Private social media updates made public through Storify
Julie Pippert, Founder and Director of Artful Media Group, known speaker and communications expert shared with AGBeat how she discovered what she believes to be a flaw in the popular service, Storify, making selected private Facebook status updates from personal profiles, private and secret groups visible to anyone and completely public.
Storify is a free content curation tool wherein users can pull social elements like photos, videos, and status updates from social networks, combining them into one single embeddable widget that is perfect for bloggers and digital publishers, telling the story of an event in its entirety through social reactions. It’s a clever and popular service that brags, “streams flow, but stories last.”
Unfortunately, that has been proven true of private Facebook status updates, no matter a user’s privacy settings, as using the Storify app to grab updates immediately pulls not only the quote from the status update, but the user’s profile picture which is linked to their account, the timestamp of the original status update on Facebook, and the original link.
Below is what a user with the Storify Google Chrome Extension sees on an update I posted in a Secret Facebook Group (note the word “Storify” which is the mechanism that immediately pulls all of the aforementioned data into Storify):
When published in Storify, it appears like so (embedded using the Storify code provided by the service):
This is an example taken from a Secret Facebook Group comprised of a handful of very close friends, where we talk about sensitive health issues each of us have, which would obviously be detrimental for the public to see.
Now, if you are not a member of the secret group, you cannot see anything else inside of the group or who the members are, you do not have additional access to other status updates, but my face and name are now associated with a sensitive topic that the public can see, should another group member have innocently pulled the update as they saw it in their timeline, not realizing it was from the group, or simply not thinking Storify would authorize such a move.
Storify users can only pull status updates from people they are connected with socially, but their privacy settings matter not, and they can pull in status updates from private groups to which they belong, and while none of this offers a window into those users’ accounts or into the secret groups, the Storify tool can turn private Facebook updates public, even if only one at a time.
The discovery of the ability to bypass privacy settings
Pippert discovered this bypass through what she calls a “faux pas accident” by using the Storify app, sharing a friend’s Facebook update who felt her privacy settings were as private as they could possibly get, surprising both women at how easily a private account could become public, even if it was only one status update.
“I felt so terrible about what happened that I started digging and checking,” Pippert said, “and I figured out that although anything can be copied, screen captured or otherwise shared, anyone who installs the Storify app can do it with one click, even if it is marked or otherwise set to be private.”
Pippert explains that she shared a friend’s update about Superstorm Sandy which was very heartwarming, but when she notified her friend, both were alarmed that it could be used publicly, and no matter the content, her friend did not want her name used publicly, which is often the case for executives or government employees whose contracts forbid them from commenting publicly to the press or otherwise.
No notification, reminder, or restriction
Neither Storify or Facebook offered any notification that the content was in any way restricted or private, and there is no way for users to opt out of their content being shared on Storify, even if implied via their ultra private settings on their Facebook account.
“I really like storify and it is so useful, especially with the Chrome app, for capturing content for my job and topics that matter in my work. It’s incredibly efficient,” said Pippert. But she notes that “End of day, you just have to be prepared to have some of your content used beyond in your little sphere. But the people using it have a responsibility too. What that is isn’t exactly clear in every case. We do all have to be responsible with content we put out through social media, even privately. My friend put out great content that reflected well on her. But she didn’t want her name out there publicly.”
“Storify enabled me to nearly bypass that, against her wishes,” Pippert said. “After we talked, I offered to remove her quote.”
What about private accounts on Twitter?
When a Storify app user clicks “Storify” next to a public Twitter user’s update as a means of adding that update to their Storify stream, the following appears:
And when a user attempts to Storify a private user’s update, it doesn’t offer any explanation or notice that you cannot do such a thing on a private user’s account, rather it turns the screen black like so:
Secret Facebook Group updates no longer secret
We noticed some major differences between how Storify reacts to private Twitter updates and Facebook updates, with users being able to read Facebook status updates in a Storify stream that would otherwise be private.
If your company has a Secret Facebook Group where you collaborate, your prayer group has a Private Facebook Group where you share personal intentions, or your friends have a Secret Facebook Group to talk about their abusive husbands, all of that is private within Facebook, but Storify grabs the information, and it becomes a Storify update with all of the attached data.
