This post explores the risks of using Facebook, and the risks of your peers using Facebook even if you do not. Facebook transformed the way that the world interacts. For many, it has become the prime forum for social participation. Critics of Facebook point to the narcissistic exhibitionism which it promotes, but the internet site has also provided communities, groups, activists, and individuals with a virtual nexus.

This connectivity has not come without a cost. As we meander, linger, and troll through the internet, our choices transform into pieces of data which characterize our virtual counterparts. This data can then be used by companies attempting to sell us products, and in some cases, by law enforcement officials attempting to peer into our lives.

Facebook is Dangerous

Eben describes Facebook as analagous to a "man in the middle" attack that a hacker might employ to intercept apparently private communication for nefarious purposes. I think Eben's analogy is spot on: facebook is not a technical hack, it is a social hack. We are oblivious to the increasing damage Facebook is inflicting on our privacy and the danger it can pose to people who are deemed "criminals" wanted by law enforcement.

Every mainstream news website, most blogs, and virtually all shopping websites have Facebook "Like" buttons which can be used to track your activity on that site even if you don't touch the "Like" button. You can't go anywhere on the internet without accessing Facebook's servers, whether or not you even have a Facebook account. Some people believe that they can control the data gathered about there internet use, but instead they have more of an illusion of control. Just because it is possible to turn off what one 'shares' on your account doesn't mean that Facebook isn't collecting the data and turning it over to anyone who requests it without a warrant.

How Does Facebook Collection Differ From Other Internet Uses

It's not about what you place on the internet. It's about where you go, what you look at, how long you look at it. What one intentionally places on the internet is trivial compared to information on the profiles that person has looked at, the photos someone has spent the most time on and the people that were tagged in them.

Two major differences between the methods used by other internet platforms and Facebook: 1) the lack of ability for ISPs to inspect the content of transmissions on a large scale, and 2) your ability to protect yourself with SSL encryption.

First, by default, your ISP only tracks and logs the address (location) of everyone's transmissions, not the content of those transmissions. It can track the content but it is difficult for an ISP to do that on a large scale since it involves processor-intensive packet-sniffing. If your ISP was targeting you specifically, I have no doubt they could discover the content of your transmissions, unless you encrypted them (discussed shortly). But it is simply not realistic for an ISP to eavesdrop on the content of everyone's internet usage simultaneously. Facebook does not have this limitation. It does not need to resort to packet sniffing since you are accessing it's domain and it can easily match the location of your transmission to the content. It knows that www.facebook.com/profile=1234420 is Kieran's profile since it designed the URL matching scheme. It knows how long you spent on Kieran's page since the asynchronous Javascript on the page is in constant communication with Facebook's servers. Your ISP does not have these shortcuts and must inspect the content of every packet you send to get a meaningful idea of what you're doing on the internet. It can do it, but it cannot do it for everyone at once. Therein lies the danger of Facebook: it can record all this information about everyone at once, and it does.

Second, when you access your bank or, say, Gmail, your communication is encrypted through something called SSL. That means it is mathematically very, very difficult for an ISP to snoop on your communication to discover what you are doing on that website. It knows roughly what domains you're accessing (e.g. bankofamerica.com) but it cannot decrypt the content that's been sent to your browser. It cannot discover your bank balance, since the information is garbled by encryption until reaches your web browser on your computer, outside the eyes of the ISP. Again, Facebook has no such limitation. It should be obvious why: it is not a third party relaying information like your ISP is, it is actually the server you're communicating with. It knows what it's sending you, even if it encrypts it before sending it.

Examples of the Disturbing Uses of Facebook

There is no shortage of examples that highlight the disturbing uses of Facebook.

• Employers and schools that are demanding usernames and passwords are engaging in a very particular form of voyeurism rather than in any useful applicant vetting process.
• A geolocation app that allows users to map the presence of prospective paramours with publicly available facebook profiles of Facebook.
• Facebook handed over lists with lists of the suspect's friends, IP logins, photos, tags, and messages. Given that facebook won't reveal how many subpoenas they've responded too, we have no way of knowing how often domestic law enforcement or other less savory entities are pouring through our social data.

All of these articles illustrate the ways in which data collected through facebook can be used in ways that is not consistent with users' desires and not anticipated by them when they choose to sign up for Facebook.

The Dangers of Facebook Reflect Broader Internet Hazards

These disturbing issues aren't relegated to Facebook. They're all over the internet. For example, the majority of us use free hosted email (Gmail, predominantly, I'd imagine). It is likely that more private, relevant data is exchanged through email than through Facebook, especially given that most people see Gmail as a completely private place and Facebook as at least a somewhat public place. That being said, the pervasive nature of internet spying supports an argument for greater public outcry and stronger attempts to limit companies' use of our online information, not less of either.

What Can Users Do?

Maybe you don't care if Facebook or law enforcement can track where you are at any given moment.Maybe Facebook users are not oblivious as to how their internet use is monitored. It is possible that many people do not mind "Facebook exposure" and are not naive to the fact that through Facebook other websites track and log their movements on the internet. But perhaps the danger occurs in the public's general lack of how the information can be used against them. In Eben's Freedom in the Cloud speech, he discusses the flaws in the networks we use, but remarks that all is not lost, "It's not a pretty story...We haven't lost. We've just really bamboozled ourselves. And we're going to have to unbamboozle ourselves really quickly or we're going to bamboozle a bunch of innocent people who didn't know we were throwing away their privacy for them forever." Eben's speech served as a brief education on how information on the web is collected and can serve as a cautionary tale for educating individuals about the extent to which their collected information is used. The problem is vast, and eventually will we reach the point where people demand more transparency.

-- HarryKhanna, SanjayMurti, AbiolaFasehun, SkylarPolansky, ElviraKras, RumbidzaiMaweni, KieranCoe, TomaLivshiz

this is an interesting post. I hope I am not ruining the structure but I just wanted to add my thoughts. What I find most dangerous about Facebook is that it blurs the distinction between private and public. Under the facade that you are only communicating to your "friends" (as if you are engaging in 1:1 chatting,) you post your ideas,and express feelings in public. Also, people post on facebook voluntarily. They choose to open doors to their private lives on the internet. To some extent, this culture of communications through social media encourages people to voluntarily give up their privacy, and more importantly, create a culture that undervalues the notion of privacy.