Storify shows Facebook privacy more illusion than fact

A dustup over the republication of private Facebook status updates on Storify points to how privacy on the social network is relative and users must remain vigilant to avoid getting burned.

The online controversy started Friday when the business news site AGBeat reported that a person using Strorify's Chrome browser extension or bookmarklet could essentially copy and paste private Facebook content.

Storify is a tool for stringing together photos, videos and status updates from socialnetworks. The site is popular with bloggers and journalists.

Whatever Facebook content a person has access to can be republished on Storify. This means that private status updates from personal profiles and private groups can be copied. The ability of third-party sites or apps to breach Facebook privacy has been a concern for sometime.

In its 2012 State of the Net report, Consumer Reports warned that Facebook data is shared more widely than users may wish. "Even if you have restricted your information to be seen by friends only, a friend who is using a Facebook app could allow your data to be transferred to a third party without your knowledge," the consumer watchdog group said.

p>Facebook compares Storify to someone taking a screenshot of a post and then republishing it somewhere else on the Web. On Monday, the social network seemed to distance itself from the controversy, implying that the person copying the information has the responsibility for not sharing their friends' private updates.

"The behavior appears to result from Storify users utilizing a browser extension that essentially cuts and pastes content available to that user to the Storify site," a Facebook spokesperson said in an email. "This is not a result of the Storify application for Facebook."

[See also: 10 security reasons to quit Facebook (And one reason to stay on)]

Storify washed its hands of the controversy, saying the site does not give people access to content on the Web they would not already be able to see.

"By using our bookmarklet or Chrome browser plugin, you can indeed collect text, photos and video from all around the Web, including what is visible to you on Facebook," Storify co-founder Burt Herman said in a blog post. "That media may not have been intended for a wider audience, but it's up to you if you want to publish it more widely."

This passing of the buck to users is an example of why privacy advocates want even tougher privacy restrictions on Facebook than what is contained in a settlement the site reached with the Federal Trade Commission last year. The agreement requires Facebook to create a comprehensive privacy program and to have independent audits of its privacy practices conducted every two years.

Some privacy advocates also want Facebook to provide full access to all data collected on a user, stop creating facial recognition profiles without user consent and cease tracking users across the Web.

Consumers Union, which publishes Consumer Reports magazine, supports a national privacy law that would hold all companies to the same standards.

In the meantime, privacy advocates recommend maximizing privacy settings and to always assume that anything posted on Facebook can be seen by friends, family, employers, government agencies, health insurance companies and law enforcement.

Read more about data privacy in CSOonline's Data Privacy section.

Tags Storifyapplicationssecuritysoftwaredata protectionFacebookData Protection | Data Privacyprivacy


Comments are now closed

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Cloud Trust Authority

Reduce complexity and increase trust for public cloud service providers and their customers.

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.