Social networking sites compromising on privacy: Cambridge University
By siliconindia   |   Monday, 27 July 2009, 20:41 IST   |    2 Comments
Printer Print Email Email
Social networking sites compromising on privacy: Cambridge University
Bangalore: The social networking sites which have become a mainstream cultural phenomenon over the decade are into fierce competition, which is compromising on the security of the user's data, states a Cambridge University study. Some of the previous studies have found that more than 80 percent American university students spend minimum of 30 minutes on the social networking sites in a day. Around 16 social networking sites fall under the 100 most visited sites worldwide. Around 45 social networks like Facebook and MySpace were surveyed in the study, which included lesser-known networks also. The authors of the report expressed "serious concerns" about the extent to which these sites fail to keep users' personal information private. The report provides numerical data to confirm its findings, which include problems like misleading privacy policies and inaccessible privacy guidelines. These problems have long been in suspicion. 90 percent of sites needlessly required a full name or date of birth for permission to join. 80 percent failed to use standard encryption protocols to protect sensitive user data from hackers. Around 71 percent reserved the right to share user data with third parties in their privacy policies. The study argues that privacy is being compromised by rigorous competition for users. Researchers say that discussing openly on the privacy issues on social networking sites puts off the average user, which discourages the owners from producing explicit or accessible privacy guidelines. "Sites want users to be relaxed and have fun, but when privacy is mentioned users feel less comfortable sharing data. Even sites with good privacy feel that they can't promote it, so users have no idea of what they're getting," said Co-researcher Joseph Bonneau. The researchers covered only those sites which are available in English, signing up to each using a Yahoo! Email account and the pseudonym "Upton Sinclair". The researchers, Bonneau and Soren Preibusch, recorded the amount of personal information that they had to hand over in each case in order to sign up to the site and how much they were told about its privacy policy and settings in the process. After signing up, the researchers tested each site's privacy controls against 260 criteria, examining features such as log-in arrangements and the site's privacy policy and configuration controls. They found "pervasive problems" like poor web security practices, confusing user-interfaces and misleading privacy policies. All but three of the general purpose sites they examined left new profiles completely visible to at least all the other members of the site by default. As previous studies have suggested that between 80 percent and 99 percent of users never alter their privacy settings, this means that in most cases their profiles will remain visible. The researchers also produced privacy scores for each of the networks assessed. Bebo and LinkedIn were ranked the highest for their privacy settings, while the British site Badoo earned the wooden spoon. Facebook and MySpace, frequently the targets of privacy critics, ended slightly above the average. In general, the researchers found that the larger, more popular and older sites maintained better privacy practices and adopted higher privacy standards. "The popular sites are just the tip of the iceberg. Niche sites implement significantly less favorable privacy practices and offer fewer controls to their users to configure the sharing of personal information," said Preibusch. Overall, the report also found that sites which promoted their privacy controls as a selling point tended to be those with fewer users joining the site. It suggests that this may be because the vast majority of people, while they may claim to be concerned about privacy, tend to forget about or ignore the possibility that this may be jeopardized when offered an attractive social networking service. Since the sites depend on acquiring as many users as possible, the researchers argue that most social networks opt to set up long and complicated privacy measures which, in most cases, is difficult to access or even find. At the same time, they show off how many users they have and how easy it is to make friends, or share photos, videos and music - all features which would be harder to sell with stricter privacy controls. The report calls for an "opt-out" approach to privacy, in which users' details are kept private until otherwise stated. It also calls for stronger across-the-board regulation, and suggests that sites could offer "premium" membership schemes which allow users to handle their privacy settings in greater detail if they wish, a scheme known as "privacy negotiations".

siliconindia