Connect with us

Social Media

Facebook private status updates made public by Storify

Private status updates on Facebook by private users and in secret or private groups are never private, especially with the help of Storify.

Published

on

facebook groups

facebook groups

Private social media updates made public through Storify

Julie Pippert, Founder and Director of Artful Media Group, known speaker and communications expert shared with AGBeat how she discovered what she believes to be a flaw in the popular service, Storify, making selected private Facebook status updates from personal profiles, private and secret groups visible to anyone and completely public.

Storify is a free content curation tool wherein users can pull social elements like photos, videos, and status updates from social networks, combining them into one single embeddable widget that is perfect for bloggers and digital publishers, telling the story of an event in its entirety through social reactions. It’s a clever and popular service that brags, “streams flow, but stories last.”

Unfortunately, that has been proven true of private Facebook status updates, no matter a user’s privacy settings, as using the Storify app to grab updates immediately pulls not only the quote from the status update, but the user’s profile picture which is linked to their account, the timestamp of the original status update on Facebook, and the original link.

Below is what a user with the Storify Google Chrome Extension sees on an update I posted in a Secret Facebook Group (note the word “Storify” which is the mechanism that immediately pulls all of the aforementioned data into Storify):

storify

When published in Storify, it appears like so (embedded using the Storify code provided by the service):

This is an example taken from a Secret Facebook Group comprised of a handful of very close friends, where we talk about sensitive health issues each of us have, which would obviously be detrimental for the public to see.

Now, if you are not a member of the secret group, you cannot see anything else inside of the group or who the members are, you do not have additional access to other status updates, but my face and name are now associated with a sensitive topic that the public can see, should another group member have innocently pulled the update as they saw it in their timeline, not realizing it was from the group, or simply not thinking Storify would authorize such a move.

Storify users can only pull status updates from people they are connected with socially, but their privacy settings matter not, and they can pull in status updates from private groups to which they belong, and while none of this offers a window into those users’ accounts or into the secret groups, the Storify tool can turn private Facebook updates public, even if only one at a time.

The discovery of the ability to bypass privacy settings

Pippert discovered this bypass through what she calls a “faux pas accident” by using the Storify app, sharing a friend’s Facebook update who felt her privacy settings were as private as they could possibly get, surprising both women at how easily a private account could become public, even if it was only one status update.

“I felt so terrible about what happened that I started digging and checking,” Pippert said, “and I figured out that although anything can be copied, screen captured or otherwise shared, anyone who installs the Storify app can do it with one click, even if it is marked or otherwise set to be private.”

Pippert explains that she shared a friend’s update about Superstorm Sandy which was very heartwarming, but when she notified her friend, both were alarmed that it could be used publicly, and no matter the content, her friend did not want her name used publicly, which is often the case for executives or government employees whose contracts forbid them from commenting publicly to the press or otherwise.

No notification, reminder, or restriction

Neither Storify or Facebook offered any notification that the content was in any way restricted or private, and there is no way for users to opt out of their content being shared on Storify, even if implied via their ultra private settings on their Facebook account.

“I really like storify and it is so useful, especially with the Chrome app, for capturing content for my job and topics that matter in my work. It’s incredibly efficient,” said Pippert. But she notes that “End of day, you just have to be prepared to have some of your content used beyond in your little sphere. But the people using it have a responsibility too. What that is isn’t exactly clear in every case. We do all have to be responsible with content we put out through social media, even privately. My friend put out great content that reflected well on her. But she didn’t want her name out there publicly.”

“Storify enabled me to nearly bypass that, against her wishes,” Pippert said. “After we talked, I offered to remove her quote.”

What about private accounts on Twitter?

When a Storify app user clicks “Storify” next to a public Twitter user’s update as a means of adding that update to their Storify stream, the following appears:

storify

And when a user attempts to Storify a private user’s update, it doesn’t offer any explanation or notice that you cannot do such a thing on a private user’s account, rather it turns the screen black like so:

private twitter update

Secret Facebook Group updates no longer secret

We noticed some major differences between how Storify reacts to private Twitter updates and Facebook updates, with users being able to read Facebook status updates in a Storify stream that would otherwise be private.

If your company has a Secret Facebook Group where you collaborate, your prayer group has a Private Facebook Group where you share personal intentions, or your friends have a Secret Facebook Group to talk about their abusive husbands, all of that is private within Facebook, but Storify grabs the information, and it becomes a Storify update with all of the attached data.

Take note that the embedded status update above has actually been deleted from Facebook, yet you can still see it on Storify. That is troubling. Here is a screenshot in the event someone at either company tweaks something and it disappears.

It’s time to look at the connection between Storify and Facebook

While there is not likely any malice by Storify here, or even Facebook in how they structure data differently than Twitter, the ability to inadvertently share private information is all too easy with Storify, and Facebook, who is famous for keeping data on their servers even after users delete photos and the like. It’s not in Facebook’s interest to get rid of any data points, as their bread and butter is ad dollars based on aggregated data, and it is not in Storify’s interest to get rid of data points, as they paint an accurate picture of a user’s status update, unfiltered.

