From wiki.ucalgary.ca
Jump to: navigation, search
Facebook - Friend or Foe?

The Group 1

Group Members

Dayna Chetek

Angela Johnson

Heewon Park

Michelle Yuen

Project Statement: Facebook Security

Facebook is the most popular social networking site on the internet. Our group plans to look at the ways in which a person’s personal privacy can be at risk due to security issues with the site.

Facebook .jpg

Topics of Interest:

  1. Facebook Terms of Service
  2. Identity Theft
  3. Who has access to data stored on Facebook?
  4. Does Facebook track your hobbies, interests, and spending habits?
  5. Can Facebook threaten your personal safety?
  6. Case Studies

History of Facebook

Facebook is one of the most popular social networks on the web. With over 120 million active users worldwide, and an extremely high and constantly increasing growth rate, facebook has become a familiar name to internet users across the globe. Founded and created in 2004 by Mark Zuckerberg, a Harvard Student, Facebook was initially called "The Facebook". The program began within Harvard alone, providing a networking system between the students, but quickly spread to other universities across the United States. In 2005, it became "Facebook.com" and was availiable worldwide within Educational Institutions only, and soon after to anyone with a registered email adress. Facebook is now worth approximately 15 billion dollars, and is continually increasing in value. As the site continues to grow in usage, it is also being constantly developed, with over 280 thousand applications now availiable for use. Yahoo and Google have both expressed interest in buying Facebook out, but Mark Zuckerberg has not yet accepted any offers, some as large as $2 billion American. Although Facebook has recieved massive amounts of success over the past years, it has also encountered various issues involving security. Being an online social network, users are always at risk of privacy violations. Measures must be taken therefore to ensure that users are aware of the risks of putting personal information on the web, and the various issues that it raises.

Terms of Service

"Terms of Service" refers to a licensing agreement which users must accept before they are able to use the site. It is fair to say that many people do not read the details of the contract before they sign up. Below are some of passages which generate concern.

"We reserve the right, at our sole discretion, to change, modify, add, or delete portions of these Terms of Use at any time without further notice."(Facebook ToU. 2008)

as well as

"When you post User Content to the Site, you authorize and direct us to make such copies thereof as we deem necessary in order to facilitate the posting and storage of the User Content on the Site. By posting User Content to any part of the Site, you automatically grant, and you represent and warrant that you have the right to grant, to the Company an irrevocable, perpetual, non-exclusive, transferable, fully paid, worldwide license (with the right to sublicense) to use, copy, publicly perform, publicly display, reformat, translate, excerpt (in whole or in part) and distribute such User Content for any purpose, commercial, advertising, or otherwise, on or in connection with the Site or the promotion thereof, to prepare derivative works of, or incorporate into other works, such User Content, and to grant and authorize sublicenses of the foregoing." (Facebook ToU. 2008)

Privacy Issues and Concerns

"Beacon" Application Privacy Issues


In November 2007, Facebook created an advertisement system called Facebook Ads, which in summary allowed advertisers to promote their product through facebook, run targeted advertisements based on the statistics of millions of facebook users, and have access to feedback as to what effect their ads were having. Mark Zuckerberg, owner of Facebook, publicly assured facebook members that the program would not compromise privacy in any way, as "no direct personally identifiable information is ever shared back with marketers." (Mark Zuckerberg, November 6, 2007)

Along with the Facebook Ads application came the "Beacon" application, which connects facebook with the advertiser's homepages. When purchasing or viewing something on these external homepages, the "Beacon" application notifies you through a pop-up that this information will be shared on your "News Feed" on facebook. If you do not click the "No Thanks" tab, then a story such as "Ang bought Basin Square Coffee Table and one other item on Overstock.com." will appear on your newsfeed on facebook, displayed for your friends to see. This serves the purpose of marketing the advertiser as well as the product.

