Are Social Networks Exploiting Our Security?

by Prasant Naidu on June 7, 2012

in Insights

social media privacy

Image courtesy:theantisocialmedia.com

Security, one of the biggest fears of Internet users is the most overlooked issue by social media sites. The recent revelation that LinkedIn syncs the confidential details of users who are accessing the network via Apple devices such as iPhone and tablet adds further disgrace to the situation. Adi Sharabani and Yair Amit discovered that LinkedIn’s iOS apps collect details from one’s iOS calendar and transmit it to LinkedIn servers.

This action is without a clear indication to the app user, thus violating Apples’ privacy guidelines (section 17.1: “Apps cannot transmit data about a user without obtaining the user’s prior permission and providing the user with access to information about how and where the data will be used”), as stated in the Skycure Security blog.

The blog further highlights that most of the confidential data of a user is not required for the app’s functionality. So one wonders why LinkedIn indulged into collecting and sending out sensitive information about users?

LinkedIn is not the first network to do so, networks such as Facebook, Path, etc. have been following this disturbing trend. Facebook has a history of criticism against continuously ignoring online security of users. From tracking users offline to keeping most of it’s product settings default, the number of people who have lack of trust on Facebook due to  security issues, has increased. Very recently it was found by a blogger that Path, popular photo sharing network automatically uploads iPhone user’s entire address books to its servers. The list of examples is a long one and the concerns are not going to decrease with the advent of social apps and iOS apps.

So is it a mistake or a deliberate effort? Joff Redfern, Mobile Product Head at LinkedIn has been quick to address the situation via a blog post at their end. Joff in his blog post states that LinkedIn cares about its members trust and has assured that LinkedIn is going to adopt essential steps to remove the recent dust of mistrust. Joff further clarified that LinkedIn will no longer transmit data from the meeting notes section of an individual calendar event and that they have added a ‘Learn More’ link to explain how LinkedIn is using your data. In fact a similar kind of statement was also issued by Path Founder and CEO, Dave Morin after the Path controversy that the address book was uploaded  to their servers in order to help the user find and connect to her friends and family on Path.

However, there are three questions that I would like answered here:

1. Why don’t networks make it an opt-in feature from day one?

2. How could apps like LinkedIn, Path make it past Apple’s famous strict vetting process?

3. How can we sure that the data is only being used for effective functioning of the app?

In today’s social age, I wouldn’t be surprised if it is revealed that our social data is being used by marketers to reach out to us in a smarter way. Today businesses are desperate to access your social data so that they can target you better. And this is a dangerous trend. As a common man, we are not aware who is accessing our private data and how!

Max Schrems was shocked to see his personal data that he had deleted earlier, to be present in the CD that was provided to him by the California Facebook office. It just goes out to show how many bytes of our data most of the social networks have under their belt and which we are unaware of. The Guardian sums it all in this one liner:

Information is power, and information about people is power over people

Do you think that security is often taken for granted by social network sites? Or are we ready to share every thing with the world?

Prasant Naidu

Founder and Blogger at Lighthouse Insights.

Twitter - More Posts

  • http://twitter.com/oldfox004 Vinaya Naidu

    Shouldn’t governments be serious about this? How will the common man ever know how his data is being manipulated for somebbody’s profit? Or is it that this is the big nexus between government and the businesses that fuel them?

    We are all pawns in this vicious circle. Remember mobile phone companies?

    • http://lighthouseinsights.in/ Prasant Naidu

      We are pawns and corporates hold the string of a governments functioning and funding :) India should have laws like Europe atleast.

      • malharbarai

        We do have laws, but its the lack of implementation or understanding of the web etiquette that is effecting it.

        • http://lighthouseinsights.in/ Prasant Naidu

          Hope we are not relating it to IT laws and yes awareness is very much required in a country that is struggling to gain understanding of Internet.

  • Afaf Waris

    Finally found some great post on security breach by social networks. This question has been bugging me since past few days that with the emergence of social media bubble, the security issues are also on the verge of explosion. I will also be making a post soon on this issue. thanks.

    Please visit: http://www.marketified.com for any SEO/SMM assistance and guidance.

    • http://lighthouseinsights.in/ Prasant Naidu

      Glad the post helped you in someway :) security is one of the major issues that is being overlooked.

  • http://www.youbihar.com/ Shalu Sharma

    They probably are. Who knows what they are doing?

Previous post:

Next post: