Facebook's Fallout: Staying Safe on Social Media
Within the last few years social media platforms have made leaps and bounds when it comes to becoming more interactive for their users, as well as becoming useful tools for businesses looking to advertise. None more innovative than Facebook. Despite the media conglomerate’s original goal of connecting friends and family members on one website, it has now been pinpointed as one of the easiest platforms to target for advertisers, as well as data miners and hackers.
The sensational media coverage surrounding Facebook’s massive data breaches is causing more people to delete their accounts, as well as demand for oversight of the tech giant. The platform that started off in a Harvard dorm room is now a place that causes many people to be concerned about their personal information being targeted by foreign governments or shadowy data research agencies.
A Dubious Data Firm
Just recently, news broke of the deceptive data firm, Cambridge Analytica (CA), acquiring over 87 million American Facebook users’ personal information for the usage of political influence. This so-called “data firm” was able to gain access to these account by creating an online app called “This is Your Digital Life” that was used to conduct a personality quiz. According to Facebook, 270,000 people initially installed this app on their phone, connected their Facebook profiles to the app, and granted the app to have access to their profiles. Sounds harmless at first, but this is where it gets tricky. After the initial people installed the app and granted it permission to access their social media accounts, CA’s app used a sophisticated algorithm that exploited a loophole within Facebook’s API. This loophole allowed CA to scrape and harvest data from the quiz taker’s friends, without their knowledge.
After mining people’s personal information off of Facebook, CA used a new marketing technology called “psychoanalytics” or “psychographics” to better target certain groups with political advertisements. This fringe data science claims to have the ability to more accurately target people’s phobias and political biases by gathering information from users’ social media profiles (specifically Facebook).
The data acquisition efforts deviously conducted by CA has caused widespread outrage; and some are placing the blame on Facebook for its’ prior knowledge of the information breach.
In a rare conference call with reporters on April 4th, 2018, CEO and Founder of Facebook, Mark Zuckerberg, discussed the steps his company is taking to prevent further data breaches. In this interview, Zuckerberg fell on his sword, saying the social networking company “got it wrong” and he admitted they “could do better” when it comes to protecting consumers private information.
The most shocking of his statements, however, was concerning the number of accounts which have been unethically harvested by information gatherers and data miners. According the social media mogul, over the past few years, 1 billion people across the globe have had their personal information harvested or hacked, without the users’ knowledge or consent. Facebook currently has 2.1 billion users in existence.
Although this has been in the news headlines for a while, what most people don’t know is that happens on a daily basis.
According to the New York Post, since 2015 approximately 160,000 Facebook profiles are hacked daily.
Many times users’ information are harvested by inputing random phone numbers into Facebook’s search bar. However, since the recent data breaches that have captured international attention, Facebook has since disabled the feature that allows people to search using phone numbers or email addresses.
Although, CA used a very sophisticated algorithm, coupled with a simplistic app that made it nearly impossible for an unaware Facebook user to prevent against being targeted, there are a few ways to protect yourself from the next cyber attack–and no, it’s not just as simple as changing your password or deleting your account.
Facebook’s No.2 Apologizes
Chief Operating Officer of Facebook, Sheryl Sandberg apologized on behalf of Facebook on Thursday April 5th saying, “We know that we did not do enough to protect people’s data. I’m really sorry for that. Mark [Zuckerberg] is really sorry for that, and what we’re doing now is taking really firm action.”
After all the apologizing coming out of Facebook, it still doesn’t mitigate the fear many people have concerning their private information not being secured. If you have read up to this point, it is safe to surmise you probably have some serious concerns as to how your data is being used on Facebook, and how you can protect yourself from a potential data breach. Well, lucky for you, the next part of this article is dedicated to securing your Facebook account, and helping your protect your data from future cyber attacks.
Unlike other articles out there, you don’t have to hold a doctorate in Analytics or Cyber Engineering in order to understand, and implement, these simple tips.
Run a Privacy Checkup
Although cyber attacks and harvesting people’s personal information from Facebook is nothing new, you should still take the proper precautions to make sure you are staying safe and secure on Facebook.
