Information Technology and Ethics/Privacy and Social Networking sites

Our personal information is more susceptible than ever in the era of social media. Privacy has grown to be a top issue for consumers as social networking services gain more and more traction. Although these websites provide users the opportunity to share private information with a big audience, they also put them at risk of identity theft, cyberbullying, and other online dangers. The subject of privacy on social networking sites has emerged as being crucial in this context. The purpose of this introduction is to discuss the difficulties users have in maintaining their users' privacy on social networking sites.

Social media alludes to websites and applications that are designed to allow people to share content quickly, efficiently and in real-time. It can also be said that social media are apps on smartphones or tablets, but the truth is, this communication platform started with the use of internet in computers. It started with just being part of groups, and went on to online chat rooms to fully functional websites and apps that people use to share videos, pictures and thoughts, marketing, dating as well as influencing others.

So then arises the question of what is the difference between social media and social network? Social media means the content that one posts online. It could be a blog, slideshow, podcast etc. Whereas social networking site is the medium via which a person can create relationships, communities, followers etc. Furthermore, one can also say that social networking is just a subset of social media.^[1]

A look into the background can help widen the horizon for understanding how social media got so relevant in the first place. Backing up all the way to 1978, BBS was created which is Bulletin Board System accessible via dial up model and was used primarily for communities which had specific interests. Next came along CompuServe which became popular where people could share files, access new and other events. They could interact via email. AOL and Yahoo Groups in 1994 was the very first originator to social networking sites, where one could be part of communities and the members had a profile. Fast forwarding to 2002, where came Friendster, which encouraged people to bond with common interests. Also, in the same year, LinkedIn launched with an aim of career networking but did not gain much traction until 2010.^[2]

In 2003, Myspace came into existence , where youngsters could see each other's activity as long as they were part of each other's networks. In 2004, came the biggest game changer and that is Facebook which connected people with their friends and a lot of other features that were enabled along with posting videos, pictures and content sharing among friends and also other people who could search you online. Then came in 2005, YouTube which was exclusively a video upload and sharing platform and still is the number 1. In 2006, Twitter came into existence which limited interactions in the form of comments and posting tweets. Instagram made its debut in 2010 with the focus of being the sole photo sharing/editing app and then came Snapchat in 2011 which allowed to share moments with friends.^[3]

As one can see this is how social media started gaining momentum and with different websites/apps offering unique features on their platform it became essential for every youngster/general public to become a part of this to keep up with the times and stay connected to everyone as much possible. Social networking sites which are the most popular today are Facebook, Messenger ,Instagram, Snapchat ,Twitter, Whatsapp and TikTok.^[4]

That being said, the advent of social networks brought on a host of various concerns and the biggest concern for social media is privacy. But for a long time, very few people were actually aware of privacy. In fact , since it was so new and the young generation as well as the older ones who got connected to a lot of acquaintance and new friends, they did not realize that their conversations in a lot of social network platforms could be viewed by other people as well. That is just the way the social network platform algorithms were built that allowed people outside of connections to view content and also follow/stalk other people including the activities of a person on that particular social networking site.

According to a 2014 survey, 91% of Americans “agree” or “strongly agree” that "people felt that they lost control over how personal information is collected and used by all kinds of institutions". 80% of social media users said they were uneasy about advertisers and organizations having a way to use the data that was posted on social media platforms and 64% were of the opinion that government should be more proactive on data handling, as this data was being used by marketers.^[5]

Social networking sites continue to be a worry despite continued attempts to resolve privacy issues. A significant incident involving the political consulting firm Cambridge Analytica, which illegally stole data on millions of Facebook users, impacted Facebook in 2018. It is expected that new methods for defending user privacy and making sure their personal data is protected online will emerge as technology advances. Overall, social networking sites continue to play a big role in our lives, but privacy protection is still a top priority when using them.

In an independent study, according to CPO magazine it was found that the privacy cannot be completely possible as friends always make it a likelihood of sharing the user's information to other people outside the network as well. There is also something known as a concept of choice of individual privacy that is completely dependent on an individual as to how much information they want to share with the world.^[6] Looking at the above statement, an advocate of the individual privacy will say that one cannot completely obscure information from everybody. So, it is better to not put it online at all. Some who do not agree with it say that one should not expect privacy to be a big factor if they are sharing personal information on social media as they are doing it by choice and leave it to be viewed by friends and those who wish to see their information.

In today's digital environment, privacy concerns with regard to social media are a big problem. Here are a few instances:

These settings are built in a way that if a user is not vigilant, they might end up sharing not only their personal data but also their activity unintentionally to companies and other third party who are always looking towards improving their own websites accessibility and marketing.

Enabling GPS location of the user's taking the data from the cell phone, this "can be used to build up a picture of your everyday movements. Location data can be coupled with other data and aggregated to create a very specific picture of an individual’s life and habits".^[7] This also encourages stalking and can also be used for nefarious purposes other than the invasion of privacy.

