jump to navigation

A real world example of the privacy risks behind social apps October 20, 2009

Posted by jonathanpenn in identity, privacy.

For the past few months I had become an accidental crusader against the site myspaceprofiles.org (I’m not linking to it for a long list of reasons, as you’ll no doubt intuit from this post). First off, let’s clearly state that myspaceprofiles.org is not affiliated with the social site MySpace – and therein lies one of the problems. It appears to be a dating site, but the people on its site are not willing “members”: they are MySpace users whose personal information, posts, pictures (including copyrighted material) have been sucked out of MySpace by an application on that social network and posted to a site that looks like a dating service.

The privacy risks of applications on social networks like MySpace or Facebook have been known and written about for a while now (eg, here and here and here), but I’ve never seen such hard evidence of the abuse before. For some of the MySpace victims, these results show up pretty high on the list when they’re Googled, and that can be a big embarrassment, if not a problem, or at least an embarrassment.

I’m not even sure this is that huge a deal in the scheme of things. But when I hear from an effected twenty-something “I’ll never put up any data on the Web again”, I gotta think this is an issue worth looking at.

Serendipitously, I learned about all this right as I was getting briefed by the Public Internet Registry (who runs .ORG top level domain) about their efforts “advocating for a safer global Internet community.” After an initial briefing, and fantastically responsive and helpful follow up by PIR’s Sr. Marketing Communications Manager Thuy LeDinh , I learned that there are limits to how safe, secure, and trusted .ORG can be – and the other TLDs are a lot worse of course.

But the short of it was that despite this being a scummy site, a violation of the developer’s agreement with MySpace, uncountable copyright violations, general misrepresentation of the people on the dating site, ignoring opt-out requests that it had set up on those pages, and even popping up pornography ads (adding insult to the victims’ injury!) — there’s nothing .ORG can seemingly do about this because the site isn’t engaged in illegal activity.

I consider myself a big believer that the Internet should be a place for free speech and free expression. But the fact that these poor people have no recourse seems somehow to fly in the face of other ideals I have about what’s just and giving people practical avenues through which their grievances can be addressed.

So I’m left with a few questions:

  1. Many people have discussed the folly of putting up embarrassing information. But now it seems like simply using these sites and posting innocuous information can still lead to embarrassment. Given that social networks are becoming such an ingrained fact of life – will we all come to regret it?
  2. Can anyone police the Internet at all? Or is that a fool’s errand?
  3. And why doesn’t MySpace go after a site like this?


1. Adam Bullock - October 21, 2009

Never heard of the site, and I’ll spare them the extra traffic and just visit vicariously through your description of the site. You would think there was something MySpace could do…

Regarding your second question, policing the Internet is pretty much impossible. So much data growing exponentially, it would be quite the task.

jonathanpenn - October 21, 2009

Perhaps the Internet never “grow up”, and always remain the digital equivalent of the Wild West — and perhaps that’s a good thing, all in all. It makes what PIR is doing (and it’s success with DNSSEC) all the more impressive, however limiting it may be.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: