Â鶹¹ÙÍøÊ×Ò³Èë¿Ú

I still like amazing people without computers by showing them a picture of their house on Street View.

Without doubt my house address is on hundreds of marketing mailing lists from advertisers without me knowing it. But unlike changing e-mail addresses, moving house is a but more expensive.

You can't stop people talking about you behind your back, online or in real life.

How long will it take you to understand the enormous dangers of social networking websites. You have been warned. These sites steal you very soul. They rob you of your independence and identity forever.

The biggest disaster for all of us is that the USA does not have data protection legislation, as we do in Europe, and there is absolutely no sanction for aggrieved and violated users - except that of public derision of the operator.

The USA really does need proper privacy and data protection legislation that is enforceable by both US citizens and foreigners.

What facebook is doing is an outrage.

PS
Google is also(?)/may well(?) be doing something similar in the way it manages search data by user.

BT tried it on phenom (? spelling) last year, and both it and the British Government are in the process of being rightly hauled up before the European court for violating the privacy rights of any citizen of Europe. The pity is that the British Government cared so little for the rights of its people that it did not stop BT's experiment. These database structures violate and rob everyone of their individuality and personality and must be stopped NOW.

Rory Cellan-Jones.

most interesting, thank you. particularly scary (I think) is Facebook's answer to your question: "Shouldn't it be impossible to create a profile ... before you've clicked on the confirmation e-mail?". "Sinister?" yes, because of the scope for misuse by third parties.

If somebody's doing something wrong here, it isn't Facebook - it's the friends who have fed their contacts email addresses into the site without their permission. Would they do the same with phone numbers?

(Disclosure: I have uploaded my address book. It's really useful.)

Although it is a security risk it's nowhere near as bad as Google "intercepting" peoples WiFi traffic through their Street View cars. That was (IMO) much much worse as it really was spying.

Rory, I believe that Facebook go further than keeping a database of other users' email addresses. Having watched the behaviour of my Facebook page and talked to others about the way the 'friends suggestions' change, I think they also track any previous searches for a person that may have been made by the 'friends' on the Facebook suggestion list.
Is this an invasion of privacy? Maybe - probably, but we live in such a connected world nowadays and the only way not to be seen or heard is to take one's self offline completely. Personally I would find it hard to live without the internet, but Facebook, well take it or leave it.

This comment was removed because the moderators found it broke the house rules. Explain.

@SuperG - - sense of perspective here please. This was not spying.

I believe that facebook users (and users of other social networking sites) should be "big enough and ugly enough" to realise that when they sign up that their personal information is now in the public domain.

As for facebook places, well, its one of those apps that you can have a little fun with especially if you are in a major city because you get the option choose a partiular venue within a certain radius of where you actually are. Recently on a business trip to London my husband appeared to be visiting a few unsavoury places (when in actual fact I was talking to him on the hotel room phone) it did backfire when his kids text him horrified that he appeared to be broadcasting that he was in a strip club to the cyberworld! We saw the funny side, they didn't, however, I wonder how many matrimonal lawyers will be rubbing their hands in glee at the thought of the extra business they will receive when this "places" application becomes yet another entrapment tool in a suspicious relationship? Less obvious than a camera and the guilty party might unwittingly carry out their own execution.

Re: 4. Nick Taylor
The blame needn't fall on either Facebook or your friends. In this case I think both are at fault; but I attach more blame to Facebook because they encourage your less well-informed friends to be thoughtless in the service of their profit.
Their privacy failings are the reason I've never signed up for Facebook, and I'm afraid I rather hope they get prosecuted under Data Protection legislation in the UK at some point, as they .

Funny you should cover this Rory - at the weekend we did a similar but different experiment where i signed up to a new fake email account on hotmail with no details about me at all wit ha fake name. I then signed up to facebook with the same fake details and no other profile info.

On the next page of suggested friends it came up with a list of people from my real friends and family group and weirder still - a family member (not close) added me as a friend even though it was a random fake name/account...

How is this possible - is it due to fact the laptop used is same one i use for facebook each day for my real account? IS it related to the IP address i connect from? How/why did a family member add me even though it was a fake name and no details + they did not know i was doing this?

Any one have any ideas and do others see this as a problem?

Generally speaking, as soon as you use your email address or your real name on any internet site, there's a chance it's going to be picked up and used. The social network companies are doing it to increase the chances of you making connections when you first sign up, so you're tempted to stick around and use their site. Ad brokers like Google do it to target ads - so (unless you're using an ad blocker in your browser) as to maximise the chances of clickthrough, but there's a whole army of more malevolent types that can use your information for more nefarious purposes.

