Cambridge academics have revealed that social networks
that promote theirsecurity controlsare likely to deter
users from joining, and as a result privacy guidelines are
inaccessible.
Open discussion of
privacy on social networking sites puts off the average user,
so websites do not produce "explicit or accessible privacy
guidelines", according to researchers at Cambridge University who
carried out the
research.
The research ranked Bebo and LinkedIn highest for their privacy
settings, while the British site Badoo was given the lowest mark.
Facebook and MySpace were placed slightly above average.
"Sites want users to be relaxed and have fun, but when privacy
is mentioned users feel less comfortable sharing data," said
co-researcher Joseph Bonneau. "Even sites with good privacy feel
that they cannot promote it, so users have no idea of what they are
getting."
Personal information goes public
The research of 45 online social networks across the world
revealed that the personal information of users is being made
public. It says the "furious competition between social networking
sites" is to blame.
The researchers found that sites which promoted their privacy
controls as a selling point tended to attract fewer members. In
their report, they suggest that this may be because the vast
majority of people, while they may claim to be concerned about
privacy, tend to forget about or ignore the possibility that this
may be jeopardised when offered an attractive social networking
service.
The report called for an "opt-out" approach to privacy. This
would mean users' details are kept private until otherwise stated.
It also called for stronger across-the-board regulation of these
websites.
Measurement of privacy
The websites studied ranged from MySpace and Facebook to
lesser-known foreign networks.
The academics recorded the amount of personal information
required to sign up to each site. They measured how much they were
told about its privacy policy and settings in the process, and
looked at how much they could see about the site's existing members
before they joined.
The research identified misleading privacy policies and
inaccessible privacy guidelines.
The research, which is freely available online, found:
- 90% of sites needlessly required a full name or date of birth
for permission to join.
- 80% failed to use standard encryption protocols to protect
sensitive user data from hackers.
- 71% reserved the right to share user data with third parties in
their privacy policies.
| Security advice for social networking |
|---|
- The Information Commissioner's Office advices social networking
website users to:
- Choose sites that offerplenty of control over who can find your
profile and how much information they can see.
- Read privacy policies and understand how sites will use your
details.
- Do not allow people to work out your "real life" location, such
as your place and hours of work. Your personal safety offline could
be affected by what you tell people online.
- Change passwords regularly. Avoid using obvious words such as
your pet's name and don't use the same passwords on social
networking sites as you do for services such asinternet
banking.
- Use a separate e-mail address for social networking, preferably
one that does not contain your year of birth or full
name.
|