Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

Chapter 14

Protecting Privacy and Yourself

Using social media for global security effectively requires that you use it ethically and legally. As you apply the techniques in this book, you will face circumstances where you come across information that someone considers sensitive and private, or use technologies in a way that may threaten people's privacy and freedom of expression. This chapter presents guidelines and tools that help you navigate such circumstances and use social media without infringing and jeopardizing the privacy, rights, and laws of others. It starts with a discussion about why you should care about privacy norms and laws globally, regardless of your authorities, objectives, or views. It then presents a list of guidelines and tips you should consider while using the techniques in this book with concern for people's rights and privacy. Undoubtedly, some will use the techniques without care for privacy and free speech or even abuse it for ill purposes. Thus, this chapter ends with a list of tips and tools for people who want to protect their information and identities from the abuse of the techniques found in this book and elsewhere.

Considering Privacy and Free Speech

Issues concerning people's privacy and their freedom to use the Internet and social media as they please are complex and messy. Organizations, populations, and governments differ widely on how best to handle such issues, and countless factors shape their preferences and views. Regardless of your views, you need to recognize that issues of privacy and free speech seriously influence the techniques you can or should use today and tomorrow. We have a specific viewpoint—that privacy and free speech are paramount and must be protected—and although we would like you to, we do not expect you to agree with us. This is not a book about the ethics of privacy and free speech, but about doing certain things effectively.

Reasons to Consider Privacy and Free Speech

If you want to analyze social media data and deploy crowdsourcing platforms effectively, you must consider and abide by concerns of privacy and free speech. In the past few years, numerous news stories have highlighted how law enforcement and government use of social media is clashing against laws, norms, and concerns related to privacy and free speech. For example, numerous American police departments have faced lawsuits, denunciations from politicians, and criticism from citizens for how they use social media data to identify and catch alleged criminals involved with the Occupy Wall Street protests.¹ The U.S. military has also come under criticism for its use of social media in information and influence operations, and sparked discussions about whether they may be harming people's rights and freedoms.² In many cases, the criticisms and lawsuits have stopped abuse and boneheaded programs, but they are also leaving well-intentioned and competent organizations confused and meek about using cutting-edge technologies. Additionally, continued ignorance or scoffing of concerns about privacy and free speech will eventually alienate populations, whose help you need to provide security in a new world where non-state actors are more powerful, knowledgeable, and influential than ever before.

Apart from influencing your ability to do things, you should pay attention to privacy and free speech because they are essential to the existence and proper functioning of the technologies this book is about. The Internet has given rise to and driven the adoption of incredible technologies such as Twitter and smartphones because it is a hotbed of creativity and interaction. The ability of people to protect their identities and freely express themselves online has generated and sustained much of the creativity on the Internet. If your actions threaten the free speech and anonymity available on the Internet, you erode the very things that make the Internet and social media interesting, useful, and powerful.

Appreciating the Complexity Involved

Despite their influence on effectiveness, we understand that issues of privacy and free speech are much more complicated. In some cases, you may need to infringe on someone's rights for good, such as to catch a murderer or find a missing child. During disasters, you do not care so much about victims' privacy as you do about finding out who they are, where they are, and how you can help them. In other cases, an organization may use the techniques in this book combined with a disregard for free speech to identify and jail dissenters. In even more complicated cases, well-intentioned organizations may go overboard and abuse their authority with poor results. To add to the confusion, policy makers and politicians have barely begun to address related issues. Norms and ethics concerning social media use for security are still emerging. Due to the globalization inherent in the Internet and the ease with which people can interact with each other, the norms and ethics concerning social media use will start to converge globally. The Internet ignores boundaries and connects people and converges their thoughts and ideals. However, clear laws and universal norms will still take years to emerge. Mark Zuckerberg, the founder of Facebook, infamously said that the age of privacy is over and that Facebook is simply reflecting the changes that society is undergoing. He believed the changes are that people have gotten more comfortable sharing things and are less concerned with traditional notions of privacy.³ We think that his comments may accurately describe the situation now. However, eventually the pendulum will swing back and people will become much more concerned with privacy after they start realizing the negative consequences of sharing too much online.

Lastly, we realize that your objectives and reasons for learning about social media and security influence how you consider issues of privacy and free speech. If you are working on behalf of a government, you need to know how you can protect your organization and your citizenry. If you are an individual concerned about your privacy or afraid of backlash from an oppressive regime, you need to know how you can protect yourself.

