Product Reviews

Welcome to Consumer Reports.

We’re so glad to have you as a member. You now have access to benefits that can help you choose right, be safe and stay informed.

Facebook's biggest privacy risk: How to beat it

Shut the door on crooks and snoops—even the IRS

Published: March 25, 2014 08:00 AM

Find Ratings

What's the risk of someone finding out things about you on Facebook that you don't want them to know? It's high enough that about one in four Facebook users resort to falsifying information about themselves in their profile, the annual Consumer Reports State of the Net survey has repeatedly found. We described many of Facebook's privacy risks in our report, "Facebook & your privacy."

One particular risk deserves your attention right now, because it involves exposing sensitive information about you to just about anyone—including employers, insurance companies, and government agencies (can you spell Internal Revenue Service?).  

I’m referring mainly to your status updates and photos that are labeled with the word "Public," or sometimes labeled with just a small circular icon resembling the planet earth. Those items can be viewed by just about anyone with an Internet connection and some curiosity. Some information in your Facebook profile, such as your home town, school attended, and Likes, can also be similarly exposed.

Why is this so risky?

First, obviously, is that a stranger or criminal can find out a lot of personal things about you. Do you really want anyone like that reading all about your passions, day-to-day activities, family, and anything else you may have unwittingly left exposed over the years?

More pointedly, though, personal information data that's Public is the only kind that businesses and government can freely access and collect about you on Facebook without either having to ask Facebook for it or getting a search warrant. And collect they do.

A prime example: The website of Social Intelligence Corporation says that the company "accesses, reviews, and reports information that is publicly available online. Our proprietary technology searches millions of websites, including the most well known social networking websites."

Its services include "employment background screenings, insurance claims investigations, corporate due diligence, and Government services." The screen below shows what kinds of organizations pay Social Intelligence for such information.

All this is perfectly legal, according to the company because, it says, its service "adheres to the guidelines of the Fair Credit Reporting Act (FCRA) and is compliant with Federal and State law." But even if it is legal, the delivery of sensitive information about you to an employer or insurer can still adversely affect you.

Social Intelligence itself reports that "over 43% of hiring managers have uncovered material online that has caused them not to hire an individual." The company doesn’t mention whether those managers obtained such material through Social Intelligence or some other source.

On its website, the company also reports just how much potentially damaging material was posted by job candidates (presumably screened by Social intelligence): "48% of candidates screened indicated drug or alcohol usage, 28% made comments discriminating on the basis of race, gender, religion, etc, 24% lied about their qualifications, and 50% posted explicit or inappropriate photos."

For more tips on protecting your security and privacy, visit our guide to online security.

Your Facebook Wall has ears

As if delivering your background and past activities on a silver platter wasn’t enough, Social Intelligence offers its clients a service called Continuous Insight, which keeps an eye on your ongoing behavior through "real-time monitoring of employee's public online activity." Based on the data collected about your day-to-day activities, an employer can get customized alerts and monthly reports.

Your employer does have a legitimate need to know, for example, whether you're abiding by its social media policy or disclosing its trade secrets. And I certainly don't endorse any behavior that, posted publicly, would rightfully get you in trouble with the law, an employer, or your loved ones. But you should exercise your right to keep information private that you don't want public.

How to shut the door on snoopers

While Facebook’s privacy controls are far from perfect, they are the main way to restrict access to nearly all your Public information. Around one in five Facebook users don't take advantage of these, our latest survey found. You should.

First, you may want to quickly check on which of your information on Facebook is currently exposed to the public. The Facebook page below shows you how to do that.

How to see your "Public" Facebook info
First click on the little lock, then on “Who can see my stuff?" Then click on "View As".

The easy-to-follow Consumer Reports video, "Setting Facebook privacy controls," shows you exactly how to restrict access to every status update you've posted to your wall since you joined Facebook, as well as those you post in the future.

That trick, which should take you about a minute to accomplish, will help ensure that no client of Social Intelligence Corporation will be able to read all about your political views or even what you had for dinner last night. The video also shows how to restrict access to your photos and profile, and how to remove tags of you from photos.  

—Jeff Fox

Find Ratings

Computers Ratings

View and compare all Computers ratings.

E-mail Newsletters

FREE e-mail Newsletters! Choose from cars, safety, health, and more!
Already signed-up?
Manage your newsletters here too.

Online Security News


Cars Build & Buy Car Buying Service
Save thousands off MSRP with upfront dealer pricing information and a transparent car buying experience.

See your savings


Mobile Get Ratings on the go and compare
while you shop

Learn more