Thursday, November 19, 2009

Privacy issues on social network groups


In November 2009, an activist group called Control Your Info (CYI) claimed credit for taking control of 289 Facebook Groups to expose how vulnerable shows the vulnerabilities of social media, especially identity tampering. (‘Control Your Info' activists hijack Facebook groups, 2009)

This could lead to spammers using a Facebook account and identity to express ideas and opinions that are not the users. This is a form of identity theft and invasion of privacy.

CYI claims that Facebook Groups suffer from a major security flaw, that is anyone can take over the group if they register as a new administrator. The usurper then had authority to change anything, including pictures, descriptions and settings.

Ragan (2009) states that unless you actively define your privacy settings on Facebook, you have very little protection; this is true for almost any social platform online. A rogue group administrator can release an application that steals up personal information or spreads malicious code.

In a large group, even a small percentage affected could mean thousands of people. Millions of people are exploited monthly, thanks to criminals turning a trusted source against them (Ragan)

I believe that social networking groups are mainly platforms that people utilize without understanding the underlying architecture. They are not aware of potential of the network to be manipulated, or the negative effects such as invasion of privacy and identity theft. In Malaysia, cybercrimes are on the rise (Patrick, 2009).

There are numerous other issues with social networks as outlined by Solove(2008). These include threats to privacy and reputations, rumour mongering, and ridicule, especially if a video of you doing something silly is blown out of proportion on Youtube. Also, companies collect and use our personal information at every opportunity.

Even Google researchers in a recent paper (Davis,2009) have warned of privacy issues on social networks. These include unwelcome linkage, lack of control of activity streams and making a profile of a person, by comparing his activity on all his friends network pages.

I concur with the Google researchers in their recommendation that users should be empowered to remove events and activity streams, and that application creators must also be held responsible to inform the user of the details of any program which is being run on their pages.


Adelaide Now, 2009, Control Your Info' activists hijack Facebook groups,, viewed 17 November 2009,22606,26335072-5005962,00.html

Davis, L 2009, Google Warns of Privacy Issues on the Social Web,, viewed 17 November 2009

Patrick, S, Cybercrimes on the rise: Calls for dedicated court to handle such cases, The Star 16 January 2009

Ragan, S, 2009, FUD: Facebook groups were not hacked and no one is at risk, The Tech Herald, viewed 18 November 2009

Smith, A.D. & Rupp, W.T. 2002, 'Issues in cybersecurity: understanding the potential risks associated with hackers/crackers' Information Management & Computer Security, vol. 10/4 pages 178-183. Full text. Available Emerald management xtra, viewed 22 January 2007

Solove, D.J. 'Do Social Networks Bring the End of Privacy?' scientifc, viewed 17 November 2009

No comments:

Post a Comment