Introduction
For the past decade, social networking tools have gained popularity and have attracted millions of users throughout the world. Social Networking Sites (SNSs) have gained significance in modern society and Wallbridge (2009, p.85) extols these sites as “the greatest social technological phenomenon of the 21st century”. This is not an exaggerated claim considering the fact that millions of young people use SNSs on a daily basis to keep in touch with their friends. SNSs continue to be the fastest-growing segment of the web as more people make use of these sites to keep in touch. A common feature of SNSs is that the users create self-descriptive profiles which include personal data and photos. These profiles are then linked with other people they know on the site, therefore, creating a network of personal connections. As a result of this, SNSs contains a broad range of personal information about the users that may be accessed by unauthorized persons. A study by Tow et al. (2008) revealed that users are in most cases unaware of the privacy risks they face or when they are, they perceive that the risk posed to them is very low and hence do not do enough to protect themselves. This paper will set out to discuss the implications associated with uploading personal information online without appropriate protection.
Social Networking Sites: A Brief Overview
Wellman (1997) defines social networks as assets of people or other social entities that are connected by a set of socially meaningful relationships. SNSs are a form of an online community whose popularity has grown exponentially over the past few years. The major incentive for engaging in SNSs is to stay connected. Boyd and Ellison (2007) note that in many SNSs, the users are not necessarily looking for new relationships or friends but they are primarily concerned with keeping in touch with people with whom they already have relationships.
SNSs encourage people to share a lot of personal information through the inbuilt functions of the SNS. Some of the popular activities carried out through SNS include updating personal information as well as whereabouts and sharing photos and a range of other personal information. Sharing this information increases the chances of a person’s privacy being infringed on. Timm and Duven (2008, p.90) define privacy as “personal information that an individual deems important and unattainable by the general population”. Facebook stands out among the other SNSs since the vast majority of Facebook users provide an astonishing amount of information. This information includes real names, personal photos, current contact and address, and relationship status. The reason why Facebook users are so candid in their presentation of personal information is that they hope to gain some benefits from this public disclosure of personal information.
Why People Post Personal Information
Research indicates that while most people are wary of privacy risks while using the internet in general, this attitude does not extend to SNSs such as Facebook. Tow et al. (2008) suggest that a plausible reason for this could be that while the internet is perceived by many as a vast and vague sphere, Facebook is viewed as a manageable network of friends. This perception results in privacy concerns being downplayed by the individual. Meredith (2006) notes that while most users of SNSs post personal information with the intent that this information is shared only with a select group of people, the reality is that the user may be sharing the information with the rest of the world.
Social networking sites in general and Facebook, in particular, have a lot of users who have profiles that are universally visible. These “open profiles” contain considerable amounts of personal information that the individual user would not feel comfortable sharing with a large number of strangers. Most SNSs including Facebook contain privacy settings and tools that can be used to increase the privacy levels of users. However, the privacy settings are typically not user-friendly and they do not encourage safe participation. Tow et al. (2008) criticize Facebook for making it tedious to adjust privacy settings which made it impossible for novice users to enhance their security. While this trend has changed and Facebook not has developed usable interfaces and features, users still do not adjust their privacy settings. This is significant since the default setting allows for a user’s profile to be visible to a wide audience.
Studies indicate that while SNSs like Facebook inform users (through their privacy policy) that third parties can access and share certain personal information that is contained in a users profile, most users do not read the online privacy policies, and when they do, they may not always understand the implications (Acquisti & Gross 2006; Gross & Acquisti 2005). Wallbridge (2009) states that most Privacy Policies are not written in plain English and they are difficult to locate since the information may be distributed in several different documents.
Many users are unaware of the manner in which the information on their profile may be used. Wallbridge (2009) notes that most users volunteer information without a deep understanding of what will happen to the information once they place it on their profile. While the user owns the content placed on their content, the hosting site has full and irrevocable control over the information posted including what may be private messages exchanged between the user and his/her contacts.
Privacy Issues
The people/parties who have access to the personal information that a user shares in the SNS is an important aspect of privacy risk. There are three groups of stakeholders who have access to the user’s personal information. These include; the members in the user’s network, the hosting site, and third parties (Gross and Acquisti 2005). The hosting site has access to all the information uploaded by the user and in addition, it may have information that the participant unknowingly reveals. Gross and Acquisti (2005) warn that the hosting site may use and extend the information to other parties. Some SNSs out rightly inform their user that information posted may be viewed by unauthorized persons. For example, Facebook explicitly states that while it will try its best to protect the information that users post on site, Facebook “cannot and do not guarantee that User Content you post on the Site will not be viewed by unauthorized persons” (Facebook 2008). The members of the user’s network will also be able to access the information. Third parties can also access a person’s information without the direct collaboration of the site. For example, the third-party application provides in Facebook has the permission to access users’ data when a user adds their application to his/her profile. Facebook can make a user’s content available to other organizations that Facebook has a “relationship” with which further increases the privacy risks posed to the individual.
