Site icon Sophos News

Facebook fallout: How to protect your data

Is it time to end your Facebook life?
Not deactivate, mind you – actually end things once and for all.
In the wake of Facebook having failed to protect user data from being drained by Cambridge Analytica, we’re talking about what’s involved in permanently deleting data that Facebook holds on us.
That’s likely to be too extreme for many of us. But at the very least, it’s definitely time to check Facebook privacy settings, audit Facebook apps, and consider turning off API sharing.
But first, a quick recap: over the weekend, news emerged about Facebook having lost control of 50 million users’ data.
Facebook, after a week of questioning from investigative reporters at the New York Times and the Observer, suspended data analytics firm Cambridge Analytica and its parent company Strategic Communication Laboratories (SCL), as well as data analytics specialist and Cambridge Analytica founder Christopher Wylie.

How do we escape?

If you’re not ready to part with Facebook entirely, you should at least take a look at who and what you’re sharing your information with on Facebook. That would entail the obvious:

Check your privacy settings

We’ve written about this quite a bit. Here’s a good guide on how to check your Facebook settings to make sure your posts aren’t searchable, for starters.
That post also includes instructions on how to check how others view you on Facebook, how to limit the audience on past Facebook posts, and how to lock down the privacy on future posts.


Those are just part of our 3 ways to better secure your Facebook account, so it’s also worth checking out that article to make sure you’re doing all three.
Next, it’s time to….

Audit your apps.

You should always be careful about which Facebook apps you allow to connect with your account, as they can collect varying levels of information about you.
Case in point: the recent revelations about Cambridge Analytic center around an app, thisisyourdigitallife, that not only took personal data from the 270,000 users who willingly signed up for this personality test, it also scraped the profiles of users’ friends – which is how we got to that astronomical number of 50 million users having their information plundered without permission.
Unless you’ve locked down your privacy settings correctly – see above – the apps, games and websites that your friends use can also access your personal details, photos and updates.
If you yourself have used Facebook to sign in to a third-party website, game or app, those services may continue to access your personal data.
To audit which apps are doing what:
1. On Facebook in your browser, drop down the arrow at the top right of your screen and click Settings. Then click on the Apps tab for a list of apps connected to your account. This takes you to the App Settings page.
2. Check out the permissions you granted to each app to see what information you’re sharing and remove any that you no longer use or aren’t sure what they are for.
3. Below the summary of which apps are sucking what out of your neck is an innocuous looking gray box called Apps Others Use, with this brief description: “People who can see your info can bring it with them when they use apps. Use this setting to control the categories of information people can bring with them.”

Click Edit and there you will find a list we call “Holy mackerel, people can get all that?!

Make the changes and click Save to button up your privates.
If you’re using the Facebook app you can access the same information by pressing the burger menu at the bottom right of your app, then choosing Settings and Account Settings. You’ll then find a menu option for Apps from which you can remove or restrict apps.

Turn off API sharing.

The Electronic Frontier Foundation (EFF) put out this guide to opt out of platform API sharing.
It does so with an apology: we shouldn’t have to “wade through complicated privacy settings in order to ensure that the companies with which you’ve entrusted your personal information are making reasonable, legal efforts to protect it,” but, well, recent events make clear that we can’t leave it up to Facebook to protect our privacy.
1. As above, visit the App Settings page.
2. Click the Edit button under Apps, Websites and Plugins. Click Disable Platform.

3. If that’s too much, you can, again, limit what information can be can be accessible to apps that others use. See above!
And finally, if you’re ready to disengage entirely, there’s the cut-it-out-completely option:

Delete your profile.

This is a lot more serious than simply deactivating your profile. When you deactivate, Facebook still has all your data. To truly remove your data from Facebook’s sweaty grip, deletion is the way to go.
But stop: don’t delete until you’ve downloaded your data first! Here’s how:
1. On Facebook in your browser, drop down the arrow at the top right of your screen and click Settings.
2. At the bottom of General Account Settings, click Download a copy of your Facebook data.
3. Choose Start My Archive.
Be careful about where and how you keep that file. It does, after all, have all the personal information you’re trying to keep safe in the first place.

You ready?

Have you downloaded the data? Have you encrypted it or otherwise stored it somewhere safe? OK, take a deep breath. Here’s comes the doomsday button.
Go to Delete My Account.
There. That’s done. Now all you have to do is listen to friends and family lament your Facebook death. Maybe it will start some conversations about why you felt deleting your profile was necessary.
If you want to share your Facebook exodus stories with us in the comments section below, please do: we’re all ears.

Exit mobile version