Social Networking and the Overshare Generation

please-rob-me-smlThere have been a lot of stories in the media lately about cyber-stalking and privacy issues on the Internet. It seems to be a knee jerk reaction to the tsunami of social networking that has occurred in the past few years. Or is it? Are the media over-reacting? Or have we forgotten what privacy is in the age of the World Wide Web?

The Rise of Oversharing

Back in the late 1990’s, many people didn’t even use their real names on the Internet. Email addresses were usually aliases or nicknames in an attempt to retain as much privacy as possible. But with the rise in popularity of social media services such as Twitter, Facebook and MySpace has come a rise in online confidence.

The new Internet generation doesn’t seem to have the privacy hang ups or suspicions their parents had about sharing information with strangers over the net. In fact, this younger generation of cyber savvy has an alarmingly high comfort level when it comes to communicating personal information about their lives on the Web.

The premise is that everyone in your social circle not only wants to know but NEEDS to know when you are buying that tall frappuccino from @starbucks. That they need to know precisely where you are and what you are doing every minute of the day. This new phenomenon is called oversharing and it has privacy experts worried.

“People put data up on the web and they just don’t realize the implications of this data” says Martin Cocker, Executive Director of NetSafe, a non-profit organization that promotes safe and responsible use of Cyberspace.

Location Based Oversharing

It’s not just our increasingly high comfort level with a lack of online privacy, but the way people are sharing and socializing online that has changed dramatically, particularly in the past 12 months.

Services likeGowalla and FourSquare focus on location-based social networking. Using your phone or mobile Internet device, you log into these sites and announce where in the world you are and what you are doing there e.g. “Kalena is at City Fitness Gym taking a Zumba class.”

The process is called *checking in.* You can check in from parks, bars, museums, restaurants, libraries or anywhere you care to create a location. The idea is to let your online friends know where you are and you earn points, badges and rewards (both tangible and intangible) based on your activity.

Sounds like harmless fun, right? But there’s a seedier side to location-based social networks. Not only does it encourage stalking by your exes, your boss and your mother, but it opens you up to the very real possibility of a criminal attack. How?

Gowalla, FourSquare and other location-based social sites post your exact geographical location including the precise GPS co-ordinates of your current location. Some naive users of these social sites actually register their home address as a *place* and then *check in* when they arrive at the location of their homes.

If you are particularly obsessive about posting your location status on either of these sites, ANYONE with an Internet connection can track your movements at all times of the day – when you leave home, what time you arrive at work, where you decide to grab lunch, etc.

Many people also cross-link their location status updates with their Facebook and Twitter accounts, sharing their whereabouts with an ever-widening public circle. Not only could stalkers have a field day with this information, but it can make it very easy for cyber criminals and hackers to steal your identity.

Unfortunately, it’s not just your identity that can be stolen.

The Perfect Storm for Crime

If you are a regular user of location-based social networking sites, it’s child’s play for criminals to know when you leave your house unattended. Match this with an overshare on Twitter about your recent iPad or flat screen TV purchase and you’ve got the perfect storm for a break and enter.

To point out how simple it is for criminals to take advantage of our silly oversharing nature, programming students Frank Groeneveld, Barry Borsboom, Boy van Amstel set up Please Rob Me in February this year. The site consisted of a live stream of tweets from people who were *checking in* at locations other than their Home address on FourSquare and cross-posting the information to Twitter.

The site included a location-based filter and would-be burglars were encouraged (tongue-in-cheek) to view *recent empty homes* and *new opportunities.* When asked why they built such a site, Groeneveld, Orsboom and van Amstel responded:

“These new technologies make it increasingly easy to share potentially sensitive personal information, like your exact location. The danger is publicly telling people where you are. This is because it leaves one place you’re definitely not…home. So here we are; on one end we’re leaving lights on when we’re going on a holiday, and on the other we’re telling everybody on the internet we’re not home…”

Reaction to the site was enormous and angry. Groeneveld, Orsboom and van Amstel discussed the logic behind the site in their recent guest post for the Center for Democracy and Technology:

“Our intention is not, and never has been, to have people burgled… The goal of the website is to raise some awareness on this issue and have people think about how they use services like Foursquare, Gowalla, BrightKite, Twitter, Google Buzz etc. Everybody can get this information.”