Pippert concludes, “It might ultimately be a human problem to solve: capture content from others mindfully and use it thoughtfully, with good communication. Let others know you’re using the content and make sure you are clear to friends your preference about your content being redistributed.”

This is yet another reminder that anything you say anywhere on the web, private or not, is always subject to being shared via third party apps, screenshots, or good old fashioned copy and paste, so never say something online that you wouldn’t say in public, because there really is no such thing as privacy, which is sad and unacceptable, but true.

Regardless of human behavior, the connection between Twitter and Storify proves there are ways to actually protect private information, so it is clearly time to examine the connection between Facebook and Storify.

[pl_alertbox type=”info”]

More reading:

Storify Co-Founder implies nothing on Facebook is private
[/pl_alertbox]

Social Media

Instagram now lets you create and share fundraisers

(SOCIAL MEDIA) If you’ve been wanting to start a fundraiser for something you care about, Instagram’s new feature lets you do just that. Go check it out!

Published

on

Instagram Fundraiser

Instagram announced last week that it has launched a test for a Personal Fundraiser tool on its platform. The feature will allow users to start their own fundraiser if it complies with guidelines or choose an existing cause to support. The launch began in some US, UK, and Ireland markets and is available on Android and iOS.

In its announcement, the company confirmed that since January, more than $100 million has been raised for COVID-19 across Facebook and Instagram (also owned by Facebook), citing that donations on Instagram have doubled in the US in the past 30 days. The announcement said, “from people raising money to buy medical equipment for Black Lives Matter protesters, rebuilding Black-owned small businesses affected by COVID-19 and funding educational resources related to racial justice, people are eager to mobilize around causes they care about.”

Personal Fundraisers are short-term and meant to serve time-sensitive causes, with the initial duration lasting 30 days with the option to extend for an additional 30 days. Users must be 18 to create a fundraiser and have a designated bank account in which funds can be deposited. Donations will be processed through Facebook Pay, which also powers Instagram’s new shopping features. The platform covers fees for non-profits, but not for Personal Fundraisers. Donors can choose to keep their information hidden from the public, but organizers will be able to see user names and donation amounts.

To start a Personal Fundraiser, users with access to the feature can tap “Edit Profile”, “Add Fundraiser”, followed by “Raise Money”. They can then choose a photo, select the fundraiser category, and write out a story to encourage donations. When approved, users will be able to raise funds.

Instagram says it will expand the number of users who have access to this feature in the months ahead, as well as give users access to share fundraisers both in their Feed and within Stories. Fundraising features already offered by the company include Donation Stickers for Stories and a Live Donations feature for live streams.

This feature is similar to the fundraising feature already available on Facebook, Instagram’s parent company.

Continue Reading

Social Media

Should you be Facebook friends with your boss?

(SOCIAL MEDIA) Are there times when it makes sense to connect with your boss and team on Facebook? Or is LinkedIn enough?

Published

on

facebook friends

Just as we learn, grow, and change in life, so does our use of social media platforms and technology in general. It makes sense though – when hot new programs come out and “everybody’s doing it” (thinking of you MySpace and Plaxo), it’s easy to create a user profile to see what you think of the platform.

You may be a heavy user at first (looking at you Facebook) and then back off, only to use it for certain functions (Groups and Events for example). In the interim, you may have joined Instagram because for some reason it seemed simpler and light-hearted. And don’t let the new, shiny things coming out pass you by without at least seeing if you like them, or if they help entertain you and connect you to loved ones (looking at you Snapchat and TikTok).

Amongst some doubt of new or potential users in the mid-2000s after Facebook opened up to those outside of universities, we have to admit that Facebook has had a longevity that some of the other platforms have not. It allows you to keep your personal network in one place as well as your photos, significant dates, your career changes, events, and even see what your cousins are up to. It almost feels like once you’re invested, it’s hard to get out.

The thing is, there is definitely a grey area on who you accept as a “friend”. It really is up to each person’s comfort level on who they want to be connected to, and how much sharing they do on the platform. This article isn’t going to address Facebook privacy concerns and data sharing, but we do encourage you to look in to those if that is something that is important to you. It’s a similar idea with LinkedIn – some people are happy to connect with anyone and everyone, while others prefer to keep their connections to those they personally know and/or have worked with.

This story is addressing a question as it relates to an article in Inc. about whether or not is it’s ok for managers and employees to be “Facebook friends”, and some other tricky professional situations. We have to look at few things first, including the evolution of our use.

Since Facebook was made available to everyone, we have gone from a simple profile picture, relationship status (oof), and random updates about our breakfast/dentist appointments, to joining interest groups, sharing news articles, promoting brands and memes at a mind-boggling rate. Many people have considered deleting their Facebook profiles due to a high level of negativity, privacy concerns over their data and pictures, and how ultimately, scrolling your newsfeed can be a total time suck.