Due to the complexity involved, we present only a few guidelines about how you can navigate issues of privacy and free speech in general terms. Also, we split the subsequent sections in two to better address the issues from differing viewpoints and intentions. The first section is relevant for organizations that want to analyze social media data and deploy crowdsourcing platforms. The second section is relevant for individuals who want to protect their identities, privacy, and speech.

Warning

We are not lawyers, and we are more familiar with American laws and norms. Check with a lawyer in your region of interest for proper legal advice and to keep abreast of changing laws and norms.

Acting Legally and Ethically

The following guidelines and tips are for those who will be analyzing social media data and/or building and deploying crowdsourcing platforms. We strongly urge you to follow the information in the subsequent sections so you can accomplish your objectives effectively without running into legal or ethical problems.

You should approach the information using two frames of thought. First, consider the information in terms of whether an action or behavior is legal in any jurisdiction in which you are involved. Laws concerning using social media data and technologies differ widely and will likely change soon, but some trends do exist, which we point out. Second, consider the information in terms of whether you believe an action is ethical. We do not intend to be preachy, but you may not have the luxury of abiding by only yours, your organization's, or your country's ethical code. Ethics and norms concerning use of social media data and technologies are changing and differ widely. However, as described earlier, norms and ethics concerning the Internet seem to ignore boundaries and converge into universal norms that you may have no choice but to follow. With these two frames in mind, consider the following guidelines and tips.

Analyze Non-Personal Open Source Intelligence

Open source intelligence is data that is freely available for the public and does not have a covert or secret classification. Although some debate exists about exactly what constitutes open source intelligence, examples include news stories, public tweets, public census information, and articles on Wikipedia. Usually, you can use open source intelligence as you wish, especially when it does not contain sensitive information that personally identifies someone.

All of the techniques we showed you in regards to analyzing data involved analyzing open source intelligence. You also use the techniques to analyze aggregate data and uncover large trends, such as famines and safety conditions, that have little to do with the identities and privacy of people. In some cases, you may care about where a few tweets are coming from but you usually do not care who is sending them, and you do not store or try to uncover that information. Keep in mind that social network analysis is an exception because you are using open source intelligence to track sensitive information about specific people and their social networks.

If you are using publicly available, open source intelligence that does not deal with personal, sensitive information about certain people in your analysis, you are probably fine. Simply put, if you are downloading tweets about a topic from a lot of people without caring about the identities of those people, you are likely fine; if you are downloading tweets only from a specific individual and tracking the tweets of that person, you may be setting yourself up for trouble. Open source intelligence is available for the public to use for a variety of purposes. However, some exceptions and restrictions do exist.

Follow Rules of Social Media Data Sources

Simply because data is available for free or publicly does not mean it does not come with restrictions about how you can use it. If you are downloading social media data from social media companies, you must follow their rules. For example, if you are downloading and storing tweets for analysis, you are technically downloading data that Twitter owns, so you need to abide by Twitter's rules and restrictions. The rules and restrictions are usually commonsensical and what you would expect. According to Twitter's web page, Twitter currently forbids anyone to store non-public Twitter content without explicit permission from a Twitter end user. In other words, you cannot hack into a private Twitter account where only people who the Twitter user authorized can see the tweets, download the tweets, and store them.

Always check the developer rules and regulations of any platform from which you are downloading data. Most major platforms, including Twitter and Facebook, clearly state exactly how you can use their data and exactly what constitutes their data as opposed to private data that no one can use. The rules and regulations may change at any moment, so check them periodically.

In some cases, you can bypass the rules and regulations by subpoenaing the social media companies for the data. In the U.S., police departments have successfully subpoenaed Twitter for tweets concerning protests.¹ Most social media companies understandably do not like being subpoenaed and will resist turning over information about their users to you unless you have a very good reason. These companies depend on their users for their success, and they need to protect them as best they can. Laws and norms concerning subpoenaing social media data are still very unclear, but are emerging.

Do Not Involve Children

Do not analyze data concerning children or knowingly recruit them to participate in your crowdsourcing platform. Several companies and countries strongly discourage organizations and individuals from using data about children under the age of 13. In some cases, government agencies might be able to collect data about children but they are the exception.