How Easy Is It?

David Farrier, a journalist for TV3 in New Zealand decided to find out how vulnerable users of location-based social networks are. He researched profiles on FourSquare and Facebook and found a couple of people in his geographical area of Auckland. They had willingly published their photos and home co-ordinates as public *places* on Foursquare so with the help of his in-car GPS, he went to visit them at their homes, keen to share with them all the information he had learned about them online, like the fact they had been out for dinner 14 times in the past month and enjoyed listening to the band Pet Shop Boys. Naturally they were freaked out and didn’t let him in, but as he pointed out, “It’s a bit weird, I don’t know why they wouldn’t let me in, they had made ALL this information available to complete strangers on the Internet.”

Photo Tracking

So this is all a bit confronting. But did you know that you may be sharing your location even if you don’t use location-based social sites? Photos you take with smart phones and upload to the web are automatically embedded with GPS tracking data that can easily be deciphered to provide precise location co-ordinates.

So that Twitpic Jennifer Lopez brag-tweeted last week of her diamond bling might be admired by a burglar who now has the exact GPS co-ordinates of her house. Or the snapshot I tweeted last week of All Blacks rugby legend Dan Carter working out at my gym can pinpoint his exact whereabouts to anyone with photo decoding software. Anyone coming across the photo on the Web could track Dan’s physical location down and start stalking (sorry Dan).

The Disappearance of Online Privacy

An organization in the US called the Electronic Frontier Foundation has developed a white paper on the potential dangers of exposing our locational privacy. Authors Andrew Blumberg and Peter Eckersley write:

“Over the next decade, systems which create and store digital records of people’s movements through public space will be woven inextricably into the fabric of everyday life… These systems are marvelously innovative and they promise benefits ranging from increased convenience to transformative new kinds of social interaction. Unfortunately, these systems pose a dramatic threat to locational privacy.”

To those who pose the argument that law-abiding citizens don’t need privacy, Blumberg and Eckersley offer this:

“It’s not just the government, or law enforcement, or criminals or political enemies you might want to be protected from. Your co-workers don’t need to know how late you work or where you shop. Your sister’s ex-boyfriend doesn’t need to know how often she spends the night at her new boyfriend’s apartment.”

Is it All Just Scaremongering?

Ask one of the cyber savvy crowd if they’re afraid of their loss of privacy on the Internet and they’ll likely send you an eye roll emoticon. Many claim that privacy experts are overreacting and that the media are just scaremongering. They make the point that privacy is breached offline all the time.

“New privacy scare! If you know someone’s name you can look up their phone number and home address in the *phone book*”, posts David Olsen, blogger for Dynamic Business Magazine in response to Facebook’s recent privacy issues.

The Bottom Line

Whether you think it’s harmless or not, the data people are willing to share online is increasing every day. It’s part of the “everyone else is doing it” mentality that’s alive and well on the Internet.

Experts are right when they say that users are becoming too blasé about their privacy and safety. The bottom line is that most people don’t keep track of how much data they are sharing. They’re lazy, they’re social, they’re mobile and they tend to ignore the privacy settings of their favorite web applications.

“Social networks have increased enormously in size and number. Most of them allow you to relay messages between different sites and it’s easy to lose track of just how much information you might be giving away and how many people have free access to it”, say Groeneveld, Orsboom and van Amstel.

“It’s important to be aware of privacy settings, to control the reach your messages have. If you allow your messages to travel between different social networks, this becomes more complicated. Information you trust to your friends might end up somewhere else.”

I don’t know about you, but I’ve just deleted my Foursquare account.

Spread the joy!