How to maintain your privacy on social media
Even the most privacy conscious individuals can be caught out by misconfigured accounts
Your social media account is unique among all other forms of data capture. For most users, they represent a digital expression of their identity, or at least a version of their identity that they favour the most.
This goes beyond simple data capture and into the realms of identifying habits, opinions, tastes, who you relate to and the nature of those interactions, what makes you laugh and cry, what outrages you, and what your mood is at any given time.
Social media has always relied on the collection of personal data, and while there have long been concerns about what control organisations have over your uploaded posts, images and videos, the idea of user privacy has only recently entered the public consciousness.
Although some of the biggest social media sites have faced their fair share of controversy over the years, it wasn't until Facebook's Cambridge Analytica scandal in early 2018 that regulators, industry, and the wider public started to really appreciate how valuable to personal data can be, particularly to those looking to exploit it.
People are today far more aware of the potential risks of social media. They distrust that social media companies are capable of handling their data ethically and have come to expect that data will be leaked at some stage.
Yet there are steps you can take to rein in some of the more unsavoury social media practices, without having to deactivate your account entirely.
As the biggest social media site in the world, Facebook enjoys 2.3 billion monthly active users. Unsurprisingly, the platform has also faced the highest number of controversies, which include widespread scrutiny over how it handles user data.
The site has faced numerous lawsuits and regulatory filings over the years, including a settlement with the Federal Trade Commission in 2011 after allegations the site deceived customers over privacy pledges.
The biggest controversy hit the company in March 2018, when Global Science Research was able to sell data belonging to 87 million users to political analysis firm Cambridge Analytica. The scale of the incident was fully understood when it emerged that just 270,000 users had engaged with an application and agreed for their data to be shared, but that Facebook API policies had allowed data from friends and family to also be collected as part of the sale.
However, Facebook's troubles did not end there. Just a few months later the company revealed that a system bug led to 14 million users having their default sharing status for posts set to Public'. A year later, data belonging to around 500 million users was found sitting on a publicly accessible AWS server.
How to improve your Facebook privacy
Given the size of Facebook, and the various tools, applications and features that have made their way to the platform over the years, the privacy section of its website can feel a little intimidating. However, one of the more useful tools the platform has introduced is the ability to download all the information that the company holds on you, which can be truly eye-opening
Facebook offers four profile settings to fine-tune what data you share with others, all of which can be accessed from the Settings menu. A Public' profile will share data with everyone, including sites that are able to access Facebook's APIs. A Private' account will only share posts with your friends, the Custom' setting allows you to select specific users to share posts with, and the Only Me' setting will mean that only you will see your posts.
There's also a much deeper set of tools available in the Privacy' section of the settings. Here you're able to choose who can see your profile data, your future and past posts, the people and pages you follow, friend requests, friends lists, as well as decide whether you want search engines to link to your profile. It's also possible to set up a Timeline review process, where you're able to check through any photos and posts you're tagged in before they appear on your profile.
One of the newer options is the ability to limit whether Facebook is able to automatically run facial recognition technology on your photos and videos.
Facebook also allows you to control what access advertisers have to your data, including turning it off entirely. To do this, simply access the security section of the Settings menu, and disable third-party application access. Before you do, though, it's worth taking a look through the list of what personal data is currently being accessed by third-party apps - some of these might surprise you.
Alongside Facebook and Instagram, Twitter has become widely recognised as one of the leading social media platforms in the West, particularly for current events and news. It's because of this that people are often surprised that it only attracts approximately 321 million users per month as of 2018.
Twitter has taken steps to protect user privacy over the years. A Do Not Track' option was introduced in 2012 that allowed users to block a website's attempts to access their cookies, and following a string of high-profile account hacks in 2013, two-factor authentication was also added.
However, this hasn't prevented privacy controversies from popping up on the platform, although the majority of these have been the result of lapses in security. The platform famously became the victim of a cross-site scripting worm in 2010, with users having their browsers infected by malicious scripts when they hovered over blacked-out sections of tweets. This resulted in a spree of invasive pop-ups and adverts for pornographic websites appearing when trying to access the platform.
In May 2018 the company warned users to change their passwords after an internal log was discovered containing unhashed user passwords.
A year later, the company said it had discovered a bug that accidentally released location data from iOS devices to a third-party advertiser, although it said that no data had been retained.
How to improve your Twitter privacy
All Twitter accounts can be set to either Private' or Public', which greatly affects how your account interacts with other users.
With Private accounts, you can only send tweets to approved followers, and any previous tweets sent while your account was set to Public will be hidden. This will also strip your tweets from Google search.
If you're still worried, you can tweak your account even more by clicking Settings and Privacy' from your Twitter homepage. From here you can access your Privacy and safety' options, including the ability to protect your tweets and make them only viewable to approved followers.
From here you can also control how your account is tagged in photos, how people are able to find your account, and how much Twitter is able to personalise your feed based on your data. It's possible to turn off all personalised adverts from this menu, which includes the removal of tracking data so that adverts can't target you based on your location.
Even though LinkedIn positions itself as the professional, more grown-up version of social media, it's still not without its fair share of privacy controversies.
Sitting at around 310 active monthly users, the Microsoft-owned platform has championed the idea of the gated-access approach', where users are only allowed to "connect" with other contacts if they have a direct connection, either through existing contacts or by being referred. This in itself provides an additional layer of privacy that isn't afforded by most other social networks.
However, the company has faced a number of complaints over the years, most of which question the platform's uncanny ability to recommend potential connections, people that it should have no knowledge. While the exact algorithm behind the platform is rather nebulous, the company has been called out for specific breaches of data protection laws.
In one of its earliest incidents, the company was criticised in 2012 for its poor security practices that resulted in the theft of around 6.4 million unhashed user passwords. These accounts were also later distributed across the dark web in 2016.
In 2018, a report into LinkedIn's practices in the six months immediately prior to the enactment of GDPR revealed that the company had obtained almost 18 million email addresses belonging to people who were not LinkedIn members in order to deliver targetted Facebook adverts. The investigation by the Irish Data Protection Commission was "amicably resolved" in the end, and all we know that LinkedIn introduced a number of changes to prevent similar data misuse in the future. We also do not know how LinkedIn secured the emails in the first place.
How to improve your LinkedIn privacy
Unlike other social platforms, LinkedIn users are actively encouraged to share as much information about themselves as possible in order to maximise the likelihood of securing work and professional relationships. Because of this, maintaining an effective profile while also keeping your information protected is a difficult balance to strike.
However, the platform also offers a host menu tweaks that let you tailor what is shown on your profile through its Privacy and Settings page. Users are able to turn off activity broadcasts whenever changes are made to their profile, as well as change how much information is visible to others. By default, your photo, name, number of connections, the industry you're in and your region will all be visible to strangers, however, it's possible to make your profile anonymous.
It's also possible to tweak who is able to view your profile photo, with the option of either only 1st-degree connections, your network connections or all LinkedIn members.
You can also tweak whether connections can see your email address on your profile, and turn off your active status so that people are unable to tell if you're online.
When it comes to advertisements, you can control what appears on your feed in the Ads' section. You can opt-out of having your profile data used to personalise promoted jobs and adverts on the platform, and you can also limit what data can be collected from your activity feed, such as location data and demographics.
Four cyber security essentials that your board of directors wants to know
The insights to help you deliver what they needDownload now
Data: A resource much too valuable to leave unprotected
Protect your data to protect your companyDownload now
Improving cyber security for remote working
13 recommendations for security from any locationDownload now
Why CEOS should care about the move to SAP S/4HANA
And how they can accelerate business valueDownload now