My husband Matt and I traveled to Orange County, California during this year’s terrible East coast “Snowmageddon” season. It was sunny, warm and wonderful. When we returned to the threat of another potential snow storm (in April!), we had a text message conversation, discussing how great it would be to move to Orange County. Later that day, Matt logged into his professional social media app on his phone and noticed he had gotten job postings for Orange County. Strangely enough, when I logged into my own personal social media app, I was surprised to discover that I had received ads for real estate in Orange County.
Social media and mobile apps are moving toward predictive advertising and behavior to make our lives more convenient by alerting you about traffic congestion or items that you might want to purchase. The amount of personal data required to power these types of applications is staggering. Companies go to great lengths and expense to create and employ the technology that powers the analytics necessary to perform this complex predictive modeling based on your data.
People typically fall into one of three camps when it comes to commercial services (such as social media) that collect your data and track your personal habits, essentially developing a pattern of life on you: You think it’s an invasion of privacy, you don’t even think about it, or you think it’s convenient and a great help.
Regardless of which opinion you have, the fact is that in order to use these apps you have to agree to a terms of service (essentially, a contract) which sets forth exactly what is being collected, why, how it’s collected and how often the terms of service can change. If you agree to the terms and use the site or app, you are bound by the terms. Some user agreements tend to be very easy to read and upfront, and others are much more difficult, with lots of legalese thrown in. Regardless, it is important to read, understand, and become educated about what you are agreeing to.
Facebook Terms of Service Agreement: The Break-Down
I have read many terms of services and found that Facebook is one of the easiest to read and understand. The Facebook Terms and Policies include the Statement of Rights and Responsibilities, Data Use Policy and the Facebook Community Standards policy.
The Statement of Rights and Responsibilities are the terms you agree to when you use Facebook. The Data Use Policy tells you what data can be collected and what it can be used for. The Facebook Community Standards is the expected code of etiquette and outlines what type of posted content can be reported and removed. In order to help demystify and familiarize you with these policies, I will summarize what I feel are the most important components of the Data Use Policy.
Facebook Collects Information About You
Most people correctly assume that Facebook and other social media sites will collect information that you choose to provide. According to the Facebook Data Use Policy, updated on November 15, 2013, Facebook collects information about you. This includes the information that you used to register, any information that you share, such as when you post a status update, upload a photo, or comment on a friend's story, add a friend, “like” a page or a website, add a place to your story, specify your birthday, or indicate you are in a relationship, but not everyone is aware that Facebook also collects information that other people share about you.
Many people may not be aware that, according to the Facebook Data Use Policy, updated November 15, 2013:
“When you post things like photos or videos on Facebook, we may receive additional related data (or metadata), such as the time, date, and place you took the photo or video.”
All modern smartphones and cameras take photos with something called EXIF data turned on by default. EXIF data is information about the camera, including the exact geographic location where the photo was taken. Even if you have location services setting turned off in the Facebook app itself, Facebook can still collect this geographic data gleaned from your photos and potentially sells that information to third parties. For more information on EXIF data and how to turn it off, you can go to tylercohenwood.com.
“We receive data from or about the computer, mobile phone, or other devices you use to install Facebook apps or to access Facebook, including when multiple users log in from the same device. This may include network and communication information, such as your IP address or mobile phone number, and other information about things like your internet service, operating system, location, the type (including identifiers) of the device or browser you use, or the pages you visit. For example, we may get your GPS or other location information so we can tell you if any of your friends are nearby, or we could request device information to improve how our apps work on your device.”
Even if you have gone out of your way to make yourself anonymous from the social media apps that you use, there are identifying bits of information about you, such as the phone ID or IP address that you use to connect to the service, that identify who you are and where you are coming from. By learning your browser configuration and operating system, Facebook can potentially uniquely identify you each time you visit the site.
