Socially unacceptable
Online mobile social networks share private information including a user's location with third party tracking sites, according to a new study.
A report by professor of computer science, Craig Wills, at US -based Worcester Polytechnic Institute, (WPI) called ‘Privacy Leakage in Mobile Online Social Networks,' has prompted fresh concerns over the security of sites such as Facebook.
It found mobile online social networks provide tracking sites and other services with details of users' physical locations or unique identifiers for their mobile devices, as well as assorted types of other personal information.
A previous 2009 study at the Institute revealed social networking sites leak personally identifiable information to third-party advertising companies so they can connect with a profile its user believes to be anonymous or private.
Researchers examined 13 mobile online social networks for the study, including Flickr and Urbanspoon as well as the likes of Facebook, LinkedIn, MySpace and Twitter. They were interested in the types of information the sites allowed or insisted users post on their profiles and the privacy policies as well what the websites transmit to third-party tracking sites.
They concluded that shockingly, all the sites leaked some kind of private information to tracking sites, which, in many cases included a user's unique social networking identifier allowing a third party to connect the records they keep of a user's browsing behaviour to their networking profiles.
Interestingly, only two of the sites probed directly pass on information about users' exact geographical locations, although several use a third-party map service to show a user's location on a map.
Alarmingly six sites transmit a unique identifier for the user's phone so a third party can continue to stalk a user's actions on the phone.
The study also discovered that leakages occur when information is shared among social networking sites, finding its way to third party tracking sites.
The researchers believe this ‘greatly increases' the potential for these sites to build up a plethora of personally identifiable information and consequently connect users, their details, browsing habits and physical places they visit to their mobile devices.
"The combination of location information, unique identifiers of devices, and traditional leakage of other personally identifiable information all conspire against protection of users' privacy," said Wills in the paper. He believes the finding raise "some serious concerns" and calls for action to stop third party sites compiling an arsenal of personal data.
"The fact that third-party sites now seem to have the capacity to build a dynamic portrait of mobile online social network users argues for a comprehensive way to capture the entire gamut of privacy controls into a single, unified, simple, easy-to-understand framework, so that users can make informed choices about their online privacy and feel confident that they are sharing their personal, private information only with those they choose to share it with," he said.