The first thing you should do is run a “Privacy Checkup.” This simple tool shows you a breakdown of your privacy settings. Here are the steps:
- Click on the question mark icon in the upper right-hand corner.
- Then a dropdown will appear. Now, click on the tab called “Privacy Checkup.” Once you start your privacy checkup, this tool will go over your privacy settings with you.
Some of you privacy settings include who can see your status updates, whether your account is set to public or private view, and whether you are allowed to be tagged in posts not originating from your page, just to name a few. The privacy checkup has a total of three steps. The first being if your profile is set to “Public” or “Private” view. The second step is checking your third-party apps and the final step is verifying your personal information.
The most useful part of this tool is in the step dealing with third-party apps. It walks you through deleting third-party apps you gave permission to access your account, as well as how to disable these apps from accessing your friends’ information.
You may be surprised by how many third-party apps you may have installed on your Facebook. These types of apps range from personality or movie quizzes to dating sites. Have you ever taken a quiz on “Which Harry Potter Character You Would Be” and after getting the results (Albus Dumbledore, of course), the app asks “Allow Access to Facebook to Share Information?” Seems innocent, right? Well.. maybe not.
Now, the trick is that many of these apps or quizzes won’t let you share your “results” unless you agree to let them have access to your Facebook profile and all its’ data. So, unwittingly, many people agree to what seems like a harmless app having their information. Although the original app had to deal with Harry Potter, the app’s creators may have had a far more nefarious plot in mind: harvesting and scraping your data and selling it to advertisers, political action committees, and possibly foreign governments.
This is exactly how Cambridge Analytica was able to scrape over 87 million American’s Facebook accounts.
What seemed like a harmless app to many people who downloaded it and connected it to their Facebook profiles, turned out to be one of the biggest data breaches since the creation of the social media behemoth.
So, once you run this privacy checkup make sure to delete old third-party apps you are not using.
There are legitimate ones people like to have connected; such as Pinterest, Tinder/Bumble (mostly all the dating apps), GrubHub, etc. You shouldn’t delete these apps. If you do revoke one of these apps’ access to your profile, they may not be able to pre-populate your photos on their apps, or you may have to create a new profile.
Downloading Your Data
Another helpful tool Facebook offers, which has become more popular since the media frenzy sparked by Cambridge Analytica, is the ability for Facebook users to download their data that Facebook has stored. I’m not going to lie, what you see when you download your data is a little creepy. And you will see why.
But first, log in to your Facebook account from a desktop or laptop, and click the arrow button in the right hand corner
, right next to the question mark with circle around it
Then click on “settings.”
After you click on settings you will be redirected to a page where you will see a section called “Download my Data”. Click on this, then the next screen will prompt you to start downloading it.
After downloading your data you are able to see who had access to your information, what they used your information for, ads you shared, interactions companies had with your account, and the list goes on and on.
The Devil Is In The Details
Upon looking at your information you just downloaded, it doesn’t seem too controversial. However, the devil is in the details. Probably the most disturbing thing to find out, is that Facebook has access (and keeps track of) every IP address you use to log in to your account with. An IP address is a unique sequence of numbers used to identify computers that are using the internet.
By being able to track and document the IP address you have used, Facebook is able to digitally track and map your every movement. Not to promote paranoia, but this is the type of technology George Orwell referenced in the famous dystopian novel 1984. Big Brother, anyone?
Have I Been Pwned?
Also, check out a website called haveibeenpwned.com. This website is dedicated to helping people figure out if their email address has been associated with any recent data breaches. It is a quick and painless (sort of) tool to help you figure out which of your email address(es) have been targeted and what steps you can take to rectify the situation.
The first step is simple: After arriving on the webpage all you need to do is type in your email address. It is suggested to first check the one you associate with most of your social media accounts. Then click the “pwned?” button.
Next, a page will load with the results. For instance, the results below are from my personal email address that is associated with my Facebook account. Apparently, it has been involved in two data breaches. This website also tells me specifically which two breaches my email address was involved in.
