There is a story on TechCrunch today about an experiment run by researchers at the University of British Columbia Vancouver, who infiltrated Facebook with bots and managed to gather information from thousands of users, totalling over 250GB. At first you’d be expecting everyone to be up in arms about Facebook over sharing, or having another moan about their privacy settings, but this is far from the case.

If you want the technical details of the experiment, you can read the original TechCrunch article, but to summarise, the UBC team created 102 ‘fairly believable accounts’, that would send friend requests to random people. Once they were accepted by someone, they’d then find it much easier to become friends with that person’s friends. As soon as you are Facebook sees you are friends with someone, you are then able to view whatever information they have made available to their friends.

So the bots went about harvesting this data from their ‘friends’. Facebook has no way of telling if you actually know the person you just confirmed as being a friend, so it’s not like this is flaw in the social network’s security. It boils down entirely to human judgement, and the fact that you have accepted that person as a friend without actually knowing them from Adam. For anyone to complain that this is another example of Facebook getting their data privacy agenda wrong would be rather naive.

This experiment by UBC serves to remind us all that when it comes to sharing private information, it won’t remain private for very long if you aren’t particularly stringent about who you grant access to it. I’m glad that the majority of the comments I read beneath the original article recognise this fact, as it’s too easy to blame Facebook for what is a blatant user error. Facebook is a wonderful place to share things with your friends, but as soon as you let someone you don’t actually know into your trusted network, then whatever privacy breaches that befall you are entirely on your own head. For sharing more sensitive information and data, a more private social network would be suitable.

A recent study has highlighted the use of social media in burglaries and break-ins within the UK. According to the study, 4 out of 5 ex-criminals have admitted that they believe most burglars today use the likes of Facebook and Foursquare to determine whether or not a residence is occupied, and what the value on goods contained within it might be. It is also believed that Google Street View is used to plan the actual break in itself.

The next time you post an update to a social network, just think what you are actually saying. By posting that you are off on holiday for two weeks or tagging yourself at a restaurant or airport, you are essentially broadcasting the fact that your home is unguarded. Obviously a lot depends on the privacy settings that you have in place on whatever social medium that you are updating, and also the friends you keep. But in the current digital age where data seems to slip through filters more easily than you’d hope, we are often only one glitch away from having our private online information made available to the world at large.

I don’t mean to go scaremongering, but having been the victim of two home burglaries when I was a child – by the same people no less, who were thankfully caught in the end - I know first hand how unsettling the whole experience can be. This article and infographic from Bit Rebels shows you how some minor tweaks to your social media – and real life – activities can save you a lot of distress and hassle.

UK MPs are calling for tougher punishments for those who break data privacy laws. The justice select committee, chaired by Lib Dem Sir Alan Beith, has said that courts should have the power to jail people who breach the Data Protection Act. As it currently stands, the fines - usually around £150 per breach – are somewhat “worth the risk” to people who would stand to make much more that this using the data that they have illegally obtained.

The justice select committee’s report also warned possible misuses of personal data were not being fully investigated because the information commissioner lacked sufficient powers. According to the Ministry of Justice, they “are aware the information commissioner has called for prison sentences to be made available for data protection breaches.”

Strengthening the punishments for misdemeanour may deter some, but people will still seek to make financial gains through misappropriation of others’ personal information. If people are already breaking the law, it seems slightly optimistic to think that they will suddenly stop because the crime they are committing has been reclassified. Several crimes across the world carry the death penalty, yet they are still committed. Quite crude, but you get my point.

Even though some of the miscreants who make a living by stealing and misusing private information may cease and desist, there will still be those who think they can (and often do) get away with it. With more and more data being generated and shared, the temptation for people to break the law and steal it will also increase. If you have data that is of a sensitive nature, finding a method of private secure sharing is the most sensible option available.

Earlier this month I wrote about Max Schrems and the Europe vs Facebook initiative. In a nutshell, the Austrian law student asked Facebook for a copy of his personal data (which they are legally obliged to provide), yet when it turned up the hard copy also contained data from his profile that he had deleted – information that Facebook had clearly retained. So Schrems set up Europe vs Facebook and filed 22 individual claims about the social network’s practices.