In the U.S., a law called the Children's Online Privacy Protection Act, or COPPA, stipulates that websites must notify and obtain consent from parents before collecting, using, or disclosing personal information about children. Even web services that are solely about children's interests cannot skirt the rules. Recently, the U.S. Federal Trade Commission fined an organization that managed websites dedicated to pop musicians, including Justin Bieber.⁴ Simply put, stay away from children under the age of 13.

Identify Extra Restrictions

Usually, militaries and intelligence agencies are given much more leeway with data that originates from overseas or is about citizens of other countries. However, they face extra restrictions when dealing with data that originates from their home countries or is about their citizens. In the U.S., military and some intelligence agencies are not allowed to collect, store, or disseminate information collected on U.S. citizens or citizens from allied countries. The globalization inherent in the Internet adds to the confusion. Most major social media platforms are based in the U.S., and so U.S. law governs them, but some may be based abroad.

Identify restrictions that apply specifically to you, and try to decipher which country the data you are interested in is actually from. Also, U.S. and allied military organizations are typically not allowed to have participants on their influence platforms who are U.S. citizens. When running a crowdsourcing platform, make an effort to understand where your participants are from and whether they are allowed to be on your platform.

Do Not Store People's Personal Information

This guideline relates to the open source intelligence one and reiterates the fact that you should not store or collect personal and sensitive information about individuals unless you need to and have explicit authority. If you collect and store personal information about individuals, you create the possibility that someone may hack into your system and steal and leak the information. If you are going to store personal information, take special steps to guard the information from hackers.

Help Your Participants Protect Themselves

If you are deploying a crowdsourcing platform, implement tools and techniques that help protect the participants' identities from each other and outsiders. Some of the tools, which we describe later, enable participants to hide exactly where they are texting or visiting a website from or what their phone number is if they are texting to you. In some cases you can keep information about them, but you need to make sure that other participants cannot see their personal information. For example, if you are building a website-based intelligence collection platform, you likely do not want the participants' real identities revealed to each other in case they face threats from adversaries posing as participants. You may also not want the participants to reveal too much personal information to you for liability or other reasons. You need to then train your moderators to identify instances in which your participants post sensitive information that reveals their identities, such as their real name or address. The moderators should immediately delete the information and inform the participants of their mistake.

Use your judgment to determine when you need to help your participants remain anonymous. For example, if you are deploying a crowdmap to aid with disaster relief, you likely want people to text in with information that helps you identify them so you or others can help them. On the other hand, in certain dangerous areas, you may want to keep malicious actors from accessing the crowdmap, viewing personal information, and taking advantage of victims.

Solicit Professional Help When Possible

Because laws vary widely from country to country, you should get professional legal help whenever you are launching a major social media project. Online behaviors or online speech that may seem normal and banal to you may be criminal elsewhere. You could jeopardize participants on your platform without knowing it, or download and disseminate information that can get you in trouble later. For example, in Vietnam, citizens are forbidden to post material online that is critical of the government. Three prominent Vietnamese bloggers who posted articles opposing the government received prison sentences of almost a decade each.⁵

Also, consult with area experts before launching a platform targeted at a specific population. In some cases, local governments may be wary of your efforts or even find it threatening enough to shut it down and harass any participants who signed up. In some cases, if a government sponsors a social media platform, you may need to be extra careful about how you use data from that platform.

Value Privacy and Strive for a Good Reputation

Make it part of your objective to act legally and ethically. If you do not, you likely will infringe on a law or norm and face problems. If you use data illegally or deploy crowdsourcing platforms without protecting your participants, word will spread about your misdeeds and incompetence. You may face a backlash, such as angering entire target audiences that will severely impact your ability to build and deploy similar platforms. Or, NGOs and others will hesitate to partner with you or even supply you with data that you may need. If you are a government agency and you misuse social media and identity data, you will anger the public and face a political backlash that could severely curtail your abilities.

This guideline goes back to our tips in Part III of the book about being as honest and transparent as possible about your intentions regarding your crowdsourcing platforms. People do not like being tricked or lied to, and they especially do not like having their personal information and identities misused. If they find out you are being inauthentic or careless, you may suffer in the long term. A recent troubling trend that highlights the points we are trying to make involves military agencies creating fake social media accounts and pretending to be someone they are not in hopes of joining the online social networks of persons or communities of interest. They hope to trick people into engaging with them online and providing them with vital information. Gauging their success is difficult, but the fact that their schemes and intentions are being plastered all over the Internet provides a clue. Also, in some cases, pretending to be someone you are not may be illegal on certain social media platforms.²

As a rule, people on social media are a lot smarter than you think, and they have little problem figuring out who you are and what you are up to. If you do not respect their intelligence and privacy, they will not respect yours.