Facebook beacon.jpg

This application brought about many negative concerns among facebook users, who felt their privacy was being violated. Arguers against the "Beacon" application complained that private actions taken in an external, third party website should not be displayed publicly on facebook without their direct permission. Although the application always notified members about was going to be displayed, and offered them a chance to opt out, many members believed that that was not enough. A main complaint was that unlike the other applications on facebook that needed to be downloaded, or "opted in to", the "Beacon" application was automatically part of your account. A member could choose to "opt out of" their usage involving specific sites only, but could not remove their participation in the application completely.

Many facebook groups were created to remove the application, arguing it was a "violation of users' privacy". A petition was created that eventually led to the "opt-out" option for the "beacon" application.


User accounts on Facebook can be affected by a trojan worm virus. The virus imitates itself as an email received from Facebook(facebookmail.com.) Through the email, users are directed to a link of a video or picture which then redirects the user to a website that releases the virus. The worm is able to manipulate user setting and profile information once it finds the right cookie for Facebook. It adds links that look similar to Youtube . Once the worm is activated, it spreads its virus by emailing every individual that is listed under the victims’ friend list.

How Your Facebook Life can Impact Your Real Life

Due to its increasing popularity, what members post on Facebook is often seen by many other users. If certain privacy settings are not put into use, members are always at risk of unwanted visitors viewing their profile. Precaution must be used therefore when deciding what information you choose to share over facebook, because users can never be sure who will view their page.

"Facebook prides itself in being a positive environment for peers to safely interact. Unfortunately, however, sometimes people abuse our site by posting inappropriate content or harassing others." -- Facebook Website

-- Parent - Child Issues


Issues arise daily due to the content that users upload on their profiles. A common situation is between parents who view their kids profiles and see photos of them drinking, smoking, etc. Facebook is no longer only for youth and students, and is now being used by adults of all ages, including many parents. Many issues have arrised when parents become aware of their kid's behaviors through facebook, and these issues can be very damaging to a family.

-- Teacher - Student Issues

Another common issue is the problems that facebook has caused for students over the years. In North Carolina at the Elon University, several students were written up for drinking in their dorm rooms, when a resident assistant found pictures of the events on facebook. In another situation, Students at various Northern Kentucky Universities were charged for similar reasons involving alcohol. A grade eleven student was expelled for creating a facebook group stating she would "kick" her teacher if 200 members joined.

"They feel it's their personal space and that what they put there is essentially private. But in reality, anybody can access the information," -- Expelled Student's Father

These are only three examples among thousands of similar cases, where facebook has caused problems for students. Students must therefore be selective when choosing what to post on their facebook.

Thousands of different situations have occured where what is seen on facebook becomes an issue in real life. Although privacy settings can be put into effect by users that block specific users from viewing their profile, these settings are not fool-proof and can be avoided. Using someone elses account, or creating secret accounts to view blocked profiles is possible and very common. Also, users are free to talk about what they see on facebook amongst people in the "real" world, so this should be kept in mind by users while posting information. What goes on in your "facebook life" can effect your real life adversely, so precautions should always be taken.

Personal Safety

-- Stalking

The term stalking refers to the obsessive watching or following of another person. In Canada this type of behaviour is considered to be "criminal harassment" and can be punished by up to 5 years in prison. Facebook is a tool that allows users to post personal information and connect with others; however it does not inform the user who has visited their page or the number of times their information is accessed. As a result, users are not alerted to who is accessing their information. In a recent survey of students at a Pennsylvania College, students were asked to list their reasons for using Facebook. Common answers included playing online games such as Scrabulous, and connecting with classmates. However, pollers were surprised to find how many people used facebook to "stalk" other people. Students admitted that they use the site to quietly observe the activities of friends, acquaintances, and even complete strangers.

With most people, this type of behaviour does not pose a threat to one's personal safety; most "Facebook stalkers" are people just wanting to stay on top of their friends' lives. However there is always the potential that this website can facilitate destructive behaviours and put a user's personal safety at risk. In the same survey, one student admitted to looking through people's "friends lists" until he came across the profile of an attractive female. He would read her profile and gather information to get a sense of what she was like as a person without her knowledge. Later, when he saw the student in person on campus, because he already knew many things about her found it easier to initiate a conversation with her.

In addition to this, a student at a Virginia university was attacked by a complete stranger. The student and stranger belonged to a political discussion group on Facebook and the attacker did not like some of the opinions that were expressed by the student in the forums. After gathering information off of the student's personal page, the attacker found his home address, impersonated a military recruiter, then attacked the student and his two roommates. Eventually the police were called and the attacker was charged with three counts of assault.

-- Identity Theft


Identity theft occurs when a person pretends to be somebody else in order to gain some sort of benefit. It can range from pretending to be a different person using an online profile, to using somebody's personal information to obtain a credit card in their name. All forms of identity theft are treated seriously in Canada and can result in criminal charges and imprisonment for up to 10 years.

Facebook facilitates identity theft in multiple ways. Firstly, there are many security loopholes that enable users to hack into other facebook pages. Videos on YouTube provide lessons on how to hack people's Facebook accounts by: going through third party applications, using scripts such as i_frames to change privacy settings and make unauthorized posts or friend requests, or hacking passwords to gain access to user accounts.

In addition, when users post things like their birthday, their place of employment, their job, etc., they are making it easier for potential thieves to get the information they need to commit fraudulent acts. In financial identity theft, the criminal uses this information to do things such as open up a bank account, create a credit card, or take out a personal loan. Because the information provided to the lender matches the victim's actual information, the financial institution is aware that a crime is being committed. They are not alerted to the crime until the funds have been issued and at this point it is often too late. When the original lending applications are filled out via mail or the internet, it is nearly impossible to track down the criminal to get the money back. This results in the loss of the financial institution's money and the victim of the identity theft gets stuck with the bill. Often this can damage a person's credit rating for many years and make it difficult to recover.

--"Does What Happens in the Facebook Stay in the Facebook?"

Facebook is a widely used network where users share their private life. Users share many aspects about themselves, such as, pictures, interests, sexual orientation, and phone number etc. . While enjoying the usage of Facebook, many users aren’t aware that by posting items on Facebook they are agreeing to allow Facebook to have the right to use, display, perform, reformat, or translate the contents posted. Terms of service state that any content on Facebook can potentially be duplicated, or integrated into other works. Information collected through “groups” and “applications” can easily be sold to third parties for survey and data collection purposes.

As Facebook members upload contents of their own, they are putting their privacy at risk. When individuals upload pictures of their own, the picture no longer only belongs to them, but has become a property of Facebook. Any content posted on Facebook can potentially be found anywhere outside of Facebook; what happens in Facebook may not always just stay in Facebook.


"You do not need to stay away Facebook.

You just need to know how you can stay safe."
Facebook privacy levels.png

5 Things to Remember

1. There are different levels of access; only friends, limited profile, network, strangers or blocked.

2. Privacy settings help you to stay safe.

3. Private messages are better choice than wall posts Because wall posts can be read by others but not messages.

4. Turn off times and online status.

5. Adjust news feed and mini-feed to avoids the stalking opportunities.

Privacy Settings


1. Profile This setting is to determine who has the ability to view your information. You can set up privacy controls to restrict certain members to access your information, photos and other personal information. You may also give access to either only your friends or friends of your friends that you firmly trust.

2. Search This setting is to allow others to search for your profile to see your photos, send you messages, poke you and(or) add you as a friend.

3. News Feed and Wall This is the most troblesome display of private information on Facebook. In this privacy setting, you have the control to choose which stories gets published on your profile page and to your friends' News Feeds.

4. Applications You may pick and choose the applications that your friends may have access to. For example, if you do not want your friend to view your "2005 Summer Vacation Picture", you may restrict your friend from viewing from this privacy option.

