The Internet privacy and online security world was abuzz last week as 2011’s Data Privacy Day was held on Friday, January 28. Facebook followed suit with a post entitled A Continued Commitment to Security on its blog. The article, written by Alex Rice, a security engineer, began stating that the social network plans to introduce more robust security features just in time for Data Privacy Day.
Of course, the blog failed to mention that the day prior to its publication, Mark Zuckerberg, CEO and Founder of Facebook, had his fan page hacked. Luckily techcrunch.com managed to get a screenshot of the hacking before it was removed. It read: “Let the hacking begin: If facebook [sic] needs money, instead of going to the banks, why doesn’t Facebook let its users invest in Facebook in a social way? Why not transform Facebook into a ‘social business’ the way Nobel Price winner Muhammad Yunus described it? http://bit.ly/fs6rT3 What do you think? #hackercup2011.”
Facebook’s New Online Security Measures
Which came first: the chicken or the egg? Or, in this case, Zuckerberg being hacked or Data Privacy Day? To be honest, it doesn’t really matter whether it reads as a suspicious coincidence or not, because the irony involved makes the situation somewhat humorous.
To be serious, the two new security measures Facebook announced in conjunction with Data Privacy Day have been developed as “complex systems that operate behind the scenes to keep you secure on Facebook.” There are also “some advanced features you can use to help protect yourself even more.”
Here is the breakdown:
- After last year’s Firesheep incident, it is evident that HTTPS is becoming a necessary step to keep yourself secure online. In the past, Facebook only used HTTPS on login pages where a password was needed. Now the network is expanding the precautionary measure to all pages to keep more of your data protected more of the time. The site recommends using it especially when on public wifi networks. To turn the feature on, go to the advanced security features found in your Account Security section of the Account Settings page. Facebook does note that using HTTPS may make the site slower since the pages will be encrypted for your safety. Also, third party applications will not support the new security feature.
- Another new feature will be Social Authentication. If there is suspicious account activity detected by Facebook, it will not a use the traditional CAPTCHA like other sites do to verify you are a real person. These are not always 100% effective in keeping out hackers. Instead, the social network will prompt you with tagged photos of your friends and ask you to identify the name of that person to verify your identity. The blog post explained, “Hackers halfway across the world might know your password, but they don’t know who your friends are.”
Yes, Security is Tighter, But What About Your Privacy?
While Facebook rolls out these new advances to protect your online security, another shining example of the network invading user privacy comes to life. Sponsored Stories is a new way for brands to advertise using the endorsement of another Facebook user and sharing in an ad-like box to that user’s friends. For example, if I “like” the page for PRIVATE WiFi™ on Facebook that type of information would normally show up on my profile and in the newsfeed of my friends. However, with the new Stories feature, it can now show up as an ad displaying my “liking” of the page as a brand endorsement to share with all my friends. To get a visual understanding of what Sponsored Stories will look like watch this video created by Facebook.
Granted, my friends, if my privacy settings allowed for it, would have the opportunity to see this information already. (And Facebook will not share this information in a Sponsored Story with anyone but your approved friends). However, isn’t having your support for a brand used and monetized without consent an invasion of privacy? A user’s content and activity will now be bid on by advertisers so they can repurpose “not just Likes and check-ins but also posts on public pages and actions within custom applications,” as explained in Mashable’s story about the new feature.
Tell us what you think: were Facebook’s new security features in response to Zuckerberg’s Page being hacked? Are the features too little too late? If you were featured in a Sponsored Story would you feel like your privacy was invaded?