Oct. 16, 2023
Beyond likes and shares: A how-to guide to social media privacy
In today’s digital age, social media has become an integral part of our lives, connecting us with friends, family and the world at large. However, amidst the buzz and excitement of connecting, you may forget that your online presence is a valuable asset that needs to be protected, and that privacy and safety should be prioritized over convenience.
“You often don’t really own anything that you put online,” says Dr. Joel Reardon, PhD, associate professor in the Department of Computer Science at the University of Calgary. “You sort of give away your rights to some giant organization, and then it’s free to be used however they deem appropriate.”
A lot of giant entities like Meta — which owns near-ubiquitous platforms like Facebook, Instagram and WhatsApp — use a “walled garden model.” Reardon explains that social media platforms use this model to try and keep their users engaged within the “garden” of their own platform, making it difficult for users to leave, to choose different platforms, or to check that safeguards for data security and privacy are effective. A walled garden’s purpose is to create a captive audience whose data is extensively captured for targeted advertising purposes with a limited ability to delete or transfer that data out.
“Having a curated user experience may seem convenient, but unfortunately, it can also mean users have limited control over their data once it is entered into the platform's ecosystem,” says Mark Sly, director, IT security and architecture. He explains that this data can be used for targeted advertising and user profiling, which raises concerns about privacy.
Here are a few tips on how you can prioritize privacy and be mindful of what you share online, and with whom.
1. Think before you share
Before hitting that “Share” button, take a moment to consider the potential audience that will see your content. Information can easily be shared and disseminated beyond your intended circle.
While sharing vacation photos can be exciting, think about who knows where you are and what they could do with that information. Would you be comfortable with your entire neighborhood knowing you’re not home? What about the company you’re interviewing with seeing your party posts? Is the image you’re presenting the “right fit” for their company? What about sharing pictures of your birthday in real time even though many organizations rely on your date of birth for identity verification?
Cybercriminals can use any and all information you provide online to try and scam you. Be wary of social engineering practices like smishing that targets individuals over text messages, phishing, quishing (malicious QR codes) and other online scams. Learn more
Generative AI and deep-fake technologies are also reasons to think twice before you share something online. These technologies create content based on data they are fed and are often used to create highly realistic and often misleading videos and images of people saying or doing things they never actually did.
“If there is enough content about you online, then the ability to replicate it is going to be trivial,” says Reardon.
2. Customize privacy settings
Familiarize yourself with the privacy settings on social media platforms and personal devices. A lot of settings are not in the apps themselves, but rather within the main privacy settings for iOS and Android devices. Advertising ID, for example, is one setting that users should turn off.
“Advertising ID’s only purpose is to track you across apps,” says Reardon. “It’s a device-identifier that works to collect data used for advertising purposes.” At one time there was nothing that could be done about it, but current operating systems now allow it to be turned off.
Turning off the Advertising ID on your personal device gives you the control to reset or limit how advertisers are tracking you and your device, thereby limiting targeted advertising.
3. Strengthen your passwords
An easy step to keep your social media accounts safe is to remember password best practices. A strong password is your first line of defence against unauthorized access to your accounts. Avoid using simple or common passwords and practise using a mix of random words or a paraphrase which can also include uppercase and lowercase letters, numbers and special characters. A password length of 12 characters or more is ideal.
And remember not to use public information in your passwords. For example, studies have shown that one-third of American pet owners have used a pet’s name as a password, even after posting about them on social media. Fortunately, many social media platforms and other password-protected services already require more complex passwords.
Always, always turn on multifactor authentication for your personal and work accounts!
4. Regularly review and update your account activity
Carefully review your activities on all social media channels. By frequently checking your account activity, you can watch for suspicious activity and monitor login locations and devices that may be connected to your account. If any suspicious activity does occur, you can act quickly to secure your account and change all your passwords.
Being proactive about your privacy on social media is not just about data protection; it’s about taking control of your digital identity and making a choice about what you share online.
Make sure to do your due diligence online, stay cybersafe and share your knowledge with others. For more information, visit UCalgary’s IT Security website and read the Top 10 Cybersecurity Tips, our Social Media Awareness page and much more.