Social Media Privacy and Security

Introduction

Today, almost everyone has some valuable electronic information, whether it is personal data or working papers. It can be a file with logins and passwords to various online services or a financial report, a work plan with a prospective client or entrepreneurial development strategy appended to services. Such information needs reliable protection from unauthorized access and distribution, accidental deletion or modification. All developed countries share a concern about information security. Computerization and digitization of information have widely entered all spheres of human activity, including the storage of personal and operational data.

The laws on the protection of personal information can justify and prove the relevance of statistical data about the identity theft. For example, in 2010, the number of victims of identity theft exceeded 8.1 million people only in the United States (Eastton & Taylor, 2010).

The necessity of the security of personal data on the Internet is an objective reality in our time. Modern people cannot independently counteract interference with their media privacy. Increased technical capacity to collect and process personal information, development of e-commerce and social networks make it necessary to take measures to protect personal data and create a new online consumers’ mentality. Identity theft can cause significant damage to legal owners’ material, when it comes to credit cards or information about savings in the bank.

The essay focuses on the critical assessment of the scholarly and online media sources. It analyses the possible ways of eliminating cyber crime and appeals to the necessity of active citizenship and responsibility in the exposure of personal information on social networks and other Internet recourses.

Review of Three Scholarly Sources Based on Social Media Privacy and Security

Internet users begin to pay more attention to the issue of security of their personal data in the network. According to a survey conducted on 11-14 July 2013 by Princeton Survey Research Associates and covering almost 800 respondents of different age groups, the majority of people are aware of common information threats to their private data, including date of birth, phone number, home address, photo or video materials. Since the last similar study in 2009, the proportion of users who avoid publishing their personal data has increased from 30% to over 50% (Rainie, Kiesler, Kang, & Madden, 2013).

According to a new survey, 86% of respondents undertake self-protection steps for security in cyberspace. More people regularly check cookies, encrypt e-mail messages, avoid the use of real names on the network, working in virtual networks and so forth. 55% of the participants take additional steps to avoid the possibility of being monitored by hackers.

Nevertheless, 59% of respondents believe that today the Internet anonymity is impossible. About 68% believe that the protection of personal information online is technically unachievable. 21% have experienced a burglary of mail or social network account access. 12% revealed their media security information under pressure and aggression against them. 6% say that their online reputation suffered because of the problems (Rainie et al., 2013).

However, there remain many people who neglect their safety on the Internet. Someone does not give it much importance, or does not believe in protection of the information posted online. Some people are unaware of security ruleson the web.

In the book, Analyzing Computer Security by Charles P. Pfleeger and Shari Lawrence Pfleeger, the authors stress that identity theft can cause significant moral and material damage to the legal owners. Attackers, who have sufficient technical knowledge, can organize spam submissions or change the status in social networks. They can steal details of bank cards (skimming) or mimic the sites of financial institutions in order to cause users to display their personal information (phishing). In fact, it is often difficult to determine the source of leakage of personal data because of the high levels of computerization in modern society. The authors address the intricacies and challenges of cyber security with a new approach. They underline the responsibility of internet users for the preservation and protection of their data. The studies have shown that the main free points of access to personal data are social networks (Pfleeger & Pfleeger, 2011).

A social network is not only an efficient and convenient way to communicate with friends and relatives, but an extended database of users. Many people provide personal information by submitting contacts, uploading photos, tagging friends and marking their location. Mass tracking system becomes activated (Pfleeger & Pfleeger, 2011).

When the advantages and disadvantages of social networking are compared, it is not evident what prevails. People neglect their social media privacy and security for the possibility of communication with friends through the site. A social network is a unique tool for the ruling elites to monitor and find all the people that match a specific framework. It is a perfect tool for ideological manipulations (Lipton, 2011).

Personal information is valuable for advertisers. If someone knows exactly what kind of advertisement to show, its effectiveness increases significantly. Spot advertising makes big money. There is evidence that a single visitor brings Facebook $ 4 per year (Haley, 2012). Not a big number, but when one considers that more than half a billion people use this site, the profit seems evident.

In addition to theft and use of personal data for profit, social networks play a significant role in the spread of viruses. Nowadays, there are sophisticated versions of Trojans, worms and unwanted software (Pfleeger & Pfleeger, 2011). For example, a sensational story of the spread of a worm through the video featuring Katy Perry and her husband on Facebook. It came as a private message with a video. A person clicked on the link and went to a fake page, clicked on the preview video and got a message to install a special plug-in to be able to view the video. After downloading it the computer got infected.

