Social Networking Spyware in Washington Post

Today’s Washingon Post has an A1 story about Facebook Application privacy:

Facebook fanatics who have covered their profiles on the popular social networking site with silly games and quirky trivia quizzes may be unknowingly giving a host of strangers an intimate peek at their lives.

Those mini-programs, called widgets or applications, allow users to personalize their pages and connect with friends and acquaintances. But they could pose privacy risks. Some security researchers warn that developers of the software have assembled too much information — home town, schools attended, employment history — and can use the data in ways that could harm or annoy use.

I’ve previously blogged on the privacy issues of Facebook Apps such as the civil liberties problems when law enforcement agencies create Facebook apps.

It’s good to see this issue gaining mainstream attention, because it means that people will start thinking differently about threats to privacy online. EPIC recently testified at a hearing on spyware. The testimony included social networking applications as a possible vector for spyware.

People at the hearing talked about the need to have any legislation in this area not be technology dependent. The bill being discussed, S. 1625, included some language that was focused on PCs, but ignored other threats. The bill had sections making unlawful certain behavior. It used language like “caus[ing] the installation on [a] computer of software that” did several prohibited things, like improperly collect information or display too many popups. But that language is focused on the idea that people keep their data on their computer. With social networking, people are keeping their data online, with social networking services. This data should also be protected from new types of spyware, and we should think of improper data collection from social network services in the same way we think about improper data collection from our home computers.

Posted: June 12, 2008 in: