A Consumer Reports investigation indicates 13 million U.S. Facebook users are oversharing — and likely don’t know it.
That figure represents 8 percent of Facebook’s 150 million U.S. users, but it is part of an upward trend in users failing to protect themselves while on the social network — putting themselves at risk in the real world. For instance, 4.8 million people potentially tipped off burglars by posting plans that pinpointed where they’d be on certain days. Another 4.7 million “liked” a Facebook page about health conditions or treatments that could be used against them by insurance companies.
“Facebook really is changing the way the world socially communicates and has become a successful service in part by leveraging copious amounts of personal data that can be spread far wider than its users might realize,” Consumer Reports Technology Editor Jeff Fox said in a prepared statement. “Our investigation revealed some fascinating, and some disquieting trends – but ones always worth knowing for consumers who wish to keep their personal data under better control.”
The investigation involved projections from surveying some 2,000 members of Consumer Reports’ interactive consumer online panel, 1,340 of whom were active Facebook users. They were interviewed January 16 to 31, 2012 by the Consumer Reports National Research Center.
It appears one way users protect themselves is to lie. One in four admitted to falsifying information in their profile to mask their true identities. Some do it to hide from employers; others to help prevent identity theft.
But the data points extracted from Consumer Reports’ annual “State of the Net” report show people still provide too much information, whether or not they try to conceal their true identities. For instance, 20.4 million include their birth date, including their year, in public profiles. People also should be mindful that employers, college admissions officials, government investigators and, of course, criminals and personal enemies routintely scan Facebook data.
Many Facebook users don’t expect the information they post to go beyond their own network of friends, but the report devotes an entire section to how they can lose control of that information, particularly through Facebook apps and games.
“Whenever you run one, it gets your public information, such as your name, gender, and profile photo, as well as your list of friends even if you haven’t made that list public. And if you give the app certain permissions, it can peer deeper into your data and even see information that your friends share with you, unless they have specifically forbidden sharing with apps in their own privacy settings,” the report stated.
“The result is that unless you’ve chosen your privacy settings meticulously, a friend who runs an app could grant it access to your information without your knowledge. Given that fact, it’s troubling that our survey found that only 37 percent of Facebook users say they have used the site’s privacy tools to customize how much information apps are allowed to see.”
There are signs that Facebook is responding to privacy critics that maintain the company could do more to ensure its 900 million users have more control over their data. For instance, the Tag Suggest feature that uses facial recognition software to scan photos met with strong criticism and was modified to better alert unsuspecting users so they could untag a photo or disable the feature altogether.
But the report also makes it clear users will need to be more proactive about their online privacy by regularly reviewing their Facebook privacy settings and protecting basic information. They also should be sure to limit all past, present and future wall posts to just friends.
Also, Consumer Reports recommends blocking apps and sites that spy on users or allow friends to share another’s personal information by using controls that limit the information apps can see. Similarly, you can restrict views of wall posts or items in your profile.
If someone is being stalked, harrassed or impersonated, they can deactive their account, which will make it temporarily inaccessible to everyone but the user. Deleting is another recourse, but one that shuts out everyone — including the person behind the account.