And it seems as if the complaints are already having an effect. Ireland’s Data Protection Commissioner has called for Facebook’s offices in Ireland to be audited. If the findings of the audit are that Facebook has breached Irish laws surrounding data protection, the DPC has the right to ask the company to change the way in which is handles personal data. If Facebook refused to comply with the DPC’s request then they could be looking at a fine of up to €100,000 (roughly $138,000). Given the size and net worth of Facebook, a fine that size is a rather paltry sum, but they’d more likely be concerned with the negative publicity.

But it is worth saying in the defence of Facebook that the issue of deleting data is not as clear-cut as one might imagine. The case of messages is an obvious one: if you delete a message from your inbox or from a chat, the other users involved in the conversation will still have the right to keep their copy of it. Since the new Facebook Timeline feature was rolled out, people have been complaining that it is dredging up content that they thought had been deleted in the past, and was now exposed for all to see on their wall once more. It could be argued that anything you post on the internet is vulnerable to data theft, and if you were that concerned with privacy you’d never have joined a network that connects you with another 700 million people, the overwhelming majority of whom you do not know. These two comments from a Mashable Article on this topic show how people really do have a choice as to how and what they share:

I have been using Timeline and I have had NO ISSUES with anything that I do not want being public appearing on my Timeline. Facebook clearly gives you the option to view your own profile as “public” to see and then adjust (if needed) exactly what the public will see on your Timeline. I L♥ve Timeline. If you are a very private person maybe Facebook is not for you.

- Micaela Vermillion

Who cares. Do not post anything online for the world to see if you do not want the world to see it. Everyone trying to make a buck on Facebook success. I chose what I post on a free service site. They are not forcing me. If you are not wanting the world to know forever then do not post it. Many services harvest everything you post from Facebook so even if Facebook deleted it, then it could still be available from another data provider.

- Justin Jones

So there you have it. While Facebook’s offices in Ireland may be subject to an audit, there is still an onus on you – the user – to make sure that whatever you post online is something that you are happy for the world to see, or instead find another method for private sharing that gives you ultimate control and ownership of your data.

The argument of private vs social networks continues, as another battle of ‘what to share and with whom’ takes place in America. Who is it appropriate to be sharing your daily thoughts and opinions with? Does community standing and age come in to play when deciding what you should be legally allowed to share publicly? Or are something things best kept for private sharing with a select group of people?

A piece of proposed legislation in the US state of Missouri regarding Facebook relationships between teachers and students has been repealed. The original state senate bill, colloquially known as the “Facebook Law” would have made Facebook friendships between teachers and students, as well as any sort of social networking, illegal. Quite predictably this was met by some opposition, with teachers complaining that the ban would have been unconstitutional and might be a hinderance upon education.

There were concerns from the Missouri State Teachers Association about their First Amendment rights, and after suing the state over the law, they were awarded an injunction two days before the law was meant to go into effect in August. State policy has since been amended, and the new bill signed on Friday by Missouri Governor Jay Nixon means that all school districts within the state will have until March 2012 to create their own policies on social networking.

This story does raise some interesting points in terms of what is acceptable, and what is inappropriate. They way I see it, social networking is just another form of communication – the law makers have no problems with teachers speaking to their students face to face in a class room, nor do they feel the need to stop them exchanging emails. But given the type and amount of information that can be shared on social networks such as Facebook, the situation becomes slighty trickier. There should exist certain barriers between those placed in positions of trust and responsibility, and those who are under their guidance. Too often we hear of situations whereby those in positions of trust engage in inappropriate and sometimes illegal relations with younger people.

That’s not to say that the likes of Facebook are to blame for these instances occurring – people are who they are. One of the comments I saw on the original article about the Missouri case seemed like a really good idea: if teachers want to converse with their students outside of the classroom they could create their own page. That way students can receive updates from their teacher that are to do with academic work, and the page can act as a self populating FAQ for the curriculum. If for example someone is struggling with a particular part of an assignment, they might ask the question on the wall, and other students will be able to benefit from the response.

But when it comes to what should be shared and what shouldn’t, sometimes it’s better to communicate and share privately. Someone in a position of responsibility may have much knowledge to impart, yet by granting minors access to their social networking feed the dependents may become exposed to unsuitable material. This story in Missouri is one of many instances where a selective, private network is the answer to sharing problems.

A new Facebook app is today going viral as users are encouraged to ‘Take This Lollipop‘. A colleague sent me a link on Skype and assured me in person that it was safe to click on, and that I should follow the instructions.