There's precious little privacy available nowadays - even offline. Companies can use the electoral register (which you're required by law to fill in) to spam you with physical junk mail and can use phone directories to spam you with nuisance calls - even if you're registered with the TPS (which is an opt-in scheme for both consumers and companies). Heck, even if you're ex-directory, you can be spammed with nuisance phone calls - some companies don't bother with using phone directories but just dial numbers at random and create a database of 'live' numbers, regardless of whether they get a sale or not. And many companies don't even bother with getting humans to dial - they get computers to both dial your number and attempt to sell you their product. There's one company in particular which I've caught using at least a dozen different phone numbers so far which often calls me up and leaves a message on my answerphone advertising (usually) get-out-of-debt schemes or (occasionally) will writing services.

Going back to FB, once you have signed up, one new feature it's introduced is something called "Photo memories" - displaying a random photo to the right of the messages window featuring one of your friends (note: that could include a photo on someone's profile who you have no connection with, but have tagged a friend).

It'll be interesting to see what happens when they roll out friendship groups (which I believe are some kind of hybrid between Friend Lists and Groups). Hopefully that will make it easier for people to send messages to a group of friends rather than spamming the entire lot, or (even worse) "Everyone" (which includes search engines).

Could it not be as simple as the domain in the Email address.
For example, if you were called bob@supercompany.com, then a quick look to see if there is anybody else @supercompany.com would give you a list of possible friends.
Of course, facebook know not to include everybody @hotmail.com or @gmail.com for example!!

Facebook as a company just don't understand privacy, or (more likely) willfully ignores it. It's wrong that they should reveal any information about somebody until that email address was verified. Showing a list of "friends" before responding to the confirmation email is wrong and a privacy transgression. Mark Zuckerberg's previous comments about how people's expectations regarding privacy needs to change to match this new world exemplify the company's arrogance.

@2: The BT project was commonly called "Phorm", after the company it was working with. More details are available on .

The power of Facebook, and the associated dangers, are becoming more and more apparent. A student friend was "fraped" - someone posted something on his page while he was out the room, causing instant mayhem for 350 friends and especially to his family. The instantaneous aspect of messages and relationships leave no time for reflection and the caapcity to "undo" the damage which has been caused. Add in lack of privacy and the errors of bad typing, and the potential for personal (or wider) disaster is just a matter of time.

I think you're blowing things out of proportion. Facebook doesn't know anything at all about you when you register. Someone else provided your email address and it logically guesses based upon friends-of-friends who you MAY know. It doesn't KNOW who you know, it just takes a stab in the dark. In a similar way when you talk to people and they say "What school did you go to?" and you tell them and they go "Oh did you know Bradley Davis?". At the end of the day it is a guess and can only ever be a guess. It is a clever idea and one that becomes more and more accurate the more people who register with the site. You can't seriously blame Facebook for being accurate due to the number of users it has.

People are getting far too excitable about breaches of privacy and pointing the finger at Facebook when in fact all they have done is been handed your email by someone else. Then when you register it checks if you have been invited, if you have it looks for who invited you and their friends. Simple. We do the exact same thing at the website I work for and to call it a breach of privacy is ludicrous. If you are that pent up on the problem then tell your friends and associates to not provide your email address to social networks. If anyone is breaching data protection and privacy it is your friends and not Facebook.

@Laurie Wilson
To broadcast where you are, you have to choose to do it, and choose the location. If you don't want someone to know where you are, then just don't use FB places. Simple.

It is amazing how the world is Facebook centric with issues. How about all those chain email's or fake virus emails that people still insist in circulating with a whole list of email addresses in.
I got annoyed when someone used my email address from a chain email, to pass on incorrect advice about a fake virus. He claimed he was head of security for a major company.

Why do we get so worked up about social networking and the threat to our privacy? Instead of embracing its good points and adapting our mind and culture to work with it instead of against it. Im not a self absorbed person but Im tickled to know that facebook can suggest friends for me and that I can leave my cyberprint behind - why not? It leaves a fantastic legacy for future generations to see what we got up to...better than any photo or letter. If we take precautions to ensure our identities are not stolen then we can gain much from the richness that social networking has to offer. Bring it on I say.

This is a complete waste of a post on the Â鶹¹ÙÍøÊ×Ò³Èë¿Ús website. How is it a concern that people can see which friends you might have? It seems to me that this is just another article trying to attract attention using facebook's name. It would be useful to see some actual insight into real privacy concerns. How this blogger is employed by the Â鶹¹ÙÍøÊ×Ò³Èë¿Ú baffles me.

I still think most posters here are missing Rory's primary point; It's not that facebook or google or linkein or any number of other networking sites have a prior record of your email address and/or name through either previous users or web scrapping BUT rather that this information is actively leaked to anyone without the confirmation e-mail being seen and actioned.

That leak-without-confirmation is the problem and is inexcusable.

It's not, technically, spying.

As established - A touch later than it should have been - by the article, Facebook does have the option of being allowed to scan your contacts, be that through GMail, or uploading something from Outlook/Outlook Express.

As with a number of social networking sites, this information is never truly deleted - Stored, and access is usually restricted to either a select group of administrators (Let's face it, any wayward administrator could theoretically grant themselves permissions to view), or even certain scripts.

It'll operate simply by checking, when you start the signup process, your email against any that it's already got.

For example:

If I signed up with my personal email that everyone I know knows about, then chances are that its scanning system would find a fairly accurate group of people that I know.

However, if I were to use one of my "dead" accounts (Which don't get used, and are merely used as password recovery for certain things), which I have done, then it presents a much larger, and much more inaccurate list.

Facebook, as a company, do understand privacy. They cannot afford not to.

The users, however, do not. Yes, people bleat about privacy at every given opportunity (I remember an instance of a newly created social network displaying email addresses (In an image form, so not selectable) and failing to provide an option to disable that catching quite a large amount of negative user feedback), but they do not genuinely understand it.

People assume that, because they've never done X, Y or Z, that X, Y and Z know nothing about them - Completely forgetting that they use a fairly similar selection of usernames (Searching for my Display name here provides quite a selection of sites that I use under the same username) and email addresses, and of course, they communicate with all their friends and family using the same details. Once you're on the net, you are on the net, and you are not going to have an easy time getting yourself off it.

It's the same reason these malware email chains become so wildly effective - One user, one email address, all their contacts are much the same, end of.

Sadly, short of using a new email address every time, or scrubbing all identifying information from each sent email (There are services that allow a rather interesting degree of email anonymity out there), you are never going to be truly "private" and on the net.

Internet privacy, in a nutshell, is a complete farce. Given sufficient time and detail (A username, for example), you can find anything on the net about anyone.

I don't understand all this fuss about email addresses being 'public'. Surely that's the point of an email address, so people can contact you?

To those who are still worried, I have something even more concerning to tell you! Did you know that there is a huge book which contains the names, addresses and telephone numbers of most people in your local area? Even worse, you don't have to pay for this book - it is delivered to your home free of charge every 2 years! We must stop this gross invasion of privacy immediately!

This is ridiculous, all that’s happening when friends are suggested is that it’s looking at people that are friends with a number of your friends.

Looking at the story above the friends that were suggested prior to ‘Belinda’ finding friends were all people that worked at or went to the university that 'Belinda’ works at. So they took the domain name from her email address, ie @manchesteruniveristy.co.uk, then listed the other members that had an email address with the same domain name.

This isn’t dangerous. There have been databases with people’s addresses and telephone numbers for years.

It is a clear privacy breach. Consider this scenario: Alice has Bob's email address and uploads it to Facebook when she joins. Carol wants to spy on Bob, so she creates a fake, unverified account in Bob's name. She immediately sees that he knows Alice. Carol now knows something she shouldn't be able to find out.

my understanding is that facebook searchs its database of users personal info for people your likley to know based on your personal info. So if you input your school and graduation year when you create your account, facebook will look up all other users that left that school in that year. It will do the same with university etc. It might use your address, but im not sure, i tend to keep a reasonable amount of my personal info fictitious. So when you suggest that facebook as info on other peoples address books, i dont believe this is correct. Of course if you create an account with out inputing anything other than a name and email and still got correct friend matches, this would proove me incorrect.

in terms of personal info and privacy. You would already need to know, the school, university, work place, address and name of a person (that didnt already have an account) to find out who facebook thought they might know. How valueble in terms of identity theft is knowing someones friends? Also if they already have an account, unless they've altered their security settings you can usually browse their friends list with out being their friend, or them knowing about it.

The thing that has sort of taken me by surprise regarding facebook is the pointlessness of it all.

2 and a bit years ago, I signed up this thing and quite quickly became excited at the idea of possibly being able to "find" old friends I had lost touch with. I thought it would be one of those things I would spend loads of time on each day chatting to old friends.

What I quickly realised is that it's nice to have become reacquainted with old firends (some that used to be quite close), but in reality you never actually speak to them. You've all "moved on". It has struck me more and more as time goes by.

I have little in common with these old friends and that's patently the reason we lost touch in the first place!! All my closest friends, whilst on facebook, are contactable by far easier and faster means (i.e. phone, text, email). I've realised I don't actually need facebook at all. I won't delete my account and I probably flick on it for about 2 mins each day, for no reason really!

So what we think we all "need", in reality is probably not true. If facebook disappeared tomorrow, it would take a few people a bit longer to get hold of the close friends they want to spend time with. The rest would just toddle off back to their own lives, just like before.

The slightly disturbing thing I have noticed recently on Facebook is that the ads appearing seem to reflect recent searches I have been doing on Google. For example I was researching a somewhat unusual holiday location (definitely not the usual holiday package destination for Brits) and shortly thereafter the ads on my Facebook page were suggesting flights to and hotels in the country I had been searching. Similar unlikely coincidences seem to be happening with increasing frequency and I can't help wondering how Facebook know what I am doing on Google?

Facebook does not know you, it simply knows of you.

Not to be insulting but this article is a bit of scaremongering by people who are not used to social networks. Your friends have obviously (stupidly) uploaded their address books and your email exists on FB as part of that database. Once you confirm you know someone then further friend suggestions are made based on their contacts (A+B=C?).

The important thing is to segregate your online life, to try to limit the amount of information you put out there. In FB you have to use your real name, everywhere else use a nickname, use different emails for both. This is what I do. For convenience you can have one email account auto-forward to your main one.

Bit of advice re: privacy... make everything on FB "friends only". You do not want future employers or your existing boss accessing your FB and see possibly embarassing photo and statements.

My issue with facebook is that it seems to turn people into idiots!
I'll be out with friends having a drink and the majority of them are changing their status on facebook constantly, it's like who are changing it for? The only people you actualy know are sitting here with you? whats wrong with these people?

i hate it so much it hurts sometimes.

If I remember correctly from my own sign-up last year, this works through the "Find Friends" and the account holders don't necessarily know what is happening (I didn't, I worked it out later). If an account holder clicks on "Find Friends" Facebook scans their address book for emails and then searches its own database for matches. It also retains these details and then congratulates the account holder on adding friends to Facebook! Of course, this was nearly a year ago now...

I'm pretty sure that storing someone's email address without them agreeing to it's usage (unless you're a Government agency) is a breach of the Data Protection Act.

But although Facebook is getting the attention, Twitter and MySpace also get users to scan their address book on signing up. While this may be unnerving for some, it's no more invasive than having your name and address in the phone book although admittedly you should have the equivalent option of going ex-directory.

#29 Don't forget that Google is an advertising company, first and foremost. Delete all your google cookies and they can no longer track you.

Why do people put address details and other personal stuff on FB? It is just plain silly and asking for trouble

Erm, surely this isn't quite as sinister as you're making out?

Person goes to sign up on Facebook.

Person enters their e-mail address "person@some-university.ac.uk".
Facebook suggests list of random other people who also have a "@some-university.ac.uk" address.

But oh no, the article goes with, "OH NOES PEOPLE MUST BE UPLOADING THEIR ENTIRE E-MAIL ADDRESS BOOKS, PLEASE WON'T SOMEBODY THINK OF THE CHILDREN!!1!".

Come on Rory, you're smarter than this.

OK, explain this one....

I joined Facebook and did not enter any details about my employment history. As a suggested friend, there was someone from 30 years ago who had worked for the same company I did at the time, but in the US head office - this was before the company concerned even used email! He and I were not personal friends, and I have never had any contact with him since then....

How then, were we connected???

My only thought is that we might both be on Friends Reunited. My employment history is on there, so his may be too. It's the only place I can think of where I have put employment history. Does Facebook cross-reference with trawled data from there???

All these Facebook concerns Rory.
Is that why the Â鶹¹ÙÍøÊ×Ò³Èë¿Ú rapidly removed the Facebook tracking cookies from the Â鶹¹ÙÍøÊ×Ò³Èë¿Ú website a few months ago? Or was it the fact they shouldn't be there in the first place that had them removed?

Perhaps you could find that out from your management, all in the intrests of open-ness and public information, of course.

What's Facebook's concerns with "fake" names all about? What constitutes a "fake" name anyway? A friend of mine had his profile deleted by FB, because his surname on the site wasn't the one he was given at birth, but a nickname he has gone under for more than 30 years and which he is known to all his friends by. He's even written and published under that name (he's a journalist). FB would brook no argument, despite his pleas. And yet many authors write under a pseudonym, Stephen King being just one example that springs to mind, and he seems to be allowed a FB page... Does FB have any position on precisely when a "fake" name crosses over into being a legitimate pseudonym?

