Be aware of what information is public and what information you control
Information anyone who accesses Facebook can see – regardless of whether or not you are friends with that person – is your: name, profile picture, gender, username, user ID (account number), and networks. Because this information is available to the public, you should not include information in these categories that would allow someone you don’t know to find you. For example, if you use a picture of you in a sweatshirt with the name of your school on it, it will be much easier to figure out where you go to school. This could also give someone who doesn’t know you a better idea of where you live, where you shop and where you hang out.
Photos – A person who can see your photos has a virtual window into every aspect of your life which you post a picture of. In addition, friends can post pictures and “tag” you in them, making them visible to your friends, even though you did not take or post the picture. You have control over who can see pictures you post. Learn how to control who can see photos you post.
You can also control which of your friends see photos posted by others, although the person who posted the photos has ultimate control over that. To start, you can change your privacy settings so that any tags of you have to be approved by you before they appear on your profile timeline. If you’ve already been tagged, you will get a notification of this from Facebook. You can then untag yourself in any pictures by clicking the “untag” link next to your name at the bottom of the picture. Finally, you can change your privacy settings so that only you can see pictures of you posted and tagged by others. Keep in mind, however, if the person who posted the picture has given permission for friends to see the pictures, their friends – including any friends the two of you have mutually – will still be able to see it.
Status Updates – Access to this information could share personal information about where you go and thoughts you may not want shared with those who do not know you. You control who sees your status updates. To change who can see this information, change your status updates privacy settings.
Information such as school, relationship status, religion, and “likes” – You may not want to share this information with those who do not know you. You control who sees your personal information. To change who can see this information, change your privacy settings to limit who sees your personal information.
Contact Information – It is recommended that you not have this information on your account (other than the e-mail address that is required to sign-up for an account). If you must have this information on your account, it is recommended that you set the privacy level to “Only Me.” If you decide to share this information, consider carefully who you share it with. And while there is a space for your home address, this information is not required and should NEVER be available to the public. You control who sees your contact information. To change who can see this information, change your privacy settings to limit who sees your contact information.
Networks
Think about whether you want to join any networks, because doing so makes your profile easier for others to find. Depending on how you feel about others finding you (as opposed to say you finding them), this might be either a good thing or a drawback.
Regional Networks - this simply reflects the area – usually a city, but may be a larger geographic area – where you live.
High School Networks – only students currently attending a school can join that high school’s network. In order to join a high school’s network, Facebook requires that you “friend” current classmates who are already members of the school’s network, then ask that they confirm that you attend school with them. Once it has been confirmed that you are currently enrolled at that school, you will be joined in the school’s network. Remember that networks are public information, so if you join your school’s network, anyone who views your public profile will know what school you attend.
College Networks – only students who are currently attending a college, or are alumni of that college, can join a college’s network. In order to join a college’s network, Facebook requires that you add a school-issued email address, to which you have access, to your profile (for example, if you want to join University College’s network, you must attend University College, which you prove by adding your University College e-mail address – i.e. This e-mail address is being protected from spambots. You need JavaScript enabled to view it – to your profile).
Accepting friend requests
The web is a fun and exciting place. One reason that is the case is because there is such a wide diversity of people present on the web. And although it might seem fun to “meet” new people through the web, it is wisest to only accept friend requests from people you know in real life. While people should be open and honest about their identity when creating a profile on a social networking site, the truth is that anyone can make up a name and post a photograph. If you have 500 Facebook friends can you really say that you “know” all those people?
Depending on the privacy settings you have set-up, your Facebook friends may have access to a lot of personal information about you. Someone who has access to your profile can tell a lot about you. A person who is able to see your photos – both those you have posted yourself and those that your friends have posted and tagged you in – may be able to determine even more. A person you are Facebook friends with may be able to figure out where you live, where you go to school, where you spend your free time, what kind of car you drive, what your friends and members of your family look like, even your siblings’ names! This is far more information than many of us would give to a stranger face-to-face, yet if you accept every Facebook friend request you receive, you risk doing just that.
“Checking-in” at locations – and allowing others to check you in
“Checking-in” uses the old mobile Places app that posts to Facebook about where a member is at the time that member “checks in.” The newer way to do this is by a member simply posting where they are at that time. Members can also tag any friends who may be with them in the post. If you are tagged in one of these posts, it will show up both on the profile of the person making the post and on yours – and therefore in friends’ News Feeds. Checking in and being tagged in posts could raise safety concerns because it could make it easier for those who don’t know you to find you and/or to know where you spend time. Allowing others to check you into places, or tag you in posts without your approval, could cause even greater concerns because their settings control who sees those posts, not yours. Find out how to control whether other people can check you in or tag you in posts.
Other Issues
You may also want to read Facebook’s general FAQs, which includes information on matters from profile privacy to tagging in pictures and posts.
Did you know that law enforcement agencies, or other governmental entities, may be able to acquire the data you’ve posted on Facebook or Twitter, even if you aren’t “friends” with any police officers or don’t count government employees among your followers?