Virus writers are playing on people’s interest in celebrities and the sense of curiosity to the same kind of information. Besides infecting someone’s computer, the worm also sends similar messages to all friends on the social network. The virus spreads like an avalanche. The more infected computers become, the more messages they get (Haley, 2012).

The article on how bots reveal personal data on Facebook has demonstrated a new technique that hackers can use to steal personal information. Using specially designed program called social-bots, which simulate real user profiles, perpetrators were able to get a large amount of personal data. Social-bots acquire popularity among dishonest users and cyber-criminals. It is possible to buy such programs on the internet for just $ 20-30 (Lipton, 2011). Major social networks can have thousands of fake, dummy accounts, which may also be for research objectives.

In his book Social Media: a Critical Introduction Christopher Fuchs (2013) emphasizes that media societies in Europe and the United States are very concerned about the protection of personal data. The book analyzes the legal ways of improving social media privacy and security on a global scale.

In order to overcome the differences between the requirements of Europe and the USA, the Ministry of Commerce developed the principles of US-EU Safe Harbor (Fuchs, 2013). Following this concept, it is possible to achieve a sufficient level of social security and privacy on the Internet.

There are seven main requirements to confidentiality in US-EU Safe Harbor (Fuchs, 2013).

1. Organizations must notify their clients of the purposes for which they collect and use their clients’ personal information. Organizations should provide information about the ways in which the owners of personal information may contact the organization with any questions or complaints.

2. Organizations must provide clients with a choice to give or withhold consent to the transfer of their personal information to a third party. Managers should avoid using of their subordinates’ personal information for purposes incompatible with the primary ones.

3. Further transmission implies that before providing personal information to third parties the organization must notify the clients about the need to transfer their personal information to a third party.

4. Access gives the owners of personal information possibility to alter, amend or delete any personal information about them.

5. Privacy Policy obliges organizations to take reasonable precautions in order to preserve personal information from misuse, loss, unauthorized access, alteration, disclosure and destruction.

6. Data integrity should be relevant to the purposes. The organization should take all the possible steps to check that personal data is relevant and up to date.

7. Enforcement ensures compliance with the principles of the concept of companies Safe Harbor. It is important to have an independent and accessible mechanism for complaints and disputes (Fuchs, 2013).

The concept of US-EU Safe Harbor focuses on companies that have suffered from burglary and theft. In cases of cyber crime, such organizations have to notify the authorities and stakeholders within a day after the leakage. Users can demand complete removal of their data, as well as transfer of personal information from one organization to another.

The amendments can help to exclude cases such as those that involved Sony and Citigroup in April 2011. 77 million PlayStation Network customers learned about the theft of their data only a week after breaking online network. A similar situation happened to Citigroup. As an outcome of the attack on 10 May, 3,300 holders of bank cards lost $ 2.7 million, but the company acknowledged the leak only a month later, on 8 June (Fuchs, 2013).

Impacts of Academic Knowledge on the Social Elements and Institutions of Local and Global Communities

In the United States, governors undertake steps for social media security (Fuchs, 2013). America, as well as other highly developed countries, is trying to protect its citizens. American social media services respect the privacy rights of the representatives of other countries and therefore wish to strengthen cooperation in the field of rights protection. As stated by The Federal Trade Commission (n.d.), the concept of US-EU Safe Harbor has become a bridge for the cross-border transfer of personal information from the United States.

The so-called right to be forgotten can become an innovation in the field of personal information security (The Federal Trade Commission, n.d.). The essence is in providing citizens of the European countries and America with the opportunity to remove all of their personal data from the Internet. It includes not only social networks but namely the Internet. Under current conditions, this task is almost impossible to solve technically, but information technology scientists are working on this problem. There are those who see this right threatened by censorship (The Federal Trade Commission, n.d.).

In the UK, there is no legislation regarding the protection of personal data in place. David Smith, Deputy Commissioner for the Protection of personal data, discusses the prospects of modernization of European legislation in the field of media security. In addition, the UK is the member of the Organization for Economic Cooperation and Development. It has, therefore, adopted a directive on the international exchange of personal data (Moore & Clayton, 2011).

