Forbes Magazine recently ran a very interesting article (“Facebook’s Top Cop,” March, 2012 issue) about the world’s largest social site, and the fine edge between socializing on the web and your privacy. We’ll note a few highlights here today (for the full text, see the March 12, 2012 issue, p. 95).
If you think of Facebook as the third largest country in the world, since by membership size it essentially is, you get a sense of the enormous task faced by its security staff. From malware miscreants like the Russians that unleashed a worm that turned users’ computers into slave bots, to spammers who flood the site with violence and porn, or swindlers who milk it for profit and pedophiles on the prowl for minors, the wards of Facebook need to be constantly vigilant about hackers, malicious apps and porn purveyors.
The site’s “Top Cop”, Joe Sullivan, a former federal prosecutor, and his team of 50 security pros are required to make daily decisions about how much user information to give when law enforcement comes calling. They also actively police the site for user data worthy of volunteering to authorities. Says Sullivan, “We err on the side of not sharing and have picked quite a few fights over the years.”
Facebook will, upon request, provide authorities with basic subscriber information – name, email, IP address. Everything else, they say, requires a warrant.
Sullivan says that “99.9% of the time, when Facebook resists a government request for more information, the government backs down.” But at the same time, Facebook has little tolerance for privacy claims when it comes to two major areas: fraud, and the treatment of children.
When local authorities contact Facebook on an emergency basis – say, for help locating a missing child – Facebook assists, quickly. Recently, they helped Florida police recover a child within 30 minutes by supplying them with the IP address and location information for the last sign-in of a user suspected of abducting the child.
In another case, here in Indiana, proactive policing by Sullivan’s team led to a potential pedophile being fingered, “a youth pastor and children’s sports coach using fake accounts to try to engage kids with our site.” They called the Indiana FBI and sent them their information.
The “Facebook Patrol” has a few activities they say will get you pulled over by their cyberpolice, including… uploading child porn (every photo gets scanned by Microsoft’s PhotoDNA software to look for matches to known images)… uploading copyrighted material, violent images or nudity… changing your birth date frequently, especially above and below the age of 18… sending friend requests that trend to 80% female… or signing in from a new country unless you have many such people in your friends list.
It’s all about that fine balance between protecting users’ privacy, their fourth amendment rights, and the integrity of one’s site, versus the demands of responsible policing in our highly socialized Internet age.