A recurring issue with regard to privacy is the issue of consent which encompasses the Openness Principle which states that “how data will be used should be open and accessible and the Purpose Specification Principle which states that data should only be used in ways in which are expressed at the time of agreement” (Wallbridge 2009, p.87). There are data protection rules that are put in place to protect individuals against malicious criminals and businesses. The Australian law restricts the processing of private data and there has to be an acceptable purpose to process personal data. The user is required to give consent for most processing to occur. This is a significant point since, in SNSs, people are responsible for uploading their private data into the system which implies that they have given consent for the data to be used. An interesting phenomenon with most SNSs is that users are supposed to check a box stating that they have read and agree with the Privacy Policy of the site before they can register. By checking this box, the user acknowledges that they know how their personal information may be used by the hosting site. Research indicates that the majority of users do not read Privacy Policies and Terms of Use and they are therefore not aware of the manner in which their personal information may be used. Timm and Duven (2008) argue that it is critical for the user to understand the kind of processing and usage of the data that can take place. This is because most users do not intend to give any consent for the processing of their data by just publishing the information.
One of the most important rights to users online is the right to completely delete personal data at the user’s discretion. This is an important right since some personal data may end up impinging on the privacy of a person later in life (Wallbridge 2009). While Facebook allows a user to perform tasks such as the deactivation of an account, there is no guarantee that the user’s data is completely deleted. Wallbridge (2009) reveals that the reason for this is that complete deletion is a costly and technically involving task which means that the SNS may keep personal information indefinitely to avoid incurring these costs. As such, the user may believe that his/her account is fully deleted while in reality their data is still retained by the SNS.
Facebook allows developers to come up with applications that are integrated into Facebook and a user can opt-in to use these applications which have additional features. For the applications to be added, a user needs to grant the application access to their personal information. This is an issue of concern since most of these applications are third-party widgets that are developed by companies or people outside of Facebook. Wallbridge (2009) asserts that many users are not aware that these third parties have access to their information and they do now know the manner in which they intend to use the data obtained.
It is important for a person to be able to maintain control of their personal information online. SNSs reduce the ability of the person to ensure control and this may have dire repercussions. For example, SNSs may generate a digital dossier of a user from the personal information given. This is the case when the site is performing backups for the sake of redundancy or to increase access speeds. Control can also be lost on Facebook when the user’s friends write comments regarding the user or tag them in individual photos. In these cases, the profile information may be used in a manner that the user did not intend.
Implications of Privacy Violations
Brooks (2007) states that the real privacy risks arise when a user discloses identifiable information about themselves online to individuals who they do not know and would not trust in the real world. When such information is obtained by malicious parties, there are a number of risks that the individual is exposed to. With personal information, it may be easy for identity theft to occur. In addition to this, the information obtained may make physical stalking possible since there may be personally identifying information available which may make it possible to uniquely locate and contact a person. Gross & Acquisti (2005) state that the information obtained by malicious third parties may be of a very intimate nature and it may be used to embarrass a person or even blackmail them.
While individuals believe that the information they have provided on SNSs is private and protected, the reality is that it is neither. Hodge (2006) illustrates that the information is not private since it is shared on an open public forum and in cases where the information is of a threatening nature, action may be taken against its author. The information posted on SNS can also be accessed and used against an individual. Timm and Duven (2008) illustrate that pictures posted online in which participants are engaging in illegal activities such as underage drinking may be used in a judicial hearing against the person. This is because while a person is protected from illegal search and seizure, the same protection does not extend when the information is available in plain view. The information posted in an SNS is no longer considered private and using it to incriminate the person does not constitute an illegal search of the person’s private information.
The content that individual posts on their SNS may hurt their future employment opportunities. Flint (2009) reveals that employers are frequently engaging in online searches in a bid to get a real idea of a candidate and SNSs often serve as rich sources of material on a prospective employee. This statement is corroborated by a recent study by the Society for Industrial and Organizational Psychology which revealed that as many as 15% of employers used social networking sites during the hiring process (Spon 2010). The information obtained from SNSs is used by the employer to vet candidates for the job. Lehavot (2009) elaborates that a profile where an aspiring employee to a respectable law firm presents herself as highly sexualized may be used as the basis to reject the candidate’s application. Employers may also learn of social misconduct such as drug and alcohol abuse from a user’s profile. This will definitely impact the employer’s decision whether or not to hire the person.