Take note that the embedded status update above has actually been deleted from Facebook, yet you can still see it on Storify. That is troubling. Here is a screenshot in the event someone at either company tweaks something and it disappears.
It’s time to look at the connection between Storify and Facebook
While there is not likely any malice by Storify here, or even Facebook in how they structure data differently than Twitter, the ability to inadvertently share private information is all too easy with Storify, and Facebook, who is famous for keeping data on their servers even after users delete photos and the like. It’s not in Facebook’s interest to get rid of any data points, as their bread and butter is ad dollars based on aggregated data, and it is not in Storify’s interest to get rid of data points, as they paint an accurate picture of a user’s status update, unfiltered.
Pippert concludes, “It might ultimately be a human problem to solve: capture content from others mindfully and use it thoughtfully, with good communication. Let others know you’re using the content and make sure you are clear to friends your preference about your content being redistributed.”
This is yet another reminder that anything you say anywhere on the web, private or not, is always subject to being shared via third party apps, screenshots, or good old fashioned copy and paste, so never say something online that you wouldn’t say in public, because there really is no such thing as privacy, which is sad and unacceptable, but true.
Regardless of human behavior, the connection between Twitter and Storify proves there are ways to actually protect private information, so it is clearly time to examine the connection between Facebook and Storify.
Storify Co-Founder implies nothing on Facebook is private
Facebook’s Résumé takes another shot at LinkedIn
(SOCIAL MEDIA) Facebook took another swipe at LinkedIn by introducing a new Résumé feature.
Any job hunter is likely familiar with the little section somewhere during the application process where you’re asked to enter in social media information. Thankfully, Facebook is usually an optional field.
While I try to keep what the public can see of my social media profiles toned down enough as to not cause my grandmother to blush, I’m still not quite comfortable sharing my profile with prospective employers.
I’m sure many out there feel the same, and Facebook knows this.
Tinfoil hat theories aside, LinkedIn may be shaking in their boots as Facebook begins to advance their growth in the professional sector in their pursuit of social media domination.
Facebook has begun experimenting with a new Résumé/CV feature that works as an extension of your standard “Work and Education” section on a Facebook profile page, allowing users to share work experience in more detail with friends and family but most importantly: potential employers.
Luckily, the new Résumé/CV feature won’t be sharing personal photos or status updates, but will rather combine all the relevant information into a single, professional-looking package.
So far this feature appears to be rolled out to a small number of users, and it’s unclear when it will be officially launched, but this isn’t the first time Facebook has dipped their toes in the waters of the job sector, or took a jab at LinkedIn.
Several months ago, Jobs was launched, a feature that allows Business Pages to post job openings through the status composer, and keep track of them on their Page’s Jobs tab.
A Facebook spokesperson commented on the intent behind the new Résumé/CV feature, “At Facebook, we’re always building and testing new products and services.
We’re currently testing a work histories feature to continue to help people find and businesses hire for jobs on Facebook,” and so this is just the beginning of Facebook’s plan to become a one-stop-shop and create a more seamless way for people to find and get jobs.
Tag photos, connect with friends, order food?
(SOCIAL MEDIA) Facebook seems to be sprawling into every nook and cranny of life and now, they’re infiltrating food delivery.
Facebook is now bringing you food! Although, no one was really asking them to.
In the age of Instagram and Snapchat, Facebook is attempting to transform into more than just a social media platform. They have partnered up with food delivery services to help users order food directly from their site.
They hope to streamline the process by giving users a chance to research, get recommendations and order food without ever leaving the site.
Facebook has partnered with their existing delivery services including EatStreet, Delivery.com, DoorDash, ChowNow and Olo in addition to restaurants to fast track the process.
The scenario they imagine is that while scrolling through the newsfeed, users would feel an urge to eat and look to Facebook for their options.
After chatting up friends via Facebook Messenger to ask for the best place to go, users would visit the restaurant’s page directly, explore their menu and decide to order. When ordering, you will have the option to use one of the partnered delivery services either with an existing account or by creating a new one.
The benefit is you stay on one site the entire time. With the time you save, the food can get to you faster, which is a plus for everyone.
Assuming that people already live on Facebook 24/7, this seems like a great update. If you like getting recommendations from your favorite social media resources, it’s even better.
