With more time on our hands over the last few months, some of us have been on social media more than ever. Seemingly innocuous entries on many Facebook feeds are personality quizzes or profiling games that promise to reveal your spirit animal, or favourite ice cream, or whatever. While these may seem harmless, pause to consider whether you want to share this information with whoever developed the quiz… and with Facebook, other advertisers, and “big data” miners.
While some surveys really are just for fun, others may slip in questions like your mother’s birth name, the street you grew up on, or the name of your first best friend. All your answers can be harvested and cross-referenced against the other profile information in your social media account (which includes everything you’ve liked, clicked, or posted – including images), giving a hacker a running start at compromising your personal or financial information, or creating a false online identity. These answers can also provide enough personal information to allow a hacker to craft a spear-phishing attack on you, or pretend they are you in launching an attack on someone else. And, while Facebook does make efforts to vet the quizzes and plug-ins on its platform, some downloadable games and instant quiz apps can also be used to deliver malware to your computer or mobile device under the guise of a few minutes of harmless entertainment.
That’s not all. Understand that Facebook not only collects data from within your social media account, but can also aggregate troves of detail from your internet browsing history, search data, and information from other websites and online resources to construct a frighteningly broad profile of your identity. The answers you disclose could provide the last few pieces to allow someone to compromise or steal your identity based on your activities elsewhere.
Even if the information isn’t being used for criminal purposes, it may not be used in your best interests. All of the data mined from your online activities can be combined to build your “experience” with Facebook. Taking the aggregated responses, social media platforms can deliver advertising, news articles and unsolicited opinion that they “think” you will be interested in. If you go in understanding and accepting this, that’s fine. But many users continue to provide more and more personal information, allowing the social media content to be more and more specific and targeted. This can create an echo chamber effect, only showing you selected pieces of information, advertising, or opinion based on online tracking.
In his book The Digital Prism, author Mikkel Flyverbom elaborates:
“Using advanced digital platforms and more fine-grained profiling, companies like Cambridge Analytica rely on psychological profiles, such as what is known as OCEAN scores (Openness, Conscientiousness, Extraversion, Agreeableness, Neuroticism) to target individuals with so-called “dark posts” that reach only the selected person and are attuned to the exact needs or soft spots of that individual. Such direct targeting makes sense if you want to make somebody act in a particular way, like vote for a candidate, and know enough to be able to focus on that one piece of information that may be decisive.”
If you think this is over-stated, check your Facebook settings (in the Facebook app, visit Menu, Settings, Off-Facebook Activity). You may be surprised at how many websites you’ve visited – completely independently of Facebook – that have actually shared your activities with the social media giant. Facebook gathers and can exploit all of this information to shape your experience, and re-sell it to other advertisers on the platform. As the old saying goes, “If you’re not paying for the product, you become the product”.
Safety Tips
1) As with any social media channel, make sure you understand and adjust your Facebook privacy settings to limit your disclosures. Be particularly wary of any survey that asks you to register or sign in, or insists on getting your email address. Email is a common pivot point for the collection and aggregation of personal data.
2) Evaluate the sensitivity of your answers – if a question is the same one that you just answered in completing a loan application last week, then think twice!
3) Avoid accepting “Friend” invitations or linkages unless you actually know the person. Automated social media profile generators are common, and can prey on people who like to collect “friends” whether they know them or not.
4) Be particularly cautious about sharing family information and pictures. While you may comfortable sharing your details, others in that picture or posting may not be as willing to disclose personal data.
5) Be careful about sharing vacation plans or instant statuses. That picture of your entire family at the cottage today confirms that your home back in the city is likely sitting unattended.
6) Consider whether you are comfortable sharing your browsing history and website activities with Facebook. Learn more about Off-Facebook Activity Controls and how to control Facebook Browser History Tracking.
7) Wondering about other settings? Options, defaults, and terminology change frequently, so even if you are among the minority of people who have checked their settings in the last few months, you may want to check them again now. Here’s an extensive checklist of privacy controls you can review on your account. It may seem like a lot of work, and the language in the settings is often crafted to discourage you from dialing down access, but it’s worth the effort so you can make an informed choice about who sees your personal information. Why not set a calendar reminder to do this on a regular basis?
8) Be discriminating about your news sources and the content you get on your feed. Consider the sources, and validate the information you get from Facebook on other independent channels to build confidence that you’re getting facts and unbiased information.
You may be interested in what kind of pizza you are, or whom your Hollywood dream date might be. Just don’t forget that others may be interested too.