Why don’t MySpace and Facebook have better identity screening?
Sometimes being secure on social networks is easy. It’s easy enough to figure out that the unintelligible friend-request from “younghottie1234″ on MySpace is probably a threat. However, as cyber-criminals grow consistently better at manipulating identity, some questions about social networks’ identity screening process demand answers. Specifically, why don’t social networks like MySpace and Facebook utilize more effective identity screening solutions, especially to protect minors who use the sites?
Obviously, social networks collect lots of data from their users. However, that data isn’t always used effectively or protected as well as it should be. For example, Facebook recently had to upgrade their advanced search feature when a blog post revealed that private information was showing up in search results. In a Times Online article, Jonathan Richards writes that
“anyone could search for a user’s name and, by narrowing the query according to various categories, find out details that the user did not intend to disclose.”
And Facebook is widely considered to have higher privacy levels than some of its competitors. While Facebook users typically use their real names, for instance, other social networks like MySpace and Bebo almost exclusively feature pseudonyms, which further complicates identity resolution.
On these sites, both innocent users and cyber-criminals use fictional names, and that creates a general acceptance of fraudulent identities. According to data compiled by McAfee, many users - especially younger ones - rarely “question the legitimacy of e-mails and have been hit by identity-theft scams and other fraud” (from SeattlePI.com).
These concerns echo questions we asked in a previous post about whether privacy and security is the domain of the people offering services or the users of that service. It seems that when a site’s norm is to obscure identity, that site needs to have protection in place to resolve identities for the protection of all users. Consider MySpace’s troubles with sexual predators. A report by Webroot Software found that
“43% of children aged 11 to 17 who use social-networking sites reported having been contacted online by complete strangers, while 37% said they’ve received a sexually explicit e-mail or pop-up advertisement over the past year.” (from Information Week)
Whatever identity resolution measures MySpace has in place clearly allow a significant number of threats into the system. It seems that better software needs to be deployed, maybe that could cross-reference identities with law enforcement databases. If anonymity is inherent in the public use of so many social networks, the networks need to be able to target specific threats by using real data on the back end.
Subscribe to this blog