An insurance expert told the Britain’s Telegraph newspaper that using location-centric mobile social services like Google Buzz, Twitter, Facebook and Foursquare could raise your home insurance premiums, or even result in the denial of insurance claims.
A gag Web site launched this week called “Please Rob Me” raised an ugly but obvious truth about location-based mobile social networking: When you tell the public where you are, you’re also telling burglars you’re not at home. The site originally displayed a real-time stream of Twitter and Foursquare posts that might interest criminals.
Twitter has since pulled the plug, apparently, and now all Please Rob Me posts are from Foursquare. Each post begins with the user’s name, followed by “left home and checked in” followed by an exact address of where the person is.
Insurance industry watchers like the one quoted by the Telegraph predict that after customers get burglarized and file claims on stolen property, the insurance companies will probably investigate to see whether the customer broadcast information over social networks in a way that constitutes “negligence.” They could also make “social networker” the homeowners insurance equivalent of “chain smoker” in health insurance — a category of customers who are charged higher premiums.
In my “Inside Google” blog yesterday, I wrote a detailed post titled “How to rob somebody using Google Buzz.” My point was that even though Twitter and Foursquare can expose users to crimes, Google Buzz is even more compromising.
In a nutshell, using Google Buzz’s mobile location feature, in combination with Google Profiles and other free Internet-based services, crooks can quickly find out who you are, where you are, what you look like, where you live, and when you’ll be home. Scam artists can troll for suckers, then grab all the information they need for their scam.
This is bad news for Google in the wake of its already problematic Buzz rollout. When Buzz first hit, users were automatically “followed” to a list of people they e-mailed most often. Unless users were savvy enough to change the privacy settings on Google Profiles, which most Gmail users probably didn’t even know existed, their lists of most-frequent contacts was made public. Doctors and lawyers had patients’ and clients’ identities revealed. Personal contacts were exposed to employers. Mistakes were made. Google apologized and fixed the problem, but not in time to stop a class-action lawsuit.
It’s easy to pick on Google, because its services are so popular and because Buzz is so new. But the truth is that Buzz is just one small part of the new “social insecurity.” We’ve innovated our way into a strange new world of privacy compromise and confusion.
Why you can’t know how much privacy you have
We now live in a world of online services where privacy is often violated by default.
To understand this and do something about it, you need to be an exceptional person. The average user or consumer can’t or won’t figure out how to safeguard his privacy.
A minimal safeguarding on personal privacy nowadays requires users to take intelligent action regarding deeply buried, little discussed, often confusing and relatively obscure settings in Facebook, Gmail, Profiles, Twitter and a world of other online social services — and most of all one’s own cell phone.
Are your Facebook photos set up to be public or private? When you post pictures of your kids or spouse on Facebook, are those pictures made available on image search sites? Are creepy weirdos finding those pictures using Google, Bing or Yahoo image search and then reposting them on creepy weirdo Web sites?
When you post using Google’s mobile Buzz app, are your tweets going to only the people following you, or the whole world?
Is your cell phone’s GPS location feature on or off? If it’s on, is any service, company or individual person able to get access to that data?
I’d be willing to bet that more than 90 per cent of users can’t answer those questions. But even the most skillful users often can’t know how much privacy is being violated.
For example, we know that Google’s computers read all of our e-mails every day. Special software scans the words we send and receive so Google can post ads next to the messages related to the conversations. Do Google employees ever read those e-mails, maybe as examples for research or marketing? How would we know if they did? And if we trust Google (and I do think Google is a trustworthy company), is the U.S. government reading your e-mail? How would we know if they did? And if you trust the U.S. government, is theChinese government reading your e-mails? Hackers? Blackmailers? Your employer? How would we know if they did?
It’s not that you don’t know who’s reading your e-mail. It’s that you can’t know. You will never know.
As Scott McNealy famously said 11 years ago: “You have zero privacy anyway. Get over it.” But it’s not that simple anymore. He was talking more about concern over compromised privacy by companies and governments, which could potentially somehow use your private data for purposes you don’t approve of. But now, thanks to social services that didn’t exist when McNealy uttered his inconvenient truth, the whole privacy issue has exploded.
We still have to worry about governments and companies, but now we must be concerned about employers, criminals and even family members.
Here are five examples of the many weird new ways privacy can be violated.
1. Facebook photo tagging. You’re a respectable citizen, a pillar of the community. You’re active in the chamber of commerce, and local charity organizations. You’re a senior officer in your company, and a church elder. Your kids think you’re perfect. Then your old high-school buddy posts a picture of you vomiting shirtless at a debauched punk rave in the 80s with a cigarette in one hand, a bottle of Jack Daniels in the other and a purple mohawk on your head. He tags you, which puts that photo on your Facebook Wall. Now that photo has been shared with your mother, your kids, your boss, your colleagues. Once seen, it can’t be unseen. If anyone copied the photo, it’s now “out there.” Forget about ever running for public office.
2. Google Buzz people harvesting. When you fire up Google Buzz on your iPhone, Android phone or — soon enough, presumably — any smartphone, and hit the “Nearby” button, you get a list of posts from strangers listed in order of which is closest. Their usernames can lead to their profiles, which probably enables contact via e-mail (like Craigslist, e-mail addresses can be private, but anyone can still send e-mail through Profiles). What’s to stop any business from firing up Buzz every day and harvesting contacts of people who come to the neighborhood?
3. Street View evidence gathering. The chances that you personally will appear on Google Street View round to zero. The chances that a great many people will be exposed on Street View doing something embarrassing round to 100%. Thanks to social sharing, every transgression captured by a Google Street View van will be exposed, broadcast, shared and stored forever on hundreds or thousands or millions of hard disks across the world. If you’re one of the lucky few caught doing something unpleasant on Street View, people you know will find out about it. And funny photos are forever.
4. Social group mixing. It’s easy to forget who’s following you. Facebook users often post compromising information. Somebody might, for example, report the he called in sick to go to the beach — forgetting that his boss is one of his Facebook friends. Young people might have peers in mind when they post, and forget that mother is lurking. And on social networks like Twitter or Buzz, it’s possible that people you know are following you under a pseudonym.
5. Set-it-and-forget-it sharing. New social services come along all the time. We sign up, try them, then forget about them when newer and shinier things come along. For example, Google came out with the Latitude location service a long time ago. Did you try it? If so, did you turn it off? Are you still trackable? The harsh reality is that most of us have no idea if we’ve left a trail of privacy-compromising services in our wake.
McNealy was right of course. Theoretically we have zero privacy. A motivated and skillful person or organization can always learn things about us that we’d rather keep to ourselves.
It’s still a good idea to practice common sense when using the Internet. Don’t blather information that could be useful to crooks. Be careful about what you share, and whom you share with. Take care in broadcasting your location, either manually or automatically. But even the most meticulous anti-social-networker can’t really achieve true privacy.
The strange new reality of “social insecurity” is this: The best we can do is make the violation of our privacy a little less convenient for those who would exploit us.
Mike Elgan writes about technology and global tech culture. Contact Mike at email@example.com or his blog, The Raw Feed.