SOCIAL NETWORK:
WATCH OUT FOR SIDE EFFECTS
FACEBOOK & CO
SURFER BEWARE
HAVE YOU EVER WONDERED?
TIPS
SOCIAL NETWORK:
WATCH OUT FOR SIDE EFFECTS
Facebook, MySpace & Co. A lively debate is in progress between those who extol the unique communication chances
provided by social networks and those who only see the risks
to surfers’ private life and rights.
The Italian DPA decided to draft this short guidance to help
those planning to sign up to a social network and those who
have already joined a social network to use this new tool
knowledgeably. It is not meant to cover all issues; it is more
a quick guide that can be used both by newbies and by experts.
We wish to provide food for thought, but mostly a few pieces
of advice to ensure that one of the most valuable goods we
have – our identity and our personal data – can be protected
also in the “virtual world”.
FACEBOOK & CO
SOCIAL NETWORKS
Social networks (such as Facebook,
MySpace, etc.) are “virtual
marketplaces”, that is places where
you can meet people via the Internet
and share pictures, videos, thoughts,
pals’ addresses, and much more.
Social networks are “the” forum for
sharing materials; they provide a
unique means for communicating,
however they entail risks to the private
sphere of the individuals concerned.
Social networks were set up initially in
the academic world by colleagues who
wanted to “keep in touch” and “team
up” after starting their job careers.
Facebook, one of the best-known
among these networks, was initially
nothing else but the virtual translation
of the college “photo book” – a sort of
electronic billboard where you could
look up your old pals and exchange
information with them. One of the
most recent developments is pushing
for the increased integration between
social networks and mobile phones, so
that any message posted online is
turned into a sort of multiple SMSmessage that can immediately reach
all our friends.
5
The tools made available by social
networks allow us to keep in touch
with our family living in a different city.
They enhance communication also in
the social and political arena by
turning us into campaigners for issues
we are keen on. They can make it
easier to pass on knowledge between
colleagues and between employees
and their company.
Social networks give you an impression
of being in a space of your own, or a
member of a small community. In fact,
this is a misconception and may lead
users to unveil too large a portion of
their private lives and disclose very
personal information – which may
cause “side effects” even after many
years’ time. One should not
underestimate these side effects.
6
SOME OF THE WORLD’S LEADING
SOCIAL NETWORKS
Facebook, MySpace, Hi5, Flickr,
Skyrock, Friendster, Tagged,
LiveJournal, Orkut, Fotolog,
Bebo.com, LinkedIn, Badoo.com,
Multiply, Imeem, Ning, Last.fm,
Twitter, MyYearbook, Vkontakte,
aSmallWorld, Windows Live, Xiaonei.
THE ITALIAN DPA
AND THE INTERNET
The Italian data protection authority
is monitoring the development
of Internet-based communications
and is committed at both European
and international level to setting forth
rules and guidelines that can protect
users and their personal freedoms.
But the most effective safeguard
is self-protection – that is, the careful
management of one’s own
personal data.
7
SURFER BEWARE
FOREVER, OR JUST ABOUT
When you post your personal data on a social networking
site, you are no longer in control. Your data may be stored
by all your contacts and by the members of the groups
you signed up to; they may be processed and disseminated
even after many years. In some cases, by accepting to join
a social network you grant the SN company a licence to use
all your online materials forever… your pictures, chats,
posts and rants.
DEACTIVATION VS. CANCELLATION?
APPLICABLE LAW
Most social
networking sites are
based abroad along
with their servers. If
a legal dispute arises
or a privacy breach
is at issue, it is not
always the case that
Italian and European
laws can protect you.
If you decide to sign out of a SN site,
you are often allowed to “deactivate”
your profile – not to “cancel” it.
Data and materials you posted online
might be retained in the SN
company’s servers or IT archives.
Read the terms of use carefully
along with the privacy safeguards
laid down in the contract you accept
when signing up.
9
WHO CAN DO WHAT
Nobody can protect your privacy better
than yourself. Think twice before posting
information you would not wish to circulate
or be used against you. Report breaches
to the Italian DPA so that we can step
in to protect you.
OTHERS’ PRIVACY
When you post your friend’s
or a relative’s picture, when
you tag that picture, maybe
by adding the persons’ first
and last names, are you sure
you are not breaching their
privacy? When in doubt,
ask for their permission.
10
BUSINESS IS BUSINESS
Social networking companies
usually fund their business
by selling targeted advertising.
The value of these companies
is also closely related to their
skill in performing an in-depth
analysis of their users’
profiles, habits and interests
so that they can re-sell
this information to anyone
bidding for it.
THAT’S NOT ME!
Watch out for fake profiles! It only
takes a picture, a name, and some
information on a person’s life to lay
hands on the person’s online identity.
There have already been several
cases in which famous actors,
politicians, public figures as well as
“normal” people have found that
others were managing their identity
on social networks and blogs.
