Monday, December 13, 2010

End of Privacy: Facebook

Armed with your e-mail address, data miners can hit Facebook and match it up with your user ID. That key unlocks a treasure trove of personal information.

At bare minimum, your ID provides access to your name and profile photo, no matter what privacy settings you have. Those who stick with Facebook's recommended settings will reveal even more: their location, hometown, list of friends, lots of photos, and many of their "likes," such as activities and interests.

That's a goldmine for companies that are trying to target their products to you.

"Once you have an ID you can look up the person," said Axel Schultze, CEO of Xeesm, a social media marketing software developer. That gives you access to all the information publicly available in their profile, and from that, "you can build correlations between all sorts of other data."

The API returned a smattering of information about me, including my gender and geographic settings. A person -- or a machine -- can retrieve that data after starting with nothing more than my e-mail address.

"Combine this with an e-mail address and I can add you to a mailing list," Dindayal said. "Beyond that, some users within Facebook don't have their privacy settings set very high and even more information might be made available."

Facebook has technical safeguards in place intended to prevent data miners with massive lists of e-mail addresses from sucking in troves of public information about Facebook's users. But invaders keep slipping through the site's defenses.

Deleting information after the fact as Rapleaf did doesn't wipe it from the record books.
Rapportive did not respond to several requests for comment.

"The genie is out of the bottle," Dindayal said. "Once the information is out, it's impossible to know who has a copy of it."