Imagine and Prepare for the Worst-Case Scenario

For many involved in the security world, the worst-case scenario is when your operational plans leak for everyone to see. Anytime you are embarking on a major analytical or crowdsourcing platform that involves sensitive information, imagine how you will appear if your plans or intentions are leaked. If you believe you will appear as incompetent, malicious, or willing to engage in questionable behavior, you should probably change your plans. This especially holds true when designing and deploying a crowdsourcing platform. When you crowdsource, you involve a lot of people in your plans. Therefore, the chances increase that someone will find out something you do not want them to about your platform and leak it.

When you deal with sensitive information or engage in sensitive operations, something may always go wrong. You should be prepared for when it does, because it probably will.

Be Aware of Changes in Laws and Norms

The number of laws that deal with social media data and crowdsourcing platforms will drastically increase in the next few years. Many of the laws will be confusing and contradictory, and some will directly affect your operations. You need to keep aware of changes in laws and norms, and identify any meaningful trends.

We listed only a few guidelines but many more exist. Read the news, scour the Internet, check out the resources in Table 14.1 at the end of this chapter, and consult with professionals for more information.

Protecting Your Identity and Speech

The following guidelines and tips are for those who are concerned that the content they create on social media will be used in ways they do not approve of, or in ways that hurt them or someone they know. Such people include individuals in the West who are rightfully concerned about privacy and their rights to say what they want on the Internet without it being used to undermine them or threaten their civil liberties. It also includes individuals for whom what they say on the Internet is a matter of life and death, specifically protestors and activists fighting oppressive regimes. The subsequent sections focus on teaching you how you can protect your identity and yourself from the social network analysis tactics or other tactics that you find threatening.

At this point, you may have the important criticism that we will end up teaching criminals, terrorists, and violent rioters how to bypass the very techniques we have been teaching to help you stop them. Although your intention is understandable, the criticism itself is misguided for several reasons. One, most of the techniques in this book do not involve dealing with people's privacy and personal data. They either involve collecting and analyzing aggregate, personally non-specific data, or they involve getting people to work with you on their own volition through crowdsourcing platforms. Thus, teaching people to protect their identities will not have an impact on most of your work. It may even help, specifically in cases where you would like your crowdsourcing participants to protect themselves. The one exception is social network analysis. However, you often need minimal personal information to conduct online social network analysis. Besides, you should gather other information that will help you build a much more robust social network map that takes into account offline relationships. Two, many malicious actors already protect themselves in fairly impressive ways. The ones who do not are usually not as smart, technologically savvy, or do not have the resources and time as others, which describes a large population of malicious actors. Three, we believe that people have an obligation and a right to protect themselves, which, in turn, will improve overall security. The more law-abiding or “good” people can protect themselves, the less likely malicious actors such as identity thieves and oppressive regimes will take advantage of them. Four, improving security is a cat-and-mouse game that requires people to come up with new and better ways of doing things. We hope this book gives you some ideas and tips to innovate and evolve techniques that can defeat the protection techniques malicious actors may use.

The criticism also may not be as relevant because protecting your identity and your social media content is actually fairly easy to do and somewhat inevitable. Many people already do it and as people become more familiar with social media, they will realize the benefits and techniques to protect themselves. Although protecting yourself is not that difficult, it does require you to be sensible about it.

Part of the sensibility involves realizing that social media monitoring by government agencies and others is not as evil or intrusive as you might think. There will be abuses of power, but unless you are an activist fighting an oppressive regime, governments and others are not interested in who you are or what you are saying. We hate to break it to you, but you probably are not as important or interesting as you may think you are. You should probably be more concerned about identity thieves and overzealous marketing agencies that use your social media data to spam you. Still, protecting privacy and free speech is important and you should do your part by considering the following guidelines and tips.

Warning

The following sections only pertain to techniques that involve protecting yourself on social media and crowdsourcing platforms, and from the techniques in this book and in other similar publications. They do not address protecting yourself on the Internet in general, which you should definitely consider. Lots of widely available resources cover that type of information, including http://www.us-cert.gov/cas/tips/.

