home

Social Networking and E-Mail: Is Privacy Dead?

Facebook has now overtaken Google as the most visited website. How smart is it to share your life on Facebook or other social networking sites? This week, the keynote speaker at the South by Southwest Interactive (SXSWi) festival proclaimed privacy is not dead in the era of social networking, it just needs fixing. The speaker, Danah Boyd, works for Microsoft.

I disagree. It's very much dead, not only for social media but for e-mail. The evidence? Take a look at Facebook's subpoena and search warrant guide -- or Google's or AOL's or anyone else's. Or, take a look at the Stored Communications Act (18 USC 2703) and see how easy it is for law enforcement to get your personal information and contacts, and with a search warrant, the content of your communications.

How are you going to find those guides? I'm not going to publish them, but you can find them on Cryptome.org. I will tell you a little about what they will turn over: [More...]

According to its 2008 guide, Facebook will turn over: an expanded view of your profile, called a "neoprint"; all non-deleted photos you have uploaded to Facebook, and all photos others have uploaded in which you are "tagged" -- this is called a "photoprint"; all of your non-deleted contact information, regardless of whether you have marked it private -- including your phone numbers, email address and AIM screen name (excluding historical data which it does not keep); a user's IP logs, showing the IP addresses of the computer used to log onto Facebook -- they keep this for around 90 days, maybe longer;

You think law enforcement doesn't know about you or your Facebook account? Have you ever signed up to be a member of a Facebook group? Facebook will turn over a list of all members of the group. Once they have the list, there's nothing to stop law enforcement from requesting the information on any or every group member.

AOL is particularly helpful to law enforcement. It's 18 page guide even contains sample language with what information to ask for. In addition to your contact information, they will turn over your billing records and dates and times you were online, your payment source, including credit card and bank