The problem is that in recent years their younger audiences have dropped off in favor of other sites. Regardless of what they think, not everyone is flocking to Facebook for their every need.
My guess is that this service will benefit those already using Facebook, but is less likely to draw new audiences in.
Adding more services may not be the key to success if Facebook can’t refine their other features. They have already been criticized for their ad reporting practices, though they seem to fix everything with a new algorithm.
Facebook has continued to stray away from their original intent, and food delivery won’t be their last update.
Facebook wants to be everything, but not everyone may want the same.
Hate Facebook’s mid-roll ads? So does everyone else
(SOCIAL MEDIA) Those pesky ads that pop up in the middle of that Facebook video, aka mid-roll, seem to be grinding everyone’s gears.
In an ongoing effort to monetize content, Facebook recently introduced “mid-roll” ads into videos by certain publishers, and it has now been testing that format for six months. If you aren’t a big fan of those ads interrupting your content consumption experience, you aren’t alone; publishers aren’t crazy about them either.
In a report on the program, five publishers working with Facebook’s new mid-roll ad program were sourced and all five publishers found that the program wasn’t generating the expected revenue.
One program partner made as little as $500 dollars with mid-roll ads while generating tens of millions of views on their content.
Two other partners wouldn’t specify exact revenue number, but they did acknowledge that the ad performance is below expectations. As far as cost goes, certain publishers mentioned CPMs between 15 cents and 75 cents.
That range is large because a lot of the data isn’t clear enough to evaluate their return on investment. According to the Digiday report, publishers receive data on total revenue, along with raw data on things like the number of videos that served an ad to viewers.
The lack of certain data points, along with the confusing structure of the data, makes it difficult to assess the number of monetized views and the revenue by video. For context, YouTube, as arguably the biggest player in video monetization, provides all these metrics.
Another issue is that licensing deals are cutting into margins. Facebook pays publishers, via a licensing fee, to produce and publish a certain number of videos each month. In exchange, Facebook keeps all money until it recoups the fee, after which revenue is split 55/45 between the publisher and Facebook.
While these challenges doesn’t change the fact that revenue is low, it does make it difficult to dissect costs in a meaningful way.
Why is revenue so low to begin with?
For starters, a newsfeed with enough content to feed an infinite scroll probably isn’t the best format for these kinds of ads. As a user, when I’m watching the videos and the ad interrupts the experience, I’ve always scrolled right on through to the next item on my feed. It’s a sentiment echoed by one of the publishers in the Digiday story.
Because of that, Facebook’s new Watch program, which creates a content exclusivity not found on the news feed, might produce better results in the future. Either way, Facebook will need to solve this revenue challenge for publishers, or they might pull out of the programs altogether.
Target’s plan to beat Amazon involves more openings
Moocha.io sources classes for you to get smarter
Giving kids smartwatches might not be too smart
Get your team on the same page with Slite
Mac Minis are alive and well according to Cook
A few smarties are trying to create space cryptocurrency via Bitcoin
Microsoft’s Autism Hiring program really is driving innovation
Workey is your AI solution to job searching
LL Bean just stole the show with their invisible ink ad in the NYT
iPhone 8 Plus devices allegedly split open while charging #splitgate
Amy’s Ice Cream founder on Austin’s business risks and rewards #WhyAustin
Turns out a lot of people are in between introverted and extroverted
P. Terry’s founder on the booming economy in Austin #WhyAustin
Ladies and gentlemen, the U.S. National Anthem
Indeed President, Chris Hyams tells us #WhyAustin [video]
News neatly in your inbox
Join thousands of AG fans and SUBSCRIBE to get business and tech news updates, breaking stories, and MORE!
Thank you for subscribing.
Oh boy... Something went wrong.
Opinion Editorials5 days ago
9 ways to be more LGBTQIA+ inclusive at work
Tech News6 days ago
Russia vetoed cryptocurrency and came back with CryptoRuble
Business News5 days ago
IBM is putting blockchains to work for banks
Business News6 days ago
These stores refuse to start Black Friday early
Business News7 days ago
Amazon is extending its takeover to sportswear
Opinion Editorials5 days ago
“Starting a business is easy,” said only one guy ever
Tech News6 days ago
Time is money and Clockify helps you make the most
Tech News6 days ago
Microsoft’s overseas email storage piqued the Supreme Court’s interest