Set Basic Security Settings

Every trustworthy social media platform you sign up for and use will feature several security settings that help you protect yourself and the content you create. Always make sure to go through your account and privacy settings on any social media site you frequent to make sure only people you are comfortable with can access your data. Many social media sites do not allow others to use your content in any way if you choose the correct security settings.

Another part of going through your security settings is making sure you do not use simple passwords. Also, do not use the same e-mail address and password for multiple platforms. When you link your accounts in this way, a person who hacks into one account will instantly have the e-mail and password to hack into your other accounts.

Do Not Post Sensitive Information

If you do not post sensitive and personal information about yourself on the Internet, people will not be able to find it on the Internet. Sensitive information includes your birthdate and address. Others can use sensitive information about you to not only gain access to your accounts, but also to learn how to pretend to be you and gain access to your online social network.

Be Wary of Enabling Location Services

Many applications and sites request that you enable them to access the information on your phone and computer that tells them your physical location at any given time. Most applications are harmless and use your location to provide you with better, more customized service. For example, the smartphone application Yelp asks you for your location so it can instantly tell you which restaurants are around you.

Although most uses are harmless, be selective about who you provide with your location information. For example, if you provide Twitter your location and do not set appropriate security settings, others can figure out the location from which you are tweeting. They can then use that information to track your physical movements. If you do not receive an appreciable reward or service for enabling sites to access your location information, then do not let them.

Use Technologies That Anonymize You

Most people, especially in the West, do not have to worry too much about whether others know their identity. However, people living in oppressive regimes do have to protect their identity and make themselves appear anonymous when using social media services. If you believe you need to anonymize yourself, use one or a combination of several anonymizing tools.

Some of the most popular anonymizing tools either hide your Internet protocol (IP) address or provide you with a fake one. Every device that accesses the Internet has an IP address, which functions as a way to identify the device. Many websites and applications track your IP address. Your Internet service provider (ISP) provides you with the IP address. Usually, the ISP will provide you with a dynamic IP address that changes over time and switches from user to user. However, the ISPs keep track of who uses which IP at what time in case they are asked about it later by law enforcement.

Figuring out what your IP is at any time is not difficult. You likely leave lots of clues all over the Internet about you and your IP. Many sites do not dedicate a lot of resources to hiding the IP addresses of people who visit them. Some services such as IP2LocationTM (available at www.ip2location.com) let you figure out the physical location from which an IP address originates. The location they provide is not exact—depending on the country and city, they may locate you to a region in the city. However, governments can usually subpoena ISPs for IP addresses and then find out exactly who you are and where you are located.

Tor is one of the most popular ways to anonymize your IP address and identity. Tor is a free service (available at www.torproject.org) that was invented so that dissidents could anonymously post politically sensitive information online without revealing their identity. In simplistic terms, Tor takes the information coming out of your device, bounces it around the world through several other devices, and then finally delivers it to the site to which you want to submit the information. The site only sees the IP address of the last device through which your information went and never knows your actual IP address. You can use Tor in Nigeria to visit a forum, and the forum will think that your IP address originates from Poland. In theory, someone can map out all the devices your information bounced around through; however, in reality, it is close to impossible.

New technologies also adapt Tor and other anonymization tools so they work on mobile devices. For example, Covert Browser (available at www.covertbrowser.com) encrypts and reroutes data you send through your mobile devices. You can also use much less technologically sophisticated methods to protect yourself when using mobile devices. When using dumb phones, make sure to buy a prepaid SIM card and use it to send sensitive text messages. Others will find it difficult to track who bought a prepaid SIM card and who is using the phone.

Another form of anonymization technology makes it difficult for others to keep track of and analyze any content you post on social media. In Chapter 6, we discussed language analysis tools that help determine the authorship of a piece of text. Anonymouth (available at https://psal.cs.drexel.edu/index .php/Main_Page) is a tool that does the opposite by helping you avoid detection and confound authorship detection tools.