Welcome to the online world. The moment you send or even receive an email, your details are out there in the big wild world of the Internet. Unless you're communication in a closed system. By default, email systems such as GMail will store the addresses you send to or receive from, and who knows what Google does with that info? What can your contacts do about it? Nothing!

Social networking systems are about linkages between people. They're trying to replicate online what already exists in real human life. Of course there are a number of problems with that, one of which is privacy. Extended from that is that while in real life we (or should that be be "some") humans have a lot of appreciation of the strength, or perhaps quality, of a particular relationship to another, social networking systems don't. You are either linked to someone, or you're not. I think this is what is causing a lot of issues with some people.

Moreover, the complex algorithms being used by Facebook and others to come up with these linkages are not an exact science. They do have some unintended consequences, or glitches if you will, no matter how much testing they go through. Facebook won't readily admit that, but any systems engineer will tell you there is always some discrepancy between the design or intention and the actual due to various reasons such as technology limitations, knowledge or skills limitations, etc. Lets not forget that Facebook was started by a guy in his bedroom or something, then before he realised 500m people had signed up!

I've just realised that Google has saved my entire search history since 2007!!! Even the most mundane searches, and what pages I've clicked on as a result of those searches.

I never knew that it existed, and I'm sure I've deleted search history in the past. Nothing and nobody is safe on the Internet anymore. I think we've just all got to deal with the fact that if you use the Internet, info can be found about you.

My question is: did you add her to the university's network on Facebook?

This is nothing too scary, Google knows a LOT more about you anyway. Pretty much every single site has some sort of Google tracking on it. Install NoScript on Firefox and look for "google-analytics.com" or "doubleclick.com" running scripts, odds are you'll see at least one of those or a variation thereof on most sites you visit. That's Google collecting information on you right there, on pretty much all of your browsing activity.

Luckily, blocking those scripts in NoScript should stop them from being able to do so.

@SuperSpursEnigma - just turn off Web History in your Google Account settings. It's one of the first things I did upon setting mine up.

A while ago I received and invitation to join face book via an acquaintance who has a different set of privacy values. The thing that is scary is that it included "other people you might know", one of whom was my sister and another who was probably my brother. Ever since I've been wondering if I can force facebook to disclose what they know about me, without adding to it.

Another major problem is Smart phones are now having Facebook added by default and in some of these a CICAL is being created which automatically copies your Contacts and Calendar to Facebook whether or not you have joined and can then be cross referenced by their system to link possibilities to you. Since you have not joined you cannot access their system and are not governed by their privacy rules.

In the immortal words of Elaine Lee's character Harry Palmer : "You gain access to them, _they_ gain access to _you_." This is a transitive operator.

I don't understand why everyone feels the need to upload photos of their children on to FB? Privacy?

This behaviour of Facebook (creating pseudo-profiles for people who haven't even signed up) is something that I predicted on these boards some time ago. Facebook's behaviour is predictable, they ruthlessly gather as much information as possible about everyone by stealth, with or without their knowledge.

Another thing to bear in mind is that wherever you click something where you're agreeing to terms and conditions, the chances that Facebook will eventually get the information you've just typed in, sooner or later, is high.

The only protection that people have is that FB currently can't get information from your ISP to positively identify you, this is something they'd love to do. If they can find a way, they'll do it.

I love the quote 'Facebook has always been based on a real name culture. This leads to greater accountability and a safer and more trusted environment for our users.'

Uhm yes I really did have this as my name and profile pic.(it was changed after I proved my point which is Facebook identity checks are not worth the ink they are printed with)

I Became part of the Facebook community without my consent. I became aware of a fake account in my name with my picture. It has been up for almost 6 months now. I searched for a way to ask for its removal, but Facebook would only let me contact them if I had an account. I created one, let people know, and then asked every one I know, to inform Facebook that the other account was false. Even with those notifications, Facebook did nothing then, and has done nothing now. I deleted my real account three weeks later, yet still suffer from: people feeling hurt because I haven't "friended" them, confusion about me not being a part of the network, and invitations lost from people who don't get that its fake because we haven't talked in awhile and they were "friended" by someone else. Its a sham, and a shame.

@mittfh

"Companies can use the electoral register (which you're required by law to fill in) to spam you with physical junk mail"

Actually, when you fill in the electoral register forms there is an option to not have your name in the edited register. If you select this option then you will only appear in the full register.

The edited register is the one they will sell to anyone. The full register cannot be legally used for anything except electoral purposes.

So you're not legally obliged to put your name on a list that can then be sold to spammers.