Consumer Reports (CR) published the results of a survey on May 3 that showed 13 million Facebook users in the U.S. either do not use or do not know about Facebook’s privacy settings. There are currently about 150 million Americans who have Facebook accounts.
Consumer Report’s annual state of the net report detailed the results of the survey of 2002 households in the U.S. with online access, of which 1,340 had active Facebook accounts. A press release issued by Consumer Reports described how the status updates posted by American Facebook users revealed personally identifiable information that could put themselves or their family members at risk. For example, over the past year, 4.8 million users posted a status update that detailed when and where they were going on certain days, giving thieves a little help for their next robbery.
39.3 million users identified a family member in their profile, 2.3 million “liked” a page having to do with sexual orientation, 4.6 million people talked about their love life on their wall, 2.6 million talked about drinking alcohol on their wall, 20.4 million showed their birth date and year in their profile, and 4.7 million talked about their medical problems on their wall, which health insurers could use against them.
CR in their May press release advised users on how to use the privacy controls on Facebook and stay safe in this brave new world of “frictionless” sharing:
Users are advised to think before they type away in their status update box because everything put out there has the potential to be viewed by so many people, and deleting an account takes about a month and some information stays on Facebook’s computers for 90 days. Second, users should be aware many of the apps available can take their Friend’s information and so they should be cautious about which apps they approve and limit the number of apps they use. For apps that are approved, users should use the privacy settings to limit what information they can take and what they can do with it.
Facebook users should also routinely check their profile to see how it looks to others and what they have shared, or whether an application has shared something they would like to remove. I did just that today on my own Facebook account and noticed that two photo albums I uploaded several months ago were public and viewable to anyone who looked at my public timeline, so I edited the albums and changed the box that said “viewable by everyone” to “viewable by friends only.”
While I was viewing my Timeline as the public sees it, I was also surprised to see that the users I had subscribed to were viewable by the public as were the users that subscribed to me. I don’t mind others seeing that I have subscribed to Mark Zuckerberg, Michael Arrington (TechCrunch founder), Brad Stone (Bloomberg Business Week writer, and Leon Dubinsky (Facebook Software Engineer), so I left that setting public. On the other hand, I noticed that 36 people had subscribed to my public updates, and these people were viewable on my public timeline. This seems like nobody’s business so I ticked the setting to make these people viewable only by me.
CR advises another way to protect your privacy on Facebook is to limit who you share your posts with by restricting certain friends from seeing specific posts on your wall. And, the wall can also be made viewable by your friends only, not the general public. Users should always keep in mind that when they share information with friends of friends, this could reach an audience of tens of thousands of people. Users can limit the audience for their information like where they live and who they work for. If users want to protect their identity on Facebook, they should not include a photo in their profile or if they do, it should not show their face. Users can also turn of the Tag Suggest feature so that their face will not be automatically identified in photos. The Wall can be made “unpublic” so only friends can see prior posts. Last, should users feel they can never feel comfortable about privacy in the Facebook world of frictionless sharing, they can deactivate their account, which will make it temporarily inaccessible, or they can delete it forever,
CR criticized Facebook for allowing users to set up weak passwords, an issue it has documented for the last two years. Users who wish to test the strength of their password can use the LastPass “Security Challenge” by clicking “security check” under the “Tools” menu. LastPass, a website that lets users safely store all of their password, can also generate a strong password for users.