If you find out your email address was used nefariously, take the extra two minutes and change your passwords associated with that email address. This sounds like an overly simplistic remedy after finding out your email account has been breached; yet, by changing the password (and making it more difficult), the risk factor of your email being breached again goes down.
Russian Roulette: Did I Interact With Fake Political Ads?
So what about the Russians? That’s a question that get’s asked constantly. Since the launch of the Special Counsel’s investigation into Russian meddling in the 2016 election, the U.S. public has learned that fake political campaigns were created by Russian spies.
The Deputy Attorney General of the U.S., Rod Rosenstein, announced two months ago the scope in which Russia used social media (specifically Facebook) to cause political turmoil and chaos during the 2016 presidential cycle.
The Deputy Attorney General said some of the ads didn’t necessarily mention a certain candidate, but instead they appealed to people’s inherent biases. Since the announcement that millions of Americans were exposed to propaganda by the Kremlin, Facebook created another tool to help its’ users find out if they interacted with any of the fake political ads.
If you are logged into your Facebook account, then click here and you can find out if you interacted with any of the fake campaign ads created by the Russians. Some of the campaigns looked legitimate—others, not so much. At least, now you can see which type of ads to be wary of, and to report them to Facebook if you think they are suspicious.
The tips given so far are really nothing new. Some of them have been covered on other major media outlets. However, there is one tactic to help against being targeted by certain advertising campaigns that is not being covered. It is called the “controlled confusion and chaos” method. Basically, by following these simple suggestions you can help create confusion within Facebook’s complex algorithms that are used to target you for advertising campaigns.
The first thing you can do is pretty simple: don’t click on any ads. Ever. Full stop.
That cute cellphone case you notice on your Facebook feed that your best-friend “liked” may look appealing, but don’t click it! Yes, this may seem like an odd tactic coming from an advertising agency’s perspective; however, by not engaging with ads you prevent yourself from being documented within Facebook’s analytics, and therefore cannot be targeted for future like-minded advertisements.
Now, this doesn’t mean you have to stop buying products on the internet. If you really want that cell phone case you saw Kate Spade advertising for, that’s fine. Just don’t click on the ad. Instead what you do is screenshot the ad (or use an ol’ fashioned pen and paper and write down the brand name); then, using “incognito mode” on your computer (or phone/tablet) either google the brand, or look it up on a retailer’s website, such as Amazon. This way you are going directly to the source, instead of through a possible third-party ad on social media.
The other tactic you can use is sporadically liking random ads, political candidates (even ones you may not agree with), or other social media campaigns. This sounds like a very odd tactic to use, but according to Wired’s Online Magazine, this random “liking” technique can help confuse Facebook’s algorithms used for advertisements. If your profile is not showing consistent behavior between interacting with the same types of campaigns and ads, then it is harder for you to be targeted by certain companies.
Facebook Faces more Fallout
Since news broke that Cambridge Analytica, a politically affiliated data firm, allegedly misused over 87 million Facebook users’ personal data, many people from all over the U.S. are concerned about the steps Facebook is taking towards preventing the further misuse of private consumer information for potential political gains.
One of the ways the federal government is attempting to mitigate future breaches of personal information on social media sites is by launching an investigation by the Federal Communication Commission (FCC) and the Federal Trade Commission (FTC). Both government entities are investigating whether or not Facebook violated federal law by being too lax with their consumers’ personal data.
Moreover, the FCC has been mulling over the idea of federally regulating the social media platform. Of course, this ultimatum has been floated by congressional leaders stating that if Facebook can’t increase its security features, then the FCC will have to do it for them.
In response to the media outrage over recent data breaches, Founder and CEO of Facebook, Mark Zuckerberg, testified before congress for two consecutive days (April 10th to April 11th 2018). Zuckerberg appeared before the House and Senate Judiciary and Commerce Committees. He was asked tough questions about the approach his company has taken towards protecting its consumers, as well as notifying them if their information was in fact breached. On top of being grilled on Capitol Hill, Zuckerberg apologized to the U.S. Congress and the American people, just days after his No. 2, Sherly Sandberg, made the same type of apology via CBS News.