The EU adheres to the principles of comprehensive law, which requires the establishment of independent government agencies for the protection of personal information. There should be a universal database with recorded statements of personal information. In some cases, before the processing of personal information, the agency assistants may require a preliminary agreement with the owners of personal information. As a result, US-EU Safe Harbor can significantly reduce the possibilities of American organizations in trans-Atlantic transactions.

The Impact of Active Citizenship on the Social Media Security during the Next Five Years

The efficacy of personal data protection depends on such aspects as individual responsibility and digital literacy (Gartelli, 2012). Media education provides methodology for training based on problem, heuristic, gaming and other productive forms of teaching, which develops the individuality of students, independence of their thinking. Students should learn how to construct media texts and express different political, ideological, economic, social and cultural interests.

The concept of media literacy has its origin in the terms critical vision and visual literacy, which relate to screen media. In scientific literature, there are also terms technological literacy, information literacy and computer literacy (Gartelli, 2012).

Media do not reflect reality and represent it using a system of signs and symbols. Media education is the process of research and dialogue rather than debate. Media literacy helps students to communicate with media with a critical eye, understanding the importance of media in their lives.

Modern students have new interactive opportunities for practical and analytical work. They need to develop critical thinking and study the information on personal media security and privacy threats. In 2012, the US Federal Trade Commission or FTC revealed a report on protection of consumers’ privacy in the era of speedy change. The report presented recommendations for the improvements in media literacy methods and protection of confidential data of the customers (The Federal Trade Commission, n.d.).

According to the report, companies must ensure that their products and services provide the necessary protection for users’ data, and do not collect or maintain information about them. Consumers have the right to choose whom and what kind of information about the user’s activity on the Internet a company can provide. Also, organizations should implement Do Not Track technology, through which users will be able to control the tracking of their personal data (The Federal Trade Commission, n.d.).

The FTC also recommended companies not only provide users with accessible explanation of what data they collect, but also provide them with access to this information. Currently, guidelines of FTC have no legal power. In this regard, the report of the representatives of FTC urged Congress to pass legislation that would force all companies to follow their guidelines. It had to allow applying punitive sanctions regarding those organizations that do not protect the social media privacy of consumers (The Federal Trade Commission, n.d.).

FTC also appeals to the Privacy by Design. It is a concept that Ann Cavoukian developed back in the 90s due to the ever-growing and systemic problems of information and communication technologies and large-scale network systems data. Privacy by Design comes from the fact that in the future, the confidentiality, for example, protection of personal information, cannot be achieved solely by observance of legal acts. The protection of personal information should ideally be one of the top priorities, in fact default rule in the work of any organization (The Federal Trade Commission, n.d.).

The purpose of Privacy by Design is in the social media privacy, security and control over it. These objectives require applying the following seven fundamental principles. The principles are almost the same as those in the statements of US-EU Safe Harbor.

The USA and European legislation in the field of personal data protection needs modifications. In its new form, it should be under constant review and revision. The police and judicial authorities have to execute the provision for the protection of personal data, which is applicable to the private and public sectors now. In five years, governors should adopt new amendments to the law on the security of personal data and improve the methods of acquiring media literacy and competence.

The Relevance of a Multimedia Component in Relation to Academic Knowledge and Social Media Privacy and Security

The importance of critical citizenship in providing access to personal data is crucial in modern conditions of highly corrupted world. People, who have access to such data, should have perfect critical thinking abilities in order to avoid temptations and fraud. Edward Snowden reported that the USA and the UK intelligence agencies managed to crack the encryption system. It protected personal data, emails and bank transactions of millions of Internet users, as well as companies. At the same time, according to the newspaper, the United States National Security Agency (NSA) not only hacked into the existing codes using supercomputers, but also, thanks to the secret collaboration with IT-companies and Internet service providers, it managed to discover vulnerabilities in the encryption mechanisms, and moreover, weaken the international standards in this area (Haley, 2012).

According to the publication, a ten-year anti-cryptographic program made a breakthrough in 2010. The secret service managed to collect an enormous amount of personal data of the Internet users. The annual budget of that secret program provided unlimited access to private information and it cost the US taxpayers $ 250 million.

In addition to the NSA program, there was a program of the Government Communications Centre: a British intelligence agency, responsible for electronic intelligence and protection of governmental information. According to The Guardian, it developed a way to break the encrypted data passing through Hotmail, Google, Yahoo and Facebook (Haley, 2012).

