The Net Delusion - Evgeny Morozov [89]
Thus, even if an online social network is of minimum intelligence value, being friends with the wrong people provides evidence that can be used in court. Previously such information was hard to discover; often dissidents took extra efforts to conceal it. Belinda Cooper, an American activist who spent the late 1980s in GDR and was a member of several dissident environmental groups, writes that one of the rules practiced by the dissidents entering and leaving East Germany was to “never bring address books when going to the east (as border guards could and would photocopy them).” Today the situation has changed dramatically, as the lists of our friends on Facebook are available for anyone to see. Unfortunately, staying out of Facebook is not a reasonable option for most dissidents. They need to be present in these spaces to counter government propaganda, to raise awareness about their work in the West, to mobilize support for their causes among domestic audiences, and so forth. They may do so anonymously, of course, but anonymity also makes their involvement far less effective. Sakharov’s advocacy would have been far less successful if he hadn’t practiced it openly.
Numerous academic studies confirm that every time we share personal data on a social networking site, we make it more likely that someone might use it to predict what we are like, and knowing what we are like is a good first step toward controlling our behavior. A 2009 study by researchers at MIT has shown that it is possible to predict—with a striking degree of accuracy—the sexual orientation of Facebook users by analyzing their online friends. This is hardly good news for those in regions like the Middle East, where homosexuality still carries a heavy social stigma.
Another 2009 study conducted by researchers at the University of Cambridge, whose report is titled “Eight Friends Are Enough,” found that based on the limited information that Facebook discloses to search engines like Google, it is possible to make accurate inferences about information that is not being disclosed.
Many of the functions that make social networking sites so easy to use—for example, to find one’s friends who are already members of the site—also make it easy to trace identities behind emails or even trace users’ activities across various other sites. Most of us know how easy it is to check whether our friends have already signed up for particular social networking sites simply by granting Facebook, Twitter, or LinkedIn temporary access to our email address book, so that those sites can automatically check the email addresses of our contacts against their lists of existing users. If five of our email buddies are already Twitter users, Twitter can let us know. So far, so good. The problem is that one can do the same operation with one’s enemies as well. Email addresses can be added to address books manually, without ever having to email that person. Thus, just by knowing a person’s email address, it might be possible to find her accounts on all social networking sites, even if she doesn’t use those sites under her real name.
A 2010 study by Eurecom, a French research institute, sought to investigate the security vulnerabilities that such ease of use creates for the user. First, the researchers found 10.4 million email addresses on the Web; then they imported them into their address books; and, finally, they developed a simple script to automatically check with each of the popular social networking sites whether it had any users corresponding to those emails. As a result, they identified more than 876,941 emails linked to 1,228,644 profiles, with 199,161 emails having accounts on at least two sites, 55,660 on three, and so forth (11 people had their email accounts linked to seven social networking sites at once).
As was to be expected, some users who had accounts