Use Social Media Platforms That Hide Your Identity

Instead of using tools like Tor to hide your identity when using social media platforms, you can simply use certain social media platforms that automatically hide your identity for you. Vibe is an example of a social media platform that lets users send messages anonymously, which expire after a selected amount of time, from their mobile devices to other users in a selected physical radius. People have used Vibe to coordinate protests and send each other sensitive information. The messages expire and are not stored like they are on Twitter or Facebook, so others cannot download them if they are not at a certain location at a certain time. The makers of such platforms also rarely cooperate with subpoenas or release sensitive information. Of course, such platforms can be hacked, but others constantly pop up.

Identify Who Is Behind What and Why

Before using a technology, try to figure out the identity and intentions of the organization behind it. In the majority of cases, the identity and intentions are completely harmless and of no concern to you. However, if something seems suspicious, you should investigate. Do not sign up for crowdsourcing platforms without knowing who is behind them and what they will do with any data you generate on the platform. In special cases, you should also keep track of who is creating the devices you are using. For example, Huawei is a Chinese company that makes affordable smartphones for populations in developing countries. Some are suspicious of Huawei and allege that the Chinese government may be putting software on the phones that can spy on their users.⁶ Major American companies that make smartphones such as Apple and Google have also come under criticism for keeping track of their users without informing them.⁷

Use Common Sense and Be Reasonable

Probably the most important tip is to use common sense when using public social media platforms and be reasonable about your expectations. Social media platforms are about letting others see what you are posting and, to some extent, who you are. If you choose to participate in social media, you also choose to give up some of your privacy. Facebook is currently free for anyone to sign up and use. It does not charge you money, but it does expect you to give up a part of your privacy and identity. Any data you share openly on Facebook becomes the property of Facebook, and it can use it as it sees fit.

Also be sensible about what technologies and techniques can help you maintain your privacy. A recent trend has emerged where people post the following as a status update on Facebook to protect their data:

For those of you who do not understand the reasoning behind this posting, Facebook is now a publicly traded entity. Unless you state otherwise, anyone can infringe on your right to privacy once you post to this site. It is recommended that you and other members post a similar notice as this, or you may copy and paste this version. If you do not post such a statement once, then you are indirectly…allowing public use of items such as your photos and the information contained in your status updates.

PRIVACY NOTICE: Warning — any person and/or institution and/or Agent and/or Agency of any governmental structure including but not limited to the United States Federal Government also using or monitoring /using this website or any of its associated websites, you do NOT have my permission to utilize any of my profile information nor any of the content contained herein including, but not limited to my photos, and /or the comments made about my photos or any other “picture” art posted on my profile.

You are hereby notified that you are strictly prohibited from disclosing, copying, distributing, disseminating, or taking any other action against me with regard to this profile and the contents herein. The foregoing prohibitions also apply to your employee, agent, student or any personnel under your direction or control.

The contents of this profile are private and legally privileged and confidential information, and the violation of my personal privacy is punishable by law. UCC 1-103 1-308 ALL RIGHTS RESERVED WITHOUT PREJUDICE

The preceding message has so many inaccuracies and is so useless we do not even know where to begin.⁸ The key point is that such messages do not do anything. Just because you post this as your status update does not mean you gain any form of protection at all. Also, as explained earlier, Facebook does not own all your data. It only owns some data (technically it licenses it without giving you any royalties) and can use it in limited ways, depending on your privacy settings and other factors. Instead of wasting time posting such messages, simply follow the aforementioned guidelines and, except in the most dangerous cases, you should be fine.

Again, we listed only a few guidelines and tips. Whether you are a government organization or a concerned citizen, check out the resources listed in Table 14.1 for more information.

Table 14.1 Resources with More Information Regarding Social Media and Privacy

Resource	Link
Privacy Rights Clearinghouse	https://www.privacyrights.org
American Civil Liberties Union	http://www.aclu.org/
Reputation.com	http://www.reputation.com/reputationwatch/articles/top-five-social-media-privacy-concerns-2012
Electronic Privacy Information Center	http://epic.org/privacy/privacy_resources_faq.html
MobileActive.org How-To's	http://mobileactive.org/search/apachesolr_search/?filters=type%3Ahowto
Safer Mobile	https://safermobile.org
ACLUNC dotRights	http://dotrights.org/

You are now prepared to use social media data and technologies to maintain and improve global security. More so, you can now do it ethically, legally, and effectively. We touched on only a few techniques and technologies. Our intention was to give you an idea of what you could do, not dictate what you should do. Many more techniques and technologies exist, and we encourage you to find, create, tweak, and share them.

