Facebook Best Practices To Protect Your Privacy
At the very bottom of every page on Facebook, there’s a link that reads “Privacy.” The linked page is “A guide to privacy on Facebook,” which contains the latest privacy functions and policies. For example, with the latest changes in May 2010, Facebook discloses information that it sets as visible to everyone and that you cannot make private. This information includes sensitive information like your name, profile picture, gender and networks.
When in doubt, use the “Preview my profile” button on any privacy settings page to check how your information appears to others.
Think carefully about who you allow to become your friend
Once you have accepted someone as your friend they will be able to access any information about you (including photographs) that you have marked as viewable by your friends. You can remove friends at any time should you change your mind about someone.
Show “limited friends” a cut-down version of your profile
You can choose to make people ‘limited friends’ who only have access to a cut-down version of your profile if you wish. This can be useful if you have associates who you do not wish to give full friend status to, or feel uncomfortable sharing personal information with.
Disable options, then open them one by one
Think about how you want to use Facebook. If it’s only to keep in touch with people and be able to contact them then maybe it’s better to turn off the bells and whistles. It makes a lot of sense to disable an option until you have decided you do want and need it, rather than start with everything accessible.
Facebook gives users powerful controls to protect themselves online, but it’s up to individuals to check and ensure that appropriate settings are in place.
Account settings holds mostly administrative items with little impact to your privacy, but there are a few areas–highlighted below–that warrant caution.
My account: Settings
|Name: Full alternate name (shown when you click “edit” next to name)||Be careful||People often use this information to be found by their maiden name or nickname, making them easier to find. Keep in mind some sites use your maiden name (if applicable) as a security question for account access, so weigh this possibility before disclosing.|
|Username||Be careful||Don’t use a nickname that will link you to other accounts you might wish to keep private; avoid using a nickname that might give away sensitive information (for example: your birth year). Be sure it is different from your bank login username, for example.|
|Linked accounts||Be careful||Linked accounts include Google, MySpace and OpenID–use with caution to avoid overexposure.|
My account: Facebook Ads
|Allow ads on platform pages to show my information to:||Be careful||In the wrong hands, information about ads you liked can be handy for socially
engineered attacks. The more entities that have access to your information, the greater your risk. It’s best to limit this information whenever possible.
|Events, Gifts, Groups, Links, Notes, Photos, Video–and all other applications||Privacy: “Only Friends”||As a minimum, we recommend that the information posted by these applications is only shared with friends. Always consider that material you post on the internet may end up in someone else’s hands – if the material is likely to compromise your security or embarrass you later think twice about posting it online!|
Privacy Settings: Sharing on Facebook – Customize Settings
Things I Share
|Posts by me (default setting)||“Only Friends”||Personal information can be published on your wall by yourself and others, therefore it is unwise for it to be viewable by the wider Facebook community. For this reason, you should not allow networks to view your wall.
Posts you make to your wall can now vary in security on a post-by-post basis (see the “Status updates and posted items” section), but we recommend you set the default option to “Only Friends.”
|Family||“Friends Only”||With information you choose to disclose on Facebook, even if you lock down your profile to entirely Friends Only, you have to remember that there’s always a chance that one of your friends may have their account compromised. Information about your family, relationships and interests are rich targets for someone socially engineering an attack against you.|
|Interested in and looking for|
|Bio and favorite quotations|
|Website||“Only Friends” (at most)||Publishing your personal website address is less of a privacy risk than revealing other contact information, providing other private information is not listed on the personal website itself.|
|Religious and political views||“Only Friends”||This information may be sensitive, depending on what you have posted. Unless you want a potential employer knowing this information, be careful what you post and who you allow to see it.|
|Birthday||“Only Me”–though it’s best to not enter this information at all||As this is key information in identifying you, not only should you not show your birthday, you should not enter your birth date information into Facebook at all. Should your account be compromised–or worse, should there be a Facebook data breach–you do not want this information falling into the wrong hands.|
|Edit album privacy for existing photos||“Friends only” for all albums||Your privacy settings for “Photos and videos I’m tagged in” and your photo albums are not linked, meaning you need to set your album privacy separately from your general photo settings. Just as with your photo and video tags, don’t share your albums with anyone outside of your friends.|
Things others share
|Photos and Videos of Me||“Only Friends” (at most)||Photos, videos, posts and comments should only be shared with friends, not with wider networks on Facebook. If pictures or posts may be posted that you think may be embarrassing to you in the future, then tag this option to say only you can view them and ask yourself what can be done to prevent such material being uploaded onto the internet in future. If you are not comfortable with material appearing on your resume or job application, don’t post it online.
If a friend’s account is compromised and you have Wall postings enabled to friends, this leaves you open for a potential phishing attack. Most people enjoy the interactivity that friend Wall posts provide, but always be wary of any links friends may post to your wall (especially if the message doesn’t sound like something they’d normally write).
|Can comment on posts (Includes status updates, friends’ Wall posts, and photos)|
|Friends can post on my Wall|
|Can see Wall posts by friends|
|Mobile phone||“Only Me”||Users completing their profile on Facebook should ask themselves whether it is appropriate or necessary to tell other Facebook users their contact details. Facebook allows users to opt-out of entering this personal information, and as Facebook allows friends to contact each other via Facebook it’s not necessary to know someone’s real address or phone number. If they really are a friend they should know where you live and what your phone number is! And if a friend really can’t remember they can always contact you via Facebook and ask you. It’s then up to the user to decide whether they feel comfortable sharing that information, and if their friend has a valid reason for asking.
Remember: It is not necessary to post your email address on Facebook as you can send a message to friends with the Facebook system itself.