Law enforcement officials may be turning to social media when they have a suspect in a crime they are investigating. Information found on sites such as Facebook or Twitter can give police information about what a suspect looks like, where that person spends a lot of time, and who they spend their time with. And while sites like Facebook provide fairly good privacy protections, not everyone is aware of them. And others actually choose not to use them, allowing their information to be available to the public. Even those who would normally ensure that their information is private sometimes don’t realize that their own settings don’t cover all of their actions. For example, “events” created on Facebook are often public, as is the list of those who are attending. And if you post on a friend’s wall or comment on a friend’s status or photo, their privacy settings – not yours – control who can see that post. Information that is publicly available may be accessed by law enforcement with no action other than logging on to the site.
According to federal law, police agencies or other government entities that want “private” on-line information held by a third-party (in these cases, sites such as Facebook, Twitter, MySpace) must obtain an order from either a state or federal court to get certain information such as your e-mail address, phone numbers (including mobile) and contact information you registered with Facebook, or when you created your Facebook profile. Law enforcement may also wish to seek more information about you, such as your status update history, your wall posts, a list of your “friends,” a list of the Facebook Groups you administer or belong to, videos you’ve uploaded or been “tagged” in, photos you’ve uploaded or been “tagged” in, your IP address, or Private Messages retained in your message box. An IP (internet protocol) address is a unique locator that can be used to identify a specific computer. In order to obtain this more in-depth information, law enforcement must obtain a search warrant. In order to do that, they must first show a court that they have what is called “probable cause” that the information they are requesting will in some way aid them in an investigation.
While most online social media sites have been advocates for limiting government access to the information they hold, they still have to comply with the law. The Facebook Data Use Policy states, “[w]e may share your information in response to a legal request (like a search warrant, court order or subpoena) if we have a good faith belief that the law requires us to do so.” This means that, if the police or any government agency believes the content of your Facebook page could aid them in an investigation, that entity can seek a court order allowing them to access the information on your Facebook page without your permission or knowledge. And you have already agreed to this, because the Data Use Policy is part of the Facebook User Agreement, which is called the Statement of Rights and Responsibilities. The Statement says, “[b]y using or accessing Facebook, you agree to this statement.” That means that every member of Facebook agreed to the Facebook User Agreement just by signing up for an account. Accepting this agreement is also their notice to you that this type of action is a possibility, so they don’t have to notify you if, or when, they are served with an order for your information.
It may sound like something that would only happen on Law & Order, but according to a Reuters article published in 2011, more than two dozen warrants to search individual’s Facebook pages have been issued by federal judges in the last three years. While these numbers do not mean that searching Facebook has become an everyday law enforcement tool, you should still be aware that the mechanism is available to them. By taking a look at Facebook’s policy on compliance with legal requests we can see that information from as far back as 90 days before the request can be obtained with a search warrant. The information that can be obtained once enforcement officials have a warrant might include access to your friends list – including friend requests you have rejected, private messages, photos, wall posts, records of events you have attended in the past or are planning to attend in the future, and the location information attached to any of these. If information is obtained legally, using a properly obtained search warrant, then it can be used in court.
Another popular website, Twitter, has a lot of members, though not as many as Facebook. On Twitter members may post “tweets,” which are 140 character messages that are essentially status updates. These tweets then go out to those members who “follow” the person tweeting, but tweets generally can also be accessed by anyone with a Twitter account. Twitter also makes quite a bit of user information available to the general public. According to Twitter’s Privacy Policy, publicly available information includes your profile image, background image, and tweets, along with any metadata (information such as where, when and how the post was created) associated with those tweets. In addition, the user has the option to share their location, a URL (or “link”), and “bio” information about themselves. This information is generally public as well. Tweets and user names are also searchable, so if you have an account in your name, anyone who uses a search engine to try to find out more about you is likely to come across your Twitter account, and your tweets. Again, everything in this policy is something that you agree to by signing up for a Twitter account.
Twitter does, however, protect information that you mark as “private,” or available only to “followers.” In their Privacy Policy, Twitter states, “[w]e may preserve or disclose your information if we believe that it is reasonably necessary to comply with a law, regulation or legal request; to protect the safety of any person; to address
fraud, security or technical issues; or to protect Twitter's rights or property.” But compliance with the law means that law enforcement or government officials must obtain a court order or search warrant authorizing them to seek private information before they can get it. And Twitter has a policy of notifying their member of the information being sought, unless they are prohibited from doing so by the law or the court. But by the time you hear about it, Twitter will have already complied with the request and your information will be in the hands of the officials seeking it.
Other social media sites and websites around the internet have their own policies, but these are fairly representative of how most sites operate. Most of us don’t think twice about posting personal information on these sites. Many of us think social networking sites are safe because they provide some measure of security. Some think that the only ones who can see what they are doing are those they have labeled “friends.” But the bottom line is that once your information is on the web, it can very easily – and without your knowledge – leave your control. Law enforcement can obtain access to your information, whether or not you allow it, and generally without your knowledge. Always think twice about anything you post on the internet.