Summary

Issues concerning using social media for security while respecting people's privacy, identity, and right to free expression are complex and messy.
Using social media effectively requires being concerned about protecting people's privacy and free speech.
- Misuse of social media data and technologies can result in lawsuits and widespread criticism, which will impact your ability to complete your mission.
- Misuse of social media may alienate populations whose help you need.
- Rampant abuse of people's privacy and free speech online will harm the proliferation and power of the Internet.
Even though ethics and norms concerning such issues are still emerging, you should pay attention to them now.
Issues of protecting privacy and free speech concern organizations that use social media to improve security and individuals who want to protect themselves from abusive regimes.
You can protect your organization, and analyze social media data and deploy crowdsourcing platforms ethically and legally by:
- Analyzing open source intelligence that does not contain people's personal information that can help identify them.
- Following the rules and regulations of your social media data sources.
- Not involving children under the age of 13.
- Abiding by special restrictions relevant to you that typically apply to military and intelligence organizations.
- Not storing people's personal information unless you have permission or authority to do so.
- Helping your crowdsourcing participants protect their identities.
- Soliciting professional legal and area-specific help whenever possible.
- Valuing privacy and maintaining a good reputation concerning privacy protection issues.
- Imagining and preparing for the worst-case scenario.
- Being aware of changes in laws and norms.
Individuals protecting themselves from the techniques in this book will not impact most organizations' abilities to use the techniques to complete their objectives.
- Most of the techniques in this book do not involve dealing with people's privacy and personal data.
- The savviest malicious actors already know how to bypass the techniques that involve using their personal data.
- Individuals who can protect themselves from malicious actors will increase overall security.
- Improving security is a cat-and-mouse game that requires you to improve on our techniques.
As a private citizen, you can protect your identity, privacy, and information by:
- Setting basic security settings on any social media site you use.
- Not posting sensitive information online.
- Being wary about when you let others know your location.
- Using software tools that anonymize you online, such as Tor.
- Using social media platforms that automatically hide your identity and data.
- Identifying the persons or organizations behind the sites or tools you use, and their intentions.
- Using common sense and being reasonable about your expectations when using social media.

Notes

1. Kravets, D. (2012) “Twitter Reluctantly Coughs Up Occupy Protestor's Data.” WIRED. Accessed: 14 October 2012. http://www.wired.com/threatlevel/2012/09/twitter-occupy-data/

2. Fielding, N. and Cobain, I. (2011) “Revealed: US Spy Operation that Manipulates Social Media.” The Guardian. Accessed: 14 October 2012. http://www.guardian.co.uk/technology/2011/mar/17/us-spy-operation-social-networks

3. Kirkpatrick, M. (2010) “Facebook's Zuckerberg Says the Age of Privacy Is Over.” ReadWriteWeb. Accessed: 14 October 2012. http://www.readwriteweb.com/archives/facebooks_zuckerberg_says_ the_age_of_privacy_is_ov.php

4. Singer, N. (2012) “Fan Sites Settle Children's Privacy Charges.” New York Times. Accessed: 14 October 2012. http://www.nytimes.com/2012/10/04/technology/fan-sites-for-pop-stars-settle-childrens-privacy-charges.html?smid=pl-share

5. Hookway, J. (2012) “Vietnam Convicts 3 Bloggers Over Posts.” Wall Street Journal. Accessed: 14 October 2012. http://online.wsj.com/article/SB10000872396390444358804578015383720801250.html

6. Engleman, E. (2012) “Huawei, ZTE Provide Opening for China Spying, Report Says.” Businesweek. Accessed: 14 October 2012. http://www.businessweek.com/news/2012-10-07/huawei-zte-provide-opening-for-china-spying-report-says

7. Newman, J. (2011) “Phone Location Tracking: Google Defends, Apple Stays Mum.” PCWorld. Accessed: 14 October 2012. http://www.pcworld.com/article/226156/phone_location_tracking_google_defends_apple_doesnt_comment.html

8. Ngak, C. (2012) “Viral ‘Facebook Privacy Notice' Is a Hoax.” CBS News. Accessed: 14 October 2012. http://www.cbsnews.com/8301-501465_ 162-57447801-501465/viral-facebook-privacy-notice-is-a-hoax/

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.

Table of Contents for Chapter 14: Protecting Privacy and Yourself

Create new playlist

Sign In

Sign Up