When was the last time you read the terms and conditions or adjusted the privacy settings of your smartphone apps or social-media accounts?
On Wednesday (July 24, 2019) the Federal Trade Commission (FTC) announced that Facebook “will pay a record-breaking $5 billion fine to resolve a government probe into its privacy practices and the social media giant will restructure its approach to privacy”.
The FTC also said that Facebook’s “data policy was deceptive to ‘tens of millions’ of people who used Facebook’s facial recognition tool and also violated its rules against deceptive practices when it did not disclose phone numbers collected to enable a security feature would be used for advertising.”
When you think about why consumers use apps and social media, you think about convenience, entertainment and networking opportunities. Common app examples include requesting transportation, adjusting our home thermostat, accepting a LinkedIn invite, posting on social media or playing a game. This is the reality of our evolving lifestyle and is the world that we live in today.
Another reality is that our everyday app use and access to social media increases our personal privacy risks. For example, while you are thinking about convenience, entertainment and networking opportunities – so are the cyber thieves and ID theft criminals who are leveraging your social networks and apps to do their dirty work. Common social media examples include fake LinkedIn invites, fake Facebook accounts, fake Twitter accounts, fake reviews, and even fake news.
Over the last few years, cybersecurity research has shown that most social media scams were manually shared, where the scam spread rapidly. These scams are lucrative for cybercriminals because people are more likely to click something “posted by a friend.” The mobile threat, including mobile apps, have also been ripe for attacks, as many consumers associate cyber threats with their PCs and neglect even basic security precautions on their smartphones.
Consumers need to be reminded that apps and social media can track your search engine history, purchasing habits, geographical location, and even look into your files and contact list – all without your knowledge and sometimes without your permission. The type of personal information being collected and sold includes your smartphone’s unique device ID, phone’s location, phone number, your age, gender, likes, dislikes, search-engine habits, e-mails, usernames and more to third party marketers and data brokers.
So, returning to facial recognition and the extremely popular facial recognition app called FaceApp, you may want to read this article titled All your friends are posting aging selfies with FaceApp – a Russian app that’s raising privacy concerns (please see here).
Essentially, FaceApp is a photo editing app where you can see what you would look like with a beard, gray hair, and even wrinkles. Unfortunately, to use FaceApp you have to give it permission to access all your photos along with access to Siri and Search. In addition, FaceApp has access to refreshing in the background – “even when you are not using it, it is using you,” according to Rob La Gesse, former vice president at Rackspace, who shared his FaceApp thoughts on Facebook on Wednesday, July 17, 2019.
Based on the above, here are my five tips to help you minimize your privacy risks:
Limit and/or eliminate sharing your personal information online.
- Increase your privacy awareness by reviewing and adjusting your privacy settings.
- Be aware that some apps reset your privacy settings during major upgrades.
- Learn more on how the apps you have installed use your personal information and for what purposes.
- Consider using “privacy assistant software” to help keep your privacy preferences current.
In conclusion, I will ask the same question again: when was the last time you read the terms and conditions or adjusted the privacy settings of your smartphone apps or social-media accounts?
Mark Pribish | Vice President and ID Theft Practice Leader