Hacking can lead to stealing a user's identity and can also ruin a person's reputation and image in front of their friends and followers if wrong things are posted online and different kinds of malicious acts are committed from their accounts ,which include stealing credit card numbers, bank account numbers and login passwords.

Creating fake profiles, trying to seduce younger teenagers and luring them out to physically abuse them or emotionally blackmail either them or the people that are known to each other can go on indefinitely until reported. Especially if intimate pictures/videos/audios are leaked online by the perpetrators.

Not only the location can be tracked , if enabled on the phone by a potential stalker, they could be also keeping eyes on the target's move every time of the day. This helps the lurkers to actually judge and try to know the person based on their target's online activity and then maybe plan their own moves accordingly to harm their target or kidnap them or worse.

People can be bullied and harassed online, frequently in an anonymous manner, via social media platforms. This may adversely affect a person's mental health and general wellbeing.

Deepfake technology allows for the creation of fake pictures and videos that may be used to disseminate propaganda and false information.

Social media networks gather a ton of user information that is frequently utilized for marketing and advertising. Users may not be aware of how their data is being utilized, which raises privacy issues around this data collecting.

Social media platforms may divulge user information to outside developers, marketers, and other businesses, raising questions about how that information is utilized.

In the upcoming paragraph taking a look at how Facebook and other companies took advantage of the non-existing privacy laws and why because of them new rules have been created.In a way they have definitely brought on change with the new times and also exposed the need to have stringent policies and laws in the first place.

This started first in 2006 ^[8] when there was a lot of noise regarding Facebook Newsfeed feature of the networking site and the concern that arose was that this endorsed stalking and also is an intrusion of privacy. The user had very little control over the information that they were sharing at the time, including changes in user's profile and other details related to them. This was resolved when Zuckerberg introduced privacy feature for the newsfeed and apologized for not taking into consideration the user's input when it came to privacy. Similarly, after three years and then consecutively since Facebook was the reigning social networking site at the time , they introduced a series of changes thus constantly targeting the privacy of users.

Some of the other major events include :

2007 to 2009 - Facebook launched 'Beacon' which let its users who shop at third party websites broadcast their purchases to their friends on it. Facebook receives this third-party information and shares it unless user opt-out during a brief pop-up window at the third-party site. This received a lot of backlash where some organizations like MoveOn.org demanded that Facebook allow explicit opt-out from sharing this information. Later on, they did modify the privacy features of Beacon, giving users limited opt-ins. By almost the end of 2008, Facebook launched 'Social Ads' which let "marketers create Facebook profiles and purchase advertising targeting other users profile information. Further, a user’s name and picture will be shown to their friends in promotion of a product after that user interacts with the marketer in some way”. European expert group issued a guidance on how the user's privacy should be maintained and the information related to them should be handled. “Topics included processing of sensitive data and images, advertising and direct marketing, and data retention".^[8] Facebook announced changes in their user privacy settings but did not address the concern of user's data being shared with third-party via targeted advertisements. Canadian Privacy Commissioner also recommends that Facebook should improve on their privacy.^[8]

2010 to 2012 - Twitter joined Gmail and Facebook to use "https" functionality by default for all users in order to secure data and protect privacy . Facebook timeline changed their user privacy setting again to "post archived user information, making old posts available under Facebook's current downgraded privacy settings".^[8] It also came to light that DHS was using Facebook and Twitter for secret social network monitoring program. Maryland passed Bill that forbids employers from requesting Facebook information and California, Illinois followed suit as well. Myspace was caught engaging in deceptive practices and had to pay a settlement , since they were revealing personal information to third party despite promising to protect the same. Facebook also acquired Face.com which brought on a host of privacy concerns over biometric data of individuals.Towards the end of the year 2012,Facebook updated their privacy controls and removed profile safeguard from profiles. Instagram also released their changes around this time in terms of privacy policies which raised some more legal questions.^[8]

2013 to 2015 - Snapchat was investigated as they were still accumulating PII despite claiming that users could delete their videos and pictures forever , WhatsApp were questioned and complaints were raised regarding Facebook acquisition of the same. Facebook starts tracking user across the web without consent after policy changes.^[8]

2018 - Facebook Cambridge Analytica scandal made huge news. Cambridge Analytica breached into the personal data of millions of people's Facebook profiles without their consent and used it for political advertising Facebook got a lot of flak for this scandal and Facebook had to take their privacy policies into new consideration to keep their company afloat and retain their consumers.^[9]

A lot of reforms have been done to address the privacy concerns including introducing laws to changing privacy policies of how social network platform should be maintaining to retain their customers. Below are the relevant laws related to social networking:

1. Privacy Act of 1974 - "No agency shall disclose any record which is contained in a system of records by any means of communication to any person, or to another agency, except pursuant to a written request by, or with the prior written consent of, the individual to whom the record pertains" , it also depends on 12 exceptions.^[10] This basically meant that companies at the time were not responsible for actually letting their consumers/any other agencies know that what kind of their personal information was being used until and unless there was a written request and or a written consent of the person, to disclose the same except under certain 12 conditions. Some of these included providing this information to government agencies , if requested via court orders, for the benefit of health or safety if deemed important for an individual , law enforcement agency, debt collector's office, for statistical research, Freedom of Information Act , to name a few. These exceptions in the later run did become points where companies like Facebook, Snapchat, Twitter could bypass and still use their user's profiles to target ads and sell their data to third party agencies as well as also become targets for stalking, abuse, social profiling and various other illegal acts.
2. Employee and Student Privacy Protection Act - This holds back employers and educational institutions which have particular power over employees and students from making such demands. It allows employees and students to preserve the privacy of their personal online accounts. It was approved by Uniform Law Commission and is yet to be adopted by several state educational institutions as well as a few employers in the states where it has not yet been adopted.^[11]
3. GDPR - General data protection and regulation Act was introduced in April 2016 and adopted in May 2018. This Act forces companies to improve the protection of their users’ data and to make it easier to understand what kind of data is being collected and for what purposes. They can be fined up to 4% of their global revenue or 20 million euros which is a hefty fine. Also, since companies collect data from everyone globally and this is applicable to European Union citizens explicitly, companies get their privacy policies compliant to GDPR rules for everyone. This is a win for consumers as their personal data is liable to be protected, have more privacy and also be informed if their personal information has been involved in a data breach.^[9] More details of GDPR can be found in the section of Privacy and Data Protection, in this chapter.
4. CCPA - California Consumer Privacy Act went into effect on Jan 1, 2020. This was created to curb the companies to collect personal information like birthday, phone numbers ,email addresses and other data. Social media giants like Facebook, LinkedIn, Twitter, Instagram, Snapchat and others have to comply with this and accordingly update their privacy policies to keep their consumers especially in California, notify them on what information is being used and possibly allow to opt-out from sharing the same to third party networks.^[12] More about CCPA is also mentioned in the section of Privacy and Data Protection, in this chapter.
5. COPPA - The United States' Children's Online Privacy Protection Act (COPPA) governs the gathering of personal data from children under the age of 13. Before collecting data from minors, businesses must get approval from the parents.^[13]
6. LGPD - A Brazilian legislation called the Lei Geral de Proteço de Dados (LGPD) governs the gathering, exploitation, and processing of personal data. It offers people the right to access and delete their data and mandates that corporations acquire authorization before collecting or processing personal data.^[14]
7. PIPEDA - The Personal Information Protection and Electronic Documents Act (PIPEDA), a Canadian legislation, governs how personal information is collected, used, and disclosed in the private sector. It guarantees people the right to access and update their personal information and mandates that businesses acquire consent before collecting personal information.^[15]
8. HIPAA - The Health Insurance Portability and Accountability Act (HIPAA), a US statute, controls how personal health information is used and shared. Patients are given the right to access and manage their health information, and healthcare practitioners and organizations are required to put measures in place to preserve patient privacy.^[16]
9. ECPA - The US law known as the Electronic Communications Privacy Act (ECPA) governs the intercepting and sharing of electronic communications. Before accessing electronic communications, like as emails and text messages, government agents must acquire a warrant.^[17]
10. Privacy Shield - Personal data can be transferred from the European Union to the United States under the EU-US Privacy Shield agreement. It offers EU residents the ability to access and update their personal data and imposes rigorous data protection rules on US businesses.

The following actions may be taken to maintain your privacy when using social networking sites:

1. Read the privacy policies: Read and comprehend the privacy rules of the social networking sites you use in detail. Find out more about the handling, sharing, and collection of your personal data.
2. Adjust your privacy settings: You can manage who may view your information and activities by adjusting the privacy settings on most social networking sites. To ensure that they haven't been altered without your awareness, check these settings frequently and adjust them to your comfort level.
3. Use two-factor authentication: Two-factor authentication adds an extra layer of protection by requiring a different form of identification in addition to your password, such as a text message or authentication app.
4. Take care with what you share: Before posting private information, images, or videos on social networking sites, give it some thought. Think about the audience for your postings and the potential applications of your data.
5. Follow up on your accounts: Check your social networking accounts frequently for any illicit activity or updates to your information or settings.
6. Stay up-to-date: Follow news and advancements around privacy and social networking sites to stay current. Consider reading reliable news sources and participating in privacy and security-related workshops or webinars.

Overall, maintaining an awareness of privacy issues and social networking sites calls for taking the initiative and making a commitment to consistently reviewing and modifying your settings and behavior.

In conclusion, since social networking sites first emerged, privacy has been a big worry. Despite the fact that these platforms have taken steps to allay these worries, including putting in place privacy measures and user permission requirements, there continue to be issues with data collecting, third-party access, cyberbullying, and deepfake technology. Many nations have put in place different rules and regulations to safeguard user privacy online in order to allay these worries. Users need to be aware of these privacy issues and take precautions to secure their personal information online as social networking sites continue to play a large role in our lives. In the next section, one can read about how privacy is impacted by Internet of Things.