Microsoft, Yahoo and other Internet companies immediately increased the protection of their services from hacking after Edward Snowden had revealed the data on a large-scale surveillance of their users by the United States Government. Information about programs and penetrating into the database of the Internet companies shook their reputation (Haley, 2012).

The Guardian wrote, with reference to the documents received from Snowden, that Microsoft had worked closely with American intelligence agencies, allowing the NSA to bypass cryptographic protection of data. As a result, when the creators launched the portal mail Outlook.com, NSA could then intercept and read online chats. In services like Microsoft Hotmail and Windows Live Messenger specialists from NSA were able to access personal data program MUSCULAR. These outrageous cases represent the scales of the possible social media security and privacy threats.

Conclusion

The conducted research shows that the problem of social media security and privacy has acquired new features and reached new scales. At the beginning of the cyber crime history, hackers and dishonest information technology developers committed offences. Nowadays, the pattern has become an international and global threat. The way to salvation is in the creation of reliable social media security and law on privacy. Such instrument can limit and mitigate identity theft violations. The projects like US-EU Safe Harbor or Privacy by Design are models of expected social media regulations in the future.

The profound and effective legal protection of social media is impossible without critical citizenship and personal responsibility of the Internet users. People should reconsider the threats of media environment and social networks. They should start looking for effective ways to protect and preserve their personal information. In the last 3-4 years, the theme of information security and privacy in social networks has attracted a lot of attention. It is understandable because the networks open personal data of their users to the outside world. There have been many cases of leakage of credit card numbers, perpetrators could easily hack accounts, and the administration of sites and platforms gained access to a vast range of information.

However, this is only the part lying on the surface, and it is not a complete picture of potential threats to social media security and privacy. The users of the Internet should also remember about viruses and phishing, which imply stealing usernames and passwords and further illegal activities. The biggest threat is the access to all personal data by unauthorized people. And they can view it, even if the person has removed his/her account from the network.

Recently, users have become less trustful and begin to filter the information they want to share on the Internet sites and platforms. They started giving false information or inaccurate data to mislead the offenders and secure their privacy. Many people remove their accounts and the European community even began to develop the concept of the right to be forgotten. However, deleting one’s account cannot guarantee confidence.

Edward Snowden’s case is an attempt to draw public attention to the discussion of the real state of things on the Internet. He became the initiator of large-scale leaks of documents on the activities of the American and British intelligence agencies, including the secret program PRISM for surveillance of Internet users worldwide. In the United States Snowden is subject to criminal responsibility for divulging state secrets; however, his report became a source of broad discussion and reconsideration of social media privacy values.

References

Afflerbach, P. (2012). Understanding and using reading assessment, K-12. Newark, DE: International Reading Association.

Coon, D., & Mitterer, J. O. (2008). Introduction to psychology: Gateways to mind and behavior (12th ed.). Stamford, CT: Cengage Learning.

Easttom, C., & Taylor, J. (2010). Computer crime, investigation, and the law. Boston, MA: Cengage Learning.

Fuchs, C. (2013). Social media: A critical introduction. London: SAGE.

Gallagher, K. M. (2013). NSA whistleblower Edward Snowden: ‘I don’t want to live in a society that does these sort of things’. Retrieved from https://www.youtube.com/watch?v=5yB3n9fu-rM

Gartelli, A. (2012). Current trends and future practices for digital literacy and competence. Hershey, PA: IGI Global Snippet.

Haley, K. (2012). Symantec internet security threat report.

Lipton, J. D. (2011). Combating cyber-victimization. Berkeley Technology Law Journal, 26(2), 1103-1155.

Moore, T., & Clayton, R. (2011). The impact of public information on phishing attack and defense. Communications and Strategies, 81(1), 45-68.

Pfleeger, C. P., & Pfleeger, S. L. (2011). Analyzing computer security: A threat, vulnerability, countermeasure approach. Westford, MA: Prentice Hall Professional. Rainie, L., Kiesler, S., Kang, R., & Madden, M. (2013). Anonymity, privacy and security online. Pew Research Center.

The Federal Trade Commission. (n.d.). Identity theft. Retrieved from http://www.ftc.gov/bcp/edu/microsites/idtheft/