SPOILER ALERT: I am about to tell you what happens with ‘Take This Lollipop‘. I’m not saying anyone else should try this – you all have minds of your own, and if you want to do something, you will sure as heck go ahead and do it. All I will say is that I have done this myself and there were no ill effects to report on my own nor my friends’ Facebook accounts. I have also since removed the app with no problems (mainly because I don’t like clutter on my profile). If you do want to try this yourself, then don’t read beyond here as it will spoil it for you.

Ok, here goes. After you click on the lollipop, you are asked to grant Take This Lollipop permission to access parts of your Facebook profile etc - the usual Allow/Don’t Allow pop-ups you get when adding a new app. Upon hesitantly clicking ‘Allow’, the screen went black, and then a dimly lit corridor appeared, replete with mouldy walls and dripping pipes, accompanied by the sort of music one might expect to hear in an M Knight Shyamalan film. The first person view-point moves down the hall into a dingy room, revealing a sweaty, unkempt looking man in a dirty white singlet sitting hunched over a computer keyboard, his greasy matted hair obscuring the screen.

What followed actually gave me shivers, and it wasn’t until I picked up on a couple of inconsistencies and then realised how logistically impossible the whole situation was that I eventually calmed down. The man is seen entering a password to your Facebook login ID and then rifling through your profile as if it were his own. He scrolls through your pictures, friends, wall - everything. The feral enthusiasm with which his grubby hand strokes your picture on the screen is enough to make anyone’s skin crawl. But by the time he’d entered a placename into Google Maps and gotten into his car – with a picture of me taped to the dashboard – I was pretty unsettled. The whole ordeal ends with an ominous 1-hour countdown clock and a red lollipop on your screen, accompanied by a message reading “[RANDOM FRIEND] IS NEXT”. Oh, and of course the obligatory ‘f Share’ button.

I know, I know; why on earth would there be a multi-camera film crew (with and exceptionally good live streaming quality) waiting idly in a basement somewhere until some fool like me turns over their Facebook login credentials? The fact that this person also searched for a route to a placename that I’d never heard of helped to calm me down. Obviously it’s just a very, very clever app that uses the information you granted it access to (profile info, photos, wall, friends, etc) to scare the bejesus out of you.

I’m not aware of who has made this, but it seems to be designed to either a) scare the crap out of your friends, or b) serve as a reminder that what you put on the internet seldom stays private. If you’ve seen it, you might certainly think twice about what you post online, no matter how secure you think your privacy settings are.

Facebook are reportedly at the centre of a fresh privacy row over how much of your own data it has to hand back to you. An Austrian organisation called Europe versus Facebook has made 22 complaints against the social networks practices. Under Britain’s 1988 Data Protection Act, Facebook has to send you a copy of your data on a CD within 40 days of a request being received.

Max Schrems of Europe versus Facebook was able to receive a CD-ROM as per his request, however he noticed that some important information was missing. However, when he contact Facebook about this, they cited certain sections of the Irish Data Protection Acts of 1988 and 2003 and claimed that they had given him all the information that was reasonable without giving him any data that could adversely affect the company’s trade secrets and intellectual property; something the Irish Acts protect them from.

So what’s the deal here then? Of the 22 complaints filed by Europe versus Facebook, several of them are rather vague and flimsy – mostly borne out of user error or not reading the Ts&Cs properly – and some are actually out-dated all together. For example some people are getting tetchy about the facial-recognition tagging – this has been done to death now; Facebook changed this to an opt-in setting some time ago. However, as much as it may look like I’m trying to belittle the cause being championed by Europe versus Facebook, they do lodge some interesting complaints.

Data or content that you have seemingly deleted from your account can appear in the data received from Facebook (the aforementioned CR-ROM). This means that there is information about yourself that you do not want in the public domain, and Facebook are storing it somewhere. What would happen if this data store were to become compromised, and information that you thought was permanently deleted was suddenly in the hands of somebody else?

Whatever the outcome of this particular complaint (or series of complaints), it just further reinforces the point that while Facebook has many merits and is brilliant for sharing a lot of different things, it might not be the best option for private sharing. If you are particularly conscious about privacy, you might want to think hard about what information post on social networks and look for an alternative method of sharing sensitive data.