5. Block People By blocking people, you are not allowing the person whom you have blocked to search you or see your profile, or network with you through various channels. However, full blockage is not guranteed. Also, by blocking someone, you are disconnecting all former ties with the person.


The first step is not to open messeges or download files from strangers. Even you know who sent messeges, ask what it is unless you are sure.

You can also install and run antivirus software and update program up to date.


In conclusion, it is apparent that there are many risks associated with social networking and Facebook in particular. When individuals post personal information to the site they put their privacy, their hardware, and even their personal safety at risk. However this is no different than any other website on the internet. Though Facebook is a source of potential problems, it can also be an enjoyable way to communicate and reconnect with individuals from the past. As a group, we feel that it is important to be aware of the risks associated with maintaining a Facebook page, however with a little bit of common sense, users can stay safe and have fun using the site.


Facebook. Retrieved on 2008-24-11. Terms of Use. http://www.facebook.com/terms.php?ref=pf

Yadav, S., August 25, 2006. Facebook - The Complete Biography. http://mashable.com/2006/08/25/facebook-profile/

Phillips, S., July 25, 2007. A brief history of Facebook. http://www.guardian.co.uk/technology/2007/jul/25/media.newmedia

Hashmi, S., November 3, 2008. Facebook reaches 120 million users worldwide. http://startupmeme.com/facebook-reaches-120-million-users-worldwide/

Leitzsey, M., January 31, 2006. Facebook can cause problems for students. http://media.www.pacertimes.com/media/storage/paper795/news/2006/01/31/News/Facebook.Can.Cause.Problems.For.Students-1545539.shtml

Agarwala, V., 2006. Does what Happens in the Facebook Stay in the Facebook? http://www.albumoftheday.com/facebook/

Peter, M., September 14, 2006. Facebook and the Politics of Privacy http://www.motherjones.com/interview/2006/09/facebook.html

Michael, A., November 26, 2007. Facebook Privacy Issue Won’t Die http://www.techcrunch.com/2007/11/26/facebook-privacy-issue-wont-die/

Karina, M., September 8, 2006. Facebook Apologizes for Privacy Issues in News Feed http://www.newstrend.com/2006/09/facebook-privacy.html

Trapani G., March 19, 2008. Facebook Adds Privacy Controls http://lifehacker.com/369825/facebook-adds-privacy-controls

Marcelina H., October 22, 2008. Facebook Risks http://socialnetworking.lovetoknow.com/Facebook_Risks

engtech, March 8, 2007. How to use Facebook without Losing Your Job over it http://internetducttape.com/2007/03/08/how-to-use-facebook-without-losing-your-job-over-it/

Towie, N., October 23, 2008. Facebook virus kills user accounts http://www.news.com.au/couriermail/story/0,20797,24539636-8362,00.html?from=public_rss

Facebook, Retrieved on November 26, 2008. Privacy Settings http://www.facebook.com/privacy/

Duhaime,L., November 10,2008. Canada's Criminal Law: Stalking http://www.duhaime.org/LegalResources/CriminalLaw/LawArticle-95/Canadas-Criminal-Law-Stalking.aspx

Wolff, B., May 12m 2008. Stalking on Facebook http://daily.swarthmore.edu/2008/05/12/stalking/

Malkin, M., February 22, 2007. Facebook nightmare: college republican attacked by stalker speaks out http://michellemalkin.com/2007/02/22/facebook-nightmare-college-republican-targeted-by-stalker-speaks-out/

YouTube. Retrieved on November 25. 2008. Search: Facebook + Hack http://www.youtube.com/results?search_query=hack+facebook&search_type=&aq=f

Gotlieb, R. September 2008 issue. Canada's Identity Theft Problem http://www.more.ca/work-and-money/finances/canada-s-identity-theft-problem/a/1757/3

TA Comments

Good Job! Make sure to put up the left topics too, preferably before your presentation. You will be the fourth group of my lab groups who will present their project on Nov 26th, around 4:54pm. [Fatemeh]