HOW ABOUT MY BANK ACCOUNT?
Take care about the information
you post online. Your date and place
of birth are enough to tell your Tax
ID. Other types of information might
help a criminal to trace your bank
account, or even your UserID
and password.
Garante per la protezione dei dati personali
11
HAVE YOU EVER WONDERED?
IF YOU ARE A BOY / A GIRL:
If you knew that your neighbour or your teacher could read
your online postings, would you post the same things
in the same manner?
Are you sure that the pictures and information you are posting
will also be OK in a few years’ time?
You are uploading/posting “that” picture of your friend – sure,
but would you like him or her to do the same to you?
Can the members of your user groups read your personal info?
Are you sure you would show “that” picture to your new
girlfriend/boyfriend?
IF YOU ARE A PARENT:
You told your child not to touch the oven when it’s hot, you taught
him how to cross the street, you warned him to beware of strangers…
Did you also teach him how to tell dangers on the Net?
Did you teach him how to defend himself against online aggressions
or kid predators? Did you teach him not to give out personal details
on him and his friends to strangers?
Have you ever tried surfing with your child? Did you ask him to show
you how to use the Internet, or which groups he signed up to?
Have you ever asked him whether he was cyber-bullied?
13
IF YOU ARE SEEKING A JOB:
Do you know that recruitment companies look up for candidate
information via the main online search engines?
Would the pictures you uploaded to social networking sites
and your postings stand in the way of your next job?
Does the CV you sent to that company match with the one
you posted on the Internet?
Are your online chats and rants in line with your professional
expectations?
IF YOU ARE A “SAVVY”:
Did you check your personal privacy settings?
Did you breach someone’s privacy rights by uploading “that”
material?
Did you commit an offence by showing those pictures around,
or writing those posts?
Did you check user licences, royalties and copyright rules
for the documents, pictures or videos you uploaded?
14
IF YOU ARE A PROFESSIONAL:
Do the users allowed to interact with your profile fit in with
the professional target you set yourself?
Can the groups you signed up to on a SN affect your work?
If you are flamed by a member of your SN, are you ready
to provide the appropriate response?
Did you consider whether you are sharing information
with someone that might be harmful to your business?
Do you know that several chat services – including those provided
by SN sites – allow recording and storing chat contents?
15
TIPS
SELF-CONTROL
Go easy with
publishing your
personal data
(especially your name,
address, and phone
number) in a user
profile, or with
accepting new friends.
RESPECT OTHER PEOPLE
Don’t upload pictures
and personal information
concerning other people
without their consent.
You might commit
a criminal offence.
THINK TWICE
Remember that
pictures and
information might
resurface years
ahead thanks to
search engines.
CHANGE LOGIN
AND PASSWORD
Use different logins
and passwords
from those you use
for other websites,
your email and
your online banking
operations.
17
NICKNAMES
INFORM YOURSELF
Whenever possible,
use different
nicknames for the
different groups you
signed up to. Do not
include your date
of birth or other
personal information
in your nickname.
Get information on who
manages the service and how
they protect personal data.
Remember: you have the right
to know how your data are
used. See under “privacy”
or “privacy policy”.
PRIVACY LEVELS
Use privacy-oriented settings and limit the
availability of information – especially the
information retrievable by search engines. Check
the privacy settings for your profile – who can
contact you, who can read your postings, who can
add comments to your pages, what privileges apply
to the users in your groups.
18
IDENTITY THIEVES
You might be chatting and sharing information with someone
who is not who you think they are. A child might be an adult,
and vice versa. It is increasingly frequent that fake identities
are created – whether of well-known characters or not –
as a practical joke, for spite, or to get at confidential
information. It only takes your picture, some information
on your life… and you might be the next “clone” on the list.
SPAM / UNSOLICITED
ADVERTISING
Check how your personal
information is used by your
service provider. If you do not
wish to get unsolicited ads,
make sure you do not give
your consent to the use of your
data for purposes of targeted
advertising, promotional
initiatives and/or marketing.
CONTRACT
AND TERMS OF USE
Read carefully the contract
and the terms of use you
are accepting when you sign
up to a social network.
Check for any changes that may
be made unilaterally by the SN
provider. Check that you can
easily withdraw from the service
and erase all the information
you have posted on yourself.
19
Piazza di Monte Citorio, 121
00186 Roma
Phone: +39-06 696771
fax: +39-06 69677785
Francesco Pizzetti, President
Giuseppe Chiaravalloti, Vice-President
Mauro Paissan, Member
Giuseppe Fortunato, Member
Contact:
Ufficio per le relazioni
con il pubblico (Front Desk)
Mon-Fri 10-13
Email: [email protected]
www.garanteprivacy.it
Edited by Servizio relazioni
con i mezzi di informazione
(Media and Communications Service)
at the Garante per la protezione
dei dati personali
Vertigo Design
Filippo Patroni Griffi, Secretary General