Social Media: Your Online Identity — Pause, think before you share!

There are many ways information on social networks can be used for purposes other than what you intended. Any time you choose to engage with social networking sites, you are taking certain risks.

Have you thought about your digital footprint? Every day, whether we want to or not, most of us contribute to a growing portrait of who we are online, a portrait that is probably more public than most of us assume. So, no matter what you do online it's important that you know what kind of trail you're leaving, and what the possible effects can be.

What information are you sharing when you use social networks?

The kinds of information you may be sharing on a social network include:

  • Your profile. Most social networks allow users to create detailed online profiles and connect with other users in some way. This may involve users sharing information with other users, such as one's gender, age, familial information, interests, educational background, and employment.
  • Your status. Most social networks also allow users to post status updates in order to communicate with other users quickly. Though there may be privacy settings to restrict access to status updates, these networks are frequently designed to broadcast information quickly and publicly.
  • Your location.  Many social networks are designed to broadcast your real-time location, either as public information or as an update viewable to authorized contacts. This might allow users to "check in" to a local event or business or share one's location with contacts within their network.
  • Shared content. Many social networks encourage users to share content, such as music, photographs, videos, and links to other webpages.

All of this reveals information about you, including contextual information you may not even be aware of. By sharing this information online, you may be providing enough information to allow advertisers to track you or hackers to take advantage of your online identity.

It is important to be aware of the information you are providing and to be conscious of the choices you can make to protect your privacy.

How may your social networking information be used and shared?

Publicly available information.  Every social network allows you to post some information that is completely publicly accessible, from your username to individual posts to your entire account.

Anyone, including strangers, can view whatever is posted as "public." However, there may be other data that you share publicly without realizing it and there are less obvious ways your information may be treated as public without your permission, including:

  • Certain information may be publicly visible by default. In some situations, user information must remain public (frequently such information includes your account name). 
  • A social network can change its privacy policy at any time without a user's permission. Content that was posted with restrictive privacy settings may become visible when a privacy policy is altered.
  • Approved contacts (people on your "friends" list or people that "follow" you) may copy and repost information — including photos or personal information — without a user's permission, potentially bypassing privacy settings.
  • Third-party applications that have been granted access may be able to view information that a user or a user's contacts post privately.
  • Social networks themselves do not necessarily guarantee the security of the information that has been uploaded to a profile, even when those posts are set to be private. While security flaws and breaches are usually quickly fixed, there is potential for taking advantage of leaked information.

Advertising. Your own publicly posted content isn't the only way you can be tracked. Advertisers are very interested in the information that can be gathered by tracking your online activity.

This may include:

  • Tracking which websites a user has viewed.
  • Storing information associated with specific websites (such as items in a shopping cart).
  • Analyzing aggregated data for marketing purposes.

Behavioral advertising is the term used to describe the practice of tailoring advertisements to an individual's personal interests.

Social networks that provide their services without user fees make a profit by selling advertising. This is often done through behavioral advertising, also known as targeting. This practice is appealing to marketers because targeted advertisements are more likely to result in a purchase by a viewer than comparable non-targeted advertisements. They are valuable to social networks as they can be sold at a higher price than regular ads.

Third-party applications are programs that interact with a social network without actually being part of that social network.

These applications take many forms, but some typical and popular forms include games that you may play with contacts, online polls or quizzes, or third-party interfaces with the social network.

To make these applications useful, social networks may allow developers automatic access to public information of users, and may even access some private information, when a user grants the application permission.

You may inadvertently grant an application access to your profile without realizing the extent of the permissions being granted.

Some facts to keep in mind when considering using third-party applications:

  • Most social networks do not take responsibility for the third-party applications that interact with their sites.
  • They may not be guaranteed to be secure.
  • They may gain access to more information than is necessary to perform their functions.
  • They may contain malware designed to attack the user's device.
  • Third-party developers may report users' actions back to the social networking platform.
  • A social network may have agreements with certain websites and applications that allow them access to public information of all users of the social network.

Government and law enforcement officials can monitor social networks for valuable information.

Law enforcement agencies can and do monitor social networks for illegal activity. During an investigation, law enforcement will often turn to a suspect's social network profiles to glean any information they can.

Though each social network has adopted its own procedures for dealing with requests from law enforcement agencies, it's important to keep in mind that the degree to which these sites co-operate, or don't co-operate, with law enforcement may not be fully explained in the privacy policy.

Employment. Potential employers are generally permitted to use whatever information they can gather about an applicant in making a hiring decision. Although there are legal risks, including possible violation of anti-discrimination laws, employers are increasingly turning to social media to inform their decisions.

It is important to know what information can be seen by non-contacts and to consider what kind of conclusions might be drawn from it.

Protect your online identity

  • Keep your full name and address to yourself — This same advice also applies to posting your children or grandchildren's full names. Avoid being one of them. Everyone in your trusted circle should know the children's names anyway, so the information is redundant. 
  • Think twice about posting revealing photos and videos — Even if you don't realize it, you may be revealing too much in what appears to be a harmless photo. Photos and videos can also reveal a lot of information unintentionally. Photos and videos can reveal people's identities very easily.

    It's important that you have the consent of the subject(s) of any photo or video that you post. Also ask your friends to be considerate of your reputation-being tagged in a compromising photo can be just as damaging to your reputation as if you had posted that photo yourself. Many cameras will embed hidden data (metadata tags), that reveal the date, time, and location of the photo; camera type; etc. Photo and video sharing sites may publish this information when you upload content to their sites.
  • Turn off your location — This type of information can leave you vulnerable, including to identity fraud or theft. Think carefully before you decide to tell the world exactly where you are or where you've been.
  • Understand and manage your privacy settings — Find out how to adjust your privacy settings and customize them so that information is shared only in the ways you want it to be. Review and update these settings regularly, since social media sites can change their settings.
  • Think long term and manage your digital footprint — Don't post anything you wouldn't want everyone to see. Think carefully about the content you want to post online before you post it.

    Would you want a potential employer to see those compromising photos? Make no mistake about it — the web is listening every time you use it! It's important that you understand what you're leaving behind when you visit a website.
  • Close unused accounts and delete your data — Close accounts you don't use anymore and ask the company to delete your data. If you just deactivate the account, your data may remain on the company's servers.