Connected Profiles and Facebook

Certain worrying changes have been announced by Facebook at its f8 developer conference last week. Basically, Facebook is going to introduce a 'Connection Profiles' functionality which means that the information found on your Facebook profile page (e.g. location, interests etc) will be linked to the corresponding pages on Facebook (e.g. if London is your location, you will be connected to the London page on Facebook). Users who choose not to use this functionality will be left with the situation where their profile page will remain empty. Basically, only information which is linked via the 'Connected Profile' functionality will appear on the profile page of the user.

Facebook justifies the introduction of this new functionality on the ground of offering users more connections options and in particular the option to make deeper connections to things which matter to Facebook users such as interests etc. The real reason of course is that it means that Facebook will have access to users` data in a more focussed way (i.e. linked to their interests) and hence can make more revenue through targeted advertising.

There are two main issues raised by the introduction of this new functionality. Firstly, it will be imposed as a default functionality (i.e. if you do not opt out then this will be the default setting of your account). This of course means that users have the burden of having to understand yet again another functionality and evaluate whether or not they want to use this. However as past research has shown, Facebook users tend not to change the default settings for different reasons (e.g. lack of awareness, extra burden of having a specific setting for each type of data etc). So users will be increasingly at risk as they might choose to keep this functionality as a default option without being aware that this means that their data is being furthered distributed across the network.

A second important problem is that of choice. Although users are being given the illusion of having the choice here to opt out of this new functionality, realistically speaking, there is not much choice. If you opt out of the new functionality, then your profile page will be blank.

According to a FAQ from Facebook's Help Center:

"If you don't want to connect to any Pages, the corresponding sections on your Profile will be empty. Connecting to Pages will now be the main way to express yourself on your profile, and you can always edit your profile to remove specific suggested Pages that you don't want to connect to."

This new functionality will be launched fairly soon. It has already been launched in some part of the US. It would be interesting to see how users will react to this new change and whether Facebook will be forced to backtrack due to users` reactions as it has done in the past in relation to the changes to its privacy settings.

Facebook users beware...

Another day, another Facebook story in the news. Today Facebook has finally rolled out its new privacy settings for all its users. Before the global roll out of the privacy settings, Mark Zuckenberg of Facebook, introduced and explained the new privacy settings to its user via an open letter. According to Zuckenberg, the aim of the new privacy settings is to simplify the latter to users, no doubt, with a view to making them more accessible and less confusing to its users following many complaints including the one from the Canadian Privacy Commissioner.

Hence the new privacy settings are supposed to be clearer, easier to use and more effective at protecting the personal data of Facebook users. However, as rightly pointed out by the EFF, the new settings push users to share their information further. For more on this, see the illuminating article from the EFF which has links to further information.

If you thought that only your friends/network could read your status updates, then you will soon be wrong!

It has been reported today that both MySpace and Facebook have signed a deal with Google which will allow its users` publicly available status updates to be fully searchable on the search engine. Google has a similar agreement with Twitter and it is reported that the new agreement with Facebook and MySpace will go live in a few days.

This is a very worrying development for MySpace and Facebook users who have had no say in this matter and will now have their status updates fully searchable and visible on Google to all and sundry if they have not changed their default privacy settings. Past research has shown that most Facebook users use default privacy settings (rather than higher ones) which means that their accounts are fully visible to the rest of Facebook users in their networks. This new deal will also mean now that their updates will be fully indexed and searchable via Google. Cyber Panda thinks that in the new few days, Facebook/MySpace users as well as privacy bodies will raise the alarm bell which will force the companies to either rethink this deal or provide more protection for users` data.

i2015 or the New EU Digital Strategy

The New EU Digital Strategy which is currently being shaped by the EU will put consumers at the core of i2015, the EU`s action plan for digital economy. In effect, this means creating a consumer-friendly single market for online services.

Relatedly, the new incoming Spanish EU President is also shaping his digital agenda which is rumoured to make the use of VoIP mandatory on mobile handsets. If this does happen, it will no doubt have a significant impact on traditional telecom service providers as well as on principles of net neutrality. i2015 should be delivered in spring 2010 so not long to go now before we can ascertain its detailed contents.

Wikipedia`s spiral of death?

Dear All
Yet again, the doctorate has taken over my whole life leaving with not much time to blog anymore!! However, now that things have slightly calmed down, I will try to blog more frequently. The operative word being try!!

An interesting research has been carried out by Ortega on the fall of the number of editors of Wikipedia and the reasons for such fall. He also predicts that this worrying trend is likely to continue. The Times also reports some infighting between Wikipedia writers which may also explain the downward spiral in the number of editors (alongside lack of time and reaching saturation point in terms of articles). It will be interesting to see how Wikipedia fares for the next year and the implications if the downward trend continues. It could also be that this research provides an added bonus for either more volunteer editors or for existing ones to contribute more if the main reason for the downward spiral is lack of time.

A new blog is born: FBHive!!