While unauthorized access to private information on one’s Facebook profile may cause some economic losses, the more significant concerns are in relation to a person’s self-image and public identity. Research indicates that the main motivation for most people to use online social networking sites is to maintain relationships as well as communication (Boyd & Ellison 2007). Loss of control over one’s personal information may therefore lead to socially irreparable damages since the audience mostly consists of people with whom one interacts every day in the real world.
Discussion
Social Networking Sites offer an easy and effective way for interaction and communication between and among friends. Facebook in particular has created an environment that makes it possible to maintain already existing relationships with relative ease. Even so, there are grave privacy concerns and risks that come about from the usage of SNSs. Goettke and Christiana (2007) argue that people have limited knowledge about the privacy risks they encounter in the online environment. The average SNS user is unaware of the vast amount of personally identifiable information that they leave visible to a large number of individuals.
A common reality in all SNSs is that user offers information about themselves without being forced to do so. Meredith (2006) asserts that a person who willingly posts information on an SNS for other people to view cannot assume that the information is private since the intention is to share that information. Flint (2009) questions the obligation of SNSs to protect an individual’s data and privacy since it is the individual who chooses to publish their personal information on SNSs. This line of thought is supported by Lindsay (2007) who takes the stance that anything that is posted online cannot be assumed to be private and as such, students should assume that anything they publish is public. With this in mind, the user is less likely to put information that may be used against them.
As a result of the many privacy and threats that exist, many social networking sites have adopted policies which address the issue of personal information. Facebook has privacy policies that stipulate to the user the specific use to which their personal information may be put. This policy also details the other parties to whom the personal information may be disclosed and the security measures that are put in place to ensure that the personal information is protected. However, for these policies to play a role, the user has to read them and take appropriate action. A significant number of users are aware of the privacy features that are provided by SNSs and they are also adept at using them. However, Acquisti and Gross (2006) state that these users do not take the initiative to protect their information since they deem the task as time-consuming. This results in users being exposed to the dangers that arise from their privacy being violated in SNSs.
Conclusion
This paper set out to discuss the privacy issues that are related to SNSs such as Facebook. The discussions presented in this paper show that the information posted by users in their profile is in actual fact personal information that the individual willingly posts to the site. The reason why people upload personal information is that they have a false sense of security in the SNSs. It has been indicated that this information may be used against the user by malicious parties, in a court of law, or by employers. As such, the user should be cautious of the information they share on SNSs. By being more prudent and bearing in mind that the information posted is in the public domain, users can reduce the chances of facing the negative implications that arise from uploading personal information online.
References
Acquisti, A & Gross, R 2006, Imagined communities: awareness, information sharing, and privacy on the Facebook. Cambridge: Cambridge University Press.
Boyd, D & Ellison, N 2007, Social network sites: Definition, history, and scholarship, Journal of Computer-Mediated Communication, 13(1): 45-56.
Brooks, G 2007, Secret society, New Media Age, 13(1): 10-11.
Facebook 2008, About Facebook, Web.
Flint, D 2009, Law shaping technology: Technology shaping the law, International Review of Law, Computers & Technology, 23(1): 5–11.
Goettke, R & Christiana, J 2007, Privacy and Online Social Networking Websites,Web.
Hodge, M 2006, Comment: The Fourth Amendment and Privacy Issues on the ‘New’ Internet Facebook.com and Myspace.com, Southern Illinois University Law School Journal, 31 (1): 95–122.
Lehavot, K 2009, “MySpace” or Yours? The Ethical Dilemma of Graduate Students’ Personal Lives on the Internet, Ethics & Behavior, 19(2): 129–141.
Lindsay, CL 2005, The College Student’s Guide to the Law, Lanham, Md.: Taylor Trade Publishing.
Meredith, P 2007, Facebook and the Politics of Privacy: Chronicle of Higher Education, Web.
Spon, M 2010, Is your e. impression costing you the job? Society of Industrial and Organizational Psychology Media, Web.
Timm, M & Duven, C 2008, Privacy and Social Networking Sites, Wiley InterScience.
Tow, N et al, Understanding Information Disclosure Behaviour in Australian Facebook Users, the 19th Australasian Conference on Information Systems (ACIS) 2008, Christchurch, New Zealand.
Wallbridge, R 2009, How safe is Your Facebook Profile? Privacy issues of online social networks, ANU Undergraduate Research Journal, 1(2): 85-92.
Wellman, B 1997, An Electronic Group Is Virtually A Social Network, New Jersey: Lawrence Erlbaum Associates.