Although you’d more commonly associate the LinkedIn network with business orientated communication and recruitment, a study by online recruiting researchers Potentialpark has shown that employers prefer Facebook as means of interacting with students and graduates. More that 30,000 students and graduates were surveyed, and the online career presence of more than 500 companies was analysed.

In Europe, 48% of the students gave preference to LinkedIn for connecting with recruiters, with only 25% saying they’d rather use Facebook. The majority of respondents said Facebook is “not the right place” to interact with employers or that they are “uncomfortable sharing private information.” However, when it came those doing the recruiting, more that a third of the top 100 employers in Europe have a Facebook Page for recruitment purposes, many of which have upwards of 1,000 fans.

Potentialpark say the main reasons behind this are due to the huge user-base that Facebook possesses, and also state that it is a much more engaging platform than LinkedIn. By being a free to use service with no premium accounts needed for certain features, everyone is on a level playing field when it comes to interaction between employers and recruits. There is more on this is the Mashable article 7 Reasons Why Recruiters Like Facebook More Than LinkedIn.

This does pose an interesting thought though. While prospective candidates have shown that they would rather not use Facebook to engage with employers, it is clearly apparent that employers do want to use this platform. Essentially the candidates will have to do the chasing at the moment, as it is very much a ‘buyers’ market’ right now in terms of the number of people applying for each job vacancy. So if your shopfront is your Facebook profile, you might want to think about having a spring-clean to make sure there is nothing on display that could turn off a potential employer. Some things are meant to be shared with the world, but other content you should really share online privately.

Amazon’s new in-house internet browser, Silk, for their tablet computers is raising some very serious questions with regards to privacy. The Kindle Fire, Amazon’s touch-screen tablet computer unveiled on Wednesday, has the new-cloud based web browser that is a cause for concern for many.

Chester Wisniewski, a senior security adviser a British computer security firm Sophos, says that “All of your web surfing habits will transit Amazon’s cloud… If you think that Google AdWords and Facebook are watching you, this service is guaranteed to have a record of everything you do on the Web.”

The Amazon Silk browser functions in a way unlike anything else currently on the market. Ordinarily, most web browsers such as Safari, Explorer and Firefox connect internet users directly with websites, but Silk filters everything through Amazon’s own cloud-computing services. The company argue that this enables the mobile web experience to be carried out at almost double the speed at which websites currently load.

However, people concerned with privacy say there may be other consequences, stating that the web tracking also applies to secure connections, meaning in theory that Amazon could keep a log of communications made during other online transactions and even on secure versions of sites like Facebook, Twitter and Gmail. And given the previous problems with Amazon’s cloud network, these concerns might not be unfounded.

In a privacy statement, Amazon said that “Silk also temporarily logs Web addresses known as uniform resource locators (‘URLs’) for the Web pages it serves and certain identifiers, such as IP or MAC addresses, to troubleshoot and diagnose Amazon Silk technical issues. We generally do not keep this information for longer than 30 days”.

So while Amazon say they have no intention of using your browsing data for any gains in terms of targeted marketing, Chester Wisniewski is still advocating caution: “Think carefully as to whether your privacy is worth trading for a few milliseconds faster Web surfing experience.”

A Samoan rugby player is facing more Twitter related problems after already copping one suspension during the IRB World Cup for his outburst on the micro-blogging site. Eliota Fuimaono Sapolu , who plays his domestic rugby from English Premiership side Gloucester, was already facing a World Cup misconduct hearing for making inflammatory comments about the refereeing and match schedule on Twitter.

His first outburst accused the IRB (International Rugby Board) of “unfair treatment” towards his team (Samoa), who were only given a four-day break between matches before they had to play Wales, who had enjoyed a full week’s rest since their last fixture. He likened their treatment to slavery, the holocaust and apartheid before he had to issue an apology. But then he set his crosshairs on Welsh referee Nigel Owens, who Fuimaono Sapolu accused of bias when officiating Samoa’s 13-5 loss to South Africa, claiming that a Wales stood to benefit from a Springbok victory.

Ho-hum. It’s not the first time a sportsperson or public figure has landed themselves in hot water after deciding to vent their frustrations through the medium of Twitter. If you have a lot of devoted followers it can be an easy source of support for your views, but with the rate at which controversial and risqué comments get retweeted, it can be more of a curse than a blessing.

I suppose the lesson here (as is with many of these blogs!) is that if you have something to say that may cause problems for yourself or others if heard by a wider audience, maybe it’s something you should share privately.