“We receive data whenever you visit a game, application, or website that uses Facebook Platform or visit a site with a Facebook feature (such as a social plugin), sometimes through cookies. This may include the date and time you visit the site; the web address, or URL, you're on; technical information about the IP address, browser and the operating system you use; and, if you are logged in to Facebook, your User ID.”
Cookies are small files on your computer or smartphone that preserve and maintain information about you and your preferences each time you go to a website. When you visit a site outside of Facebook that contains a Facebook (or other social media site) button to like or post the content on that site, if your Facebook session cookie is open, your visit to that site will be collected by Facebook. These buttons are called social plugins.
“As described in ‘How we use the information we receive’ we also put together data from the information we already have about you, your friends, and others, so we can offer and suggest a variety of services and features. For example, we may make friend suggestions, pick stories for your News Feed, or suggest people to tag in photos. We may put together your current city with GPS and other location information we have about you to, for example, tell you and your friends about people or events nearby, or offer deals to you in which you might be interested. We may also put together data about you to serve you ads or other content that might be more relevant to you.”
By using the information collected, they can put together a relatively in-depth pattern of life on you and can determine who your friends are including best friends, who your kids are, what you like to do, buy, politics and very detailed information in order to serve ads to your or display links, determine the order of content that you see in your feed based on its relevance to your interests.
Making Your Facebook Profile Public
It is also important to know what information is public without strict privacy settings or regardless of privacy settings. This means that any College Board, potential HR recruiter, potential mate or predator can view this information about you or your kids.
According to Facebook, if you choose to make your information public:
It can be associated with you (i.e., your name, profile pictures, cover photos, timeline, User ID, username, etc.) even from Facebook.
It can show up when someone does a search on Facebook or on a public search engine.
It will be accessible to Facebook-integrated games, applications, and websites you and your friends use.
When others share information about you, they can also choose to make it public.
You cannot control what others post about you and how they choose to share it unless it is something that violates Facebook’s very protective Community Standards policy. This means that if your friend posts a photo of you at that bachelorette party with a public setting and tags you, anyone can see it.
Again, according to the Facebook terms of service, the types of information listed below are always publicly available, and they are treated just like information you decided to make public:
Profile Pictures and Cover Photos
Username and User ID
This is important because anyone can view your profile and cover photos so make sure they show you in a positive light.
Here’s how Facebook says it uses the information it receives:
“Granting us permission to use your information not only allows us to provide Facebook as it exists today, but it also allows us to provide you with innovative features and services we develop in the future that use the information we receive about you in new ways.
“We may allow service providers to access information so they can help us provide services.”
This means that your information that Facebook has collected can be provided to third parties, and that it can really be used for anything, today or in the future.
Making an Informed Decision
As we’ve seen, it’s crucial to read and understand the terms of service of all the applications and online services we elect to use. Since most terms of service are written in easy to understand language, we shouldn’t be apprehensive about being able to understand them. The information they contain is critical to educating ourselves on what these services are doing and why.
Only when you’ve gotten the facts can you make a knowledgeable decision as to whether (and to what extent) you’d like to use these services. You’ll find that after you’ve read one or two of them, the mystery has been solved and that you’re a better informed consumer. Whether you decide that networks' user agreements are OK or not for you and/or your child, at least you can trust that you've made an informed decision.
-Article Contributed by Tyler Cohen Wood
Check out her book Catching the Catfishers, which gives insight into the digital dangers that can follow any and every social post!
Related Article: Dangers of New Location-Sharing Facebook Feature: Nearby Friends
Tyler Cohen Wood is a Cyber Branch Chief and Senior Officer at the Defense Intelligence Agency. She has 14+ years of experience with Cyber forensics, supporting DoD and law enforcement. In her new book, Catching the Catfishers: Disarm the Online Pretenders, Predators, and Perpetrators Who Are Out to Ruin Your Life, she discusses privacy and how to protect yourself online.
All views are my own and do not in any way reflect those of my employing agency or the United States Government.