CyberPanda is loving the new blog FBHive which deals with all things related to Facebook: the news, the rumours, and the controversies!! And this new blog has started with a bang as it has disclosed a major security flaw which enables any user to access the basic information of other users even when such information has been protected by its owner (via privacy settings). Amazingly, the blog reports that it took Facebook 15 days to deal with this issue!!!

The flaw has now been fixed but you can still see how it could have been done in the past by checking out the FBHive blog. Amazing footage!!! As a security expert from Sophos has noted, what is worrying is that such a flaw existed and that users` data have been at risk for an unknown period until the flaw was fixed. In addition, users do not whether their data have been 'hacked' into by any other user in this manner. So many privacy issues are raised by this latest Facebook related issue.

From Digital Britain to Twitter.

It has been a long time since CyberPanda has written a post but she has been trying to put together a massive chapter and hence the prolongued absence.

However these past few weeks have been full of technology-legal news: where does one start? The UK Digital Report has been published last week attracted some criticisms regarding its proposals which many view as just not being enough.

The world has not been the same since the Iranian elections and the elections have rocked the world of Twitter as the latter has become a very important forum of exchange of information and views on what is currently taking place in Iran. Many Iranians are able to tell the world what is happening via Twitter and this is becoming even more important with news today that the BBC`s correspondent in Tehran has been asked to leave Iran and other alleged reporting restrictions.

Finally and on different note, the alleged cybersquatting of Facebook`s newly launched username option where third parties are alleged registering the names of well-known persons with a possible view to reselling those at a later stage.

CyberPanda will definitely try to post more often in the future!!

Proposals for monitoring social networking sites

There is an outcry today by privacy activists about the government`s proposal to monitor social networking sites such as Facebook and Bebo. Under the proposal, the details of users of such sites will be kept in a central database which is operated by a private company.

The Government is quick to point out that it is not interested by the content of the exchanges passing between users. However, it is not clear what safeguards it will put in place to ensure that the content per se is protected from such monitoring. However, and perhaps more crucially, it still does not deal with the objections related to the use/storage of personal and sensitive data by the Government. The Government justifies this proposal on the grounds of enabling the police and security services to keep up-to-date with the technological advances. However, it seems that the proposal does not contemplate imposing conditions for monitoring such sites (e.g. a minimum threshold before the details of a user are deemed to qualify for monitoring). Under the current proposals, the Government seems to be asking for a 'blank cheque' liberty to monitor all the data of all users of social networking sites which is not commensurate with the alleged security interests.

Of blurring technologies and mapping technologies

The launch of Street View in the United Kingdom was never going to be a quiet affair. Beyond the usual fanfare of publicity and the slogans presenting it as the thing we need most, Street View was also going to attract a lot of issues related to protection of privacy of the individuals who are captured on the displayed images.

Hence it does not surprise CyberPanda in the least that Street View had to pull some of the displayed images after receiving a number of complaints from the individuals who were shown in those images. The images captured a lot of moments deemed to be private as an individual entering his home or individuals being arrested. Street View acted promptly and removed the offending pictures as soon as the complaints were received.

However the real issue is why such pictures were deemed fit to appear on the website in the first place. It is surely obvious to any data controller that such pictures will infringe the expectations of privacy of those captured in the images. To be fair to Street View, this situation is not entirely its fault. Other equally important actors are involved, namely, the Information Commissioner and legislators. The Information Commissioner gave the go ahead earlier in 2008 for such web sites to used images deemed to be private as long as identifying features as faces or registration plates were blurred. However, what the IC has failed to recognise is that the use of blurring technology is not sufficient on its own to displace the expectations of privacy of captured individual who can still be easily identified by his/her attire, location and other seemingly innocent but yet incriminating information. Finally, the notion of reasonable expectation of privacy is not easily protected in the UK when it comes to such websites as the legislators and policy-makers are yet to decide on when virtual spaces are private or public. The challenge of course is to determine the boundaries of such a divide which is not an easy task in cyberspace in any event.

Disclaimer: The image used above is subject to the intellectual property rights of third parties. Click here to view the image in its original context.

Another week where Facebook is in the press for the wrong reasons...

Another week and Facebook is yet again in the news for all the wrong reasons. It has been reported by BBC News that Facebook has been hit by five different security attacks in the past 7 days. The aim of these attacks have been to access the personal information of millions of Facebook users and resale them to third parties as commodities for various purposes including fraud and identity theft.

The attacks were concealed in what are commonly known as 'rogue applications.' This brings to light yet again Facebook`s worrying practice of not vetoing third party applications before they are published on the site. As a matter of fact, any individual can create an application and publish it on the site. S/he, then, has access to all the personal data of all the users of Facebook, irrespective of whether or not the users have subscribed to the application. Facebook justifies this practice on the grounds on 'open source,' namely, any user should be able to participate in the Facebook both as a user and as a developer of applications. However, this only serves to highlight the problem of the concept of open source or creative commons. The unfettered and unchecked proliferation of code by net users in such websites not only threatens the fundamental rights of other net users but also, and more importantly, yet again highlight the increasing risk posed by a regulatory framework which is based on technological determinism.

Disclaimer: The rights to the image used above belongs to a third party. The original image can be accessed here.