Many stay on because they are in groups (like super amazing, supportive, and popular ones such as Austin Digital Jobs) that they enjoy, and it’s a way to stay connected with others. This has felt true especially during COVID-19 where many people have lost their social outlets, networking opportunities, and have not been able to get together in person. Social media has also been a useful platform for small business owners and entrepreneurs to run a business page at minimal costs (free unless they run advertising), and reach out to customers. Facebook (owner of Instagram) also seems to have been making strides this year to better support small business owners.

So, should you be Facebook friends with your boss?

That is up to you (we are not here to tell you how to run your life) and while many have said, “Nope” in a super unofficial survey of 30 respondents, there were a couple of interesting perspectives:

“Since I’m my boss, twist on my answer… I don’t yes any professional that asks to be FB friends. That’s what my page is for. I even have a canned response that says this because I get so many asks. My personal FB is for actual friends of mine. I didn’t want to yes my MIL either. I have her on the restricted list.”

“I guess it depends. I’m friends with my boss and most of my coworkers. Creative shop within a corporation … about 45 strong. We are tight.”

“If you love your job and you love your boss then I think it is ok. I work 2 part-time jobs and both of my bosses are amazing! I am friends and Facebook friends with both of them.”

“I’m fine. I don’t post much on Facebook anymore. My bosses are all fairly chill. ”

“I have been Facebook friends with previous bosses while they were my boss. I am not with my current boss, but I’d be fine with it if we were. I don’t post anything too crazy, and I tend to over share in the office already. I like to be an open book. Tiktok would be different though… ”

For some who are part of a start-up or smaller team where collaboration and getting to know one another  are supported (thinking teams of 10 or less, hey AG Staff Writers), this may be more of the ‘norm’ and acceptable. However, the majority of people do not want to be “Facebook friends” with their boss to draw a line between work and personal sharing. Many people also mentioned that it varied if they chose to be Facebook friends with their colleagues, although they seem to be more open to colleagues vs. direct supervisors.

This seems to reflect back on how you use Facebook and if sharing your weekend or family photos is not something you want everyone to see. On the flip side, if you’re not sharing much, maybe you’d be OK with being connected there. A more professional way of connecting with your supervisor and others at work is through LinkedIn, and is in fact, highly encouraged.

Continue Reading

Social Media

Could TikTok soon be banned in the U.S for privacy breaching?

(SOCIAL MEDIA) TikTok, a video content social media giant, has been deemed a potential national security risk by the U.S Federal government.

Published

on

TikTok is banned

U.S lawmakers are calling for a full investigation into TikTok, the fifteen second video app with almost 180 million downloads, after expressing concerns of a privacy breach by the Chinese government.

TikTok’s Chinese parent company, ByteDance, purchased the platform originally known as musical.ly in November 2017. Since then the social media app worth an estimated $150 billion has almost 180 million downloads in the U.S, and 800 million downloads worldwide.

According to Secretary of State, Mike Pompeo, the U.S has reason to believe the Beijing-based company, ByteDance, may have been coerced into handing over data to China’s communist leaders. The app’s Founder, Zhang Yiming, and TikTok’s spokesperson responded to the accusations with the following statement: “TikTok is led by an American CEO, with hundreds of employees and key leaders across safety, security, product, and public policy here in the U.S. We have no higher priority than promoting a safe and secure app experience for our users. We have never provided user data to the Chinese government, nor would we do so if asked.”

We don’t know if we believe you TikTok.

TikTok received over 500 legal demands, including emergency requests, in the first six months of 2020. TikTok has also previously confirmed that the app stores user data on “U.S-based servers” withdrawn from phone downloads. Information includes IP addresses, messages, location information, and according to Pompeo, “sensitive information”, exposed by data breaching that disregards American rights to privacy and potentially violates national security guidelines.

Company employees may live in the U.S, but with its head of operations stationed in Beijing, pressure from the Chinese Government to provide user information is a very serious concern for Americans using the app. 41 percent of its users are part of Generation Z, a highly influential, social media-friendly age group, ranging between 16 and 24.

A sense of invincibility within this age range encourages users to use the app without caution of personal information that may be provided or derived off your phone after installation. In the past two years, social media platforms such as Facebook, Instagram, and Twitter have also been criticized for not abiding to lawful privacy standards.

ByteDance has halted the use of its corporate office in Beijing and is looking to establish headquarters within the U.S or under new management.

The U.S. government is seriously considering banning the use of TikTok.

Continue Reading
Advertisement

Our Great Partners

The
American Genius
news neatly in your inbox

Subscribe to our mailing list for news sent straight to your email inbox.

Emerging Stories

Get The American Genius
neatly in your inbox

Subscribe to get business and tech updates, breaking stories, and more!