December 15, 2010 – A not uncommon complaint about Facebook and other social media sites is that the sites promote unauthorized connections between members or between members and outsiders — all with the goal of increasing the number of members and the usage of the sites. I know this happens, because it happened to me — with Facebook extending “friendship” invitations to individuals without my knowledge or permission.
How Facebook happened to pick these potential friends — spyware, data mining, sheer guessing — is not clear. What is clear, however, is that even small scraps of personal information may be used to help make connections that hungry social media purveyors then try to use to their advantage.
In a recent example, Science News reports that Cornell University computer scientists found that, comparing the locations of photos posted on the Internet with social network contacts, as few as three "co-locations" for images at different times and places could predict with high probability that two people posting photos were socially connected.
The results have implications for online privacy, the researchers acknowledge. Clearly these implications also apply to the financial services arena, where knowing that wealthy individuals were connected with, say, a certain insurance company, could pose a security risk to the individuals.
"Inferring Social Ties from Geographic Coincidences" is reported online in the Proceedings of the National Academy of Sciences. According to Science News, the researchers used a database of some 38 million photos uploaded to the Flickr photo-sharing website by about a half million people. The time and place where photos were taken was provided by GPS-equipped cameras or by people who used Flickr's online-interface to indicate the location on a map. Anyone can read this information from a Flickr page.
The article added that Flickr also offers a social networking service, and computer analysis showed that when two people posted photos several times from the same locations (often famous landmarks) and at about the same times, this was a good predictor that those people would have a social network link.
Maybe you’re thinking that this is a minor problem, but if a criminal wants to find out more about a high profile target — either human or corporate — being able to identify individuals who know the target could provide the needed access.
“It's surprising — and not in a reassuring way — that so much information comes from so little,” says Jon Kleinberg, one of the Cornell professors who conducted the study. “You go through life and leave all sorts of records. You're conveying information you deliberately wrote but also conveying broader information. Our research is trying to provide a way of quantifying these risks.”
“While it's obvious that a photo you post online reveals information about what is pictured in the photo, what is less obvious is that as you post multiple photos you are probably revealing information which may not be pictured anywhere," another researcher adds.
The point is that computers are continuously improving their ability to extract or to accurately speculate on information that could or should be private. Social media sites are replete with such information, images aside. Insurers, on the other hand, cannot afford to dip their toes in such waters, and should be highly reluctant to utilize such sites for their commerce where even the most innocent-seeming information could be used for nefarious purposes.
This commentary originally appeared on Insurance Networking News.