Facebook changes and the Federal Trade Commission

As expected after so many reactions from Privacy advocates to privacy bloggers (including myself in a blog post here), Facebook new changes (Timeline, Ticker) were brought to the attention of officials including the Federal Trade Commission, as the Washington Post Blog announced.

A significant help came from the Australian blogger Nik Cubrilovic who wrote on September 25, 2011 (read here) about a discovery he made while looking into Facebook’s code. This discovery points out how Facebook actually tracks users browsing and visited webpages by using cookies, even after they logged out of the network. Those “super cookies” have the ability to carry on after the user logged out of Facebook. If you remember, E-Crime Expert also posted a blog which exposed how cookies monitor and track users: Cookie monitoring?! No way…just a “coincidence”

Of course Facebook got in touch with Nik Cubrilovic and answered his concerns that: “the company has cookies that persist after logout in order to identify outside parties who may be trying to log in to a user’s account” (Cubrilovic’s Blog).

Facebook said there were a couple of bugs in their system that kept unique user information, but those bugs did not store users’ private information and that they already fixed this technical issue.

Besides these issues described above and identified by Nik Cubrilovic, Facebook practices “frictionless sharing,” that permits apps to post user activity to the network in real-time without requiring permission from account holders for every update (the new Facebook Timeline feature). Some of these apps are already using the new Facebook platform and are posting real-time feeds regarding other users’ information (wall updates, pictures, quotes, videos, music, etc) on Facebook. This brings with it some risks for cyber stalking, enforcement/prosecution or employment because with the new Facebook features, the information is much more easily followed by any interested party or entity, being displayed in a chronological order and categorized under individual users rather than being delivered in bulk.

Civil rights advocacy groups such as the Electronic Privacy Information Center (EPIC) and the American Civil Liberties Union including another 10 groups brought all these issues to the Federal Trade Commission’s (FTC) attention. They ask FTC to investigate the new Facebook changes in order to establish if those new changes are violating consumers’ privacy by encouraging users to share more information, because:  “For users who wish to maintain something approaching their old privacy settings, Facebook has offered solutions that are confusing, impractical, and unfair.”

To conclude, those new Facebook changes (Timeline, etc.) are going to be aired to users during this weekend. Soon, after this, regular users will heavily test new changes and other privacy groups and advocates will be able to have better feedback on whether these changes have the impact described in this post.

Regarding my personal feedback so far, anyone with access to a user’s Timeline (which may have low privacy settings), could find in all the information about that particular user in chronological order which is neatly organized in one useful package for cyber criminals to copy in an instant. That could become a one stop-shop for identity theft or cyber stalkers. It can also bring risks when applying for a job (easy for a prospective employer to “scan” one’s social life) or when monitored by public authorities (i.e. when one posts pictures when driving with 200 km/h, repeatedly).

Until then, when using new Facebook privacy features it is important to stop posting everything on Facebook, think twice before doing so, research and review what these things are because as E-Crime Expert always stresses an informed user, makes an informed decision.

Also, I am looking forward to the FTC reaction and response on these alleged privacy vulnerabilities.

Any questions can be submitted to: dan@e-crimeexpert.com

Additional information can be found at: www.e-crimeexppert.com

What do you think about these changes? Have you received them? What do you expect to be the FTC’s reaction?

Hit the “subscribe” button in order to be notified when new videos and Articles are posted on this blog.