrier (http://www.twitter.com/davidfarrier), a journalist
for TV3 in New Zealand decided to find out how vulnerable users
of location-based social networks are. He researched profiles on
FourSquare and Facebook and found a couple of people in his
geographical area of Auckland. They had willingly published
their photos and home co-ordinates as public *places* on
Foursquare so with the help of his in-car GPS, he went to visit
them (http://www.3news.co.nz/How-safe-are-you-from-stalkers/
tabid/423/articleID/168453/Default.aspx) at their homes, keen to
share with them all the information he had learned about them
online, like the fact they had been out for dinner 14 times in
the past month and enjoyed listening to the band Pet Shop Boys.
Naturally they were freaked out and didn’t let him in, but as he
pointed out, “It’s a bit weird, I don’t know why they wouldn’t
let me in, they had made ALL this information available to
complete strangers on the Internet.”Photo Tracking
So this is all a bit confronting. But did you know that you may
be sharing your location even if you don’t use location-based
social sites? Photos you take with smart phones and upload to
the web are automatically embedded with GPS tracking data that
can easily be deciphered to provide precise location
co-ordinates.So that Twitpic of your brand new Mercedes convertible might be
admired by a car thief who now has the exact GPS co-ordinates of
your driveway. Or the snapshot I tweeted last week of All Blacks
rugby legend Dan Carter (http://twitpic.com/2at0ja) working out
at my gym can pinpoint his exact whereabouts to anyone with
photo decoding software. Anyone coming across the photo on the
Web could track Dan’s physical location down and start stalking
(sorry Dan).The Disappearance of Online Privacy
An organization in the US called the Electronic Frontier
Foundation has developed a white paper (http://www.eff.org/wp/
locational-privacy) on the potential dangers of exposing our
locational privacy. Authors Andrew Blumberg and Peter Eckersley
write:“Over the next decade, systems which create and store digital
records of people’s movements through public space will be
woven inextricably into the fabric of everyday life… These
systems are marvelously innovative and they promise benefits
ranging from increased convenience to transformative new kinds
of social interaction. Unfortunately, these systems pose a
dramatic threat to locational privacy.”To those who pose the argument that law-abiding citizens don’t
need privacy, Blumberg and Eckersley offer this:“It’s not just the government, or law enforcement, or
criminals or political enemies you might want to be protected
from. Your co-workers don’t need to know how late you work or
where you shop. Your sister’s ex-boyfriend doesn’t need to
know how often she spends the night at her new boyfriend’s
apartment.”Is it All Just Scaremongering?
Ask one of the cyber savvy crowd if they’re afraid of their
loss of privacy on the Internet and they’ll likely send you an
eye roll emoticon. Many claim that privacy experts are
overreacting and that the media are just scaremongering. They
make the point that privacy is breached offline all the time.“New privacy scare! If you know someone’s name you can look up
their phone number and home address in the *phone book*”, posts
David Olsen (http://www.dynamicbusiness.com.au/articles/
articles-news/facebook-privacy-social-plugins-1519.html),
blogger for Dynamic Business Magazine in response to Facebook’s
recent privacy issues.The Bottom Line
Whether you think it’s harmless or not, the data people are
willing to share online is increasing every day. It’s part of
the “everyone else is doing it” mentality that’s alive and well
on the Internet.Experts are right when they say that users are becoming too
blas? about their privacy and safety. The bottom line is that
most people don’t keep track of how much data they are sharing.
They’re lazy, they’re social, they’re mobile and they tend to
ignore the privacy settings of their favorite web applications.“Social networks have increased enormously in size and number.
Most of them allow you to relay messages between different sites
and it’s easy to lose track of just how much information you
might be giving away and how many people have free access to
it”, say Groeneveld, Orsboom and van Amstel.“It’s important to be aware of privacy settings, to control
the reach your messages have. If you allow your messages to
travel between different social networks, this becomes more
complicated. Information you trust to your friends might end up
somewhere else.”I don’t know about you, but I’ve just deleted my Foursquare
account.