The social platform will also be rolling out more extensive privacy protection policies in the coming weeks as well.
Rolling Out New Policies
Even though Facebook’s executives have created new privacy policies, the company is still determined not to restructure its current business format. Facebook is run by ads; ads that almost anyone who has a debit card and a Facebook Business Account can create. This is what allows the site to remain cost free.
However, many politicians in congress, as well as other tech giants in Silicon Valley, have called for Zuckerberg and Sandberg to restructure their business model by having stricter requirements for advertising on their site (which includes Instagram). One of the proposed policies gaining a lot of traction is a complete ban of political advertisements. Facebook says it is not going to ban political ads anytime soon; yet, it is going to make it harder for political ads to be run on its network.
A new system is now in place where a political candidate, or campaign, must submit to a “Real ID Verification Test” to ensure it is in fact a legitimate candidate/campaign that is advertising on the platform. This is at least one step in the right direction.
Did Cambridge Analytica Access My Information?
One of the questions on many people’s minds is “Did Cambridge Analytica have access to my personal information without my consent?” Well there is a quick way to find out. As previously mentioned, Chief Operating Officer Sheryl Sandberg launched a landing page on Monday April 9th, 2018 for users to check to see if their data was stolen my CA.
Here is what you have to do:
Step 1: Login into Facebook
Make sure you are logged into Facebook on your desktop/laptop computer. You won’t get precise information if you are trying to run this data screening on a mobile device.
Step 2: Just Click the Link
Now, all you have to do is click this link which will take you to Facebook’s Cambridge Analytica Data (CA) Results Page. This landing page will let you know if your data was scraped and mined by CA. It will also tell you if you downloaded the “This Is Your Digital Life” app which was the tool CA used to nefariously scrape millions of Facebook profiles. You may not like what you see when access the information on this page. I know I didn’t.
After doing this check myself, what I discovered caught me off guard. As you can see from my results below, apparently one of my friends downloaded the app “This Is Your Digital Life” which consequentially resulted in sharing my personal information with Cambridge Analytica.
This landing page that Facebook provided for users to see if their account information was used by CA does discuss how the social media platform is trying to mitigate and prevent future data breaches, like this one, from occurring in the future. Facebook has since deleted the app “This Is Your Digital Life,” however, there is no word yet on how much information Cambridge Analytica retained.
Now, in a perfect, and simple world, none of these data breaches would have ever happened because Facebook and other social media conglomerates would have measures in place which safeguarded consumers’ personal data. But, that’s not the world we live in.
Here’s the reality: Facebook didn’t get to the top of the social media and tech industry by adhering to standards and precedents. Social media is still an ever evolving landscape, and when Facebook was launched there were little to no rules governing what these sites could and could not do.
Think about it: for the first 5-years Facebook existed, its main competitor was MySpace (yes, MySpace used to be a big thing back in the day). In its early years, users needed a college-based email account in order to create and access a Facebook account. But, as popularity shifted from MySpace to Facebook, the fast growing social media company needed to create an easy, yet effective business model. That’s when Facebook Ads were born.
Some people have requested the social media giant to stop providing advertisement opportunities on the platform. However, this is not realistic. If Facebook were to give up ALL advertising endeavors completely, there is no way it would be able to offer a free communication and networking service to over 2.1 billion users worldwide.
As the global leader in social media, Mark Zuckerberg says that they do have a responsibility to keep people safe, as well as continue to provide people with the ability to connect with others. However, restructuring Facebook’s business model to a non-advertisement, subscription based platform, would result in a sharp decline in the amount of users the company has. And, so far, Zuckerberg says he is not entertaining the idea of offering a subscription based platform.
George Orwell once famously penned “We know that no one ever seizes power with the intention of relinquishing it.” This decades-old quotation still rings true in the case of Facebook maintaining its position as the No. 1 Social Media and Networking platform.