10 Privacy Blunders That 2010 Will be Remembered For

Privacy. It was the social media buzzword of 2010, for sure. Just as quickly as the power and popularity of social networking grew, so too did the public’s concern over who knew what, where, when and why. From the American public remaining a bit confused about online privacy throughout the year, to Google CEO Eric Schmidt for advising those same, wary Americans to just change their names, what a year it was.

And here we unveil the year’s 10 biggest online privacy stories, in no particular order, but blunders were they all…

  1. Facebook Apps Farm Data – In October the Wall Street Journal broke the news that many Facebook apps, including “FarmVille,” “Texas HoldEm Poker,” “Mafia Wars” and “FrontierVille” leaked users’ personal data to third-party advertisers and Internet tracking firms. With 550,000 apps on Facebook, and 70 percent of account holders using apps each month, this security breach was a serious risk. Facebook quickly fired back, calling media reports of the breach “exaggerated,” but was soon forced to explain itself. The House of Representatives’ Bipartisan Privacy Caucus, led by Edward Markey (D-Mass.) and Joe Barton (R-Texas), demanded a formal letter from Facebook CEO Mark Zuckerberg detailing how his company planned to address the security slip-up
  2. Twitter Targeted – This was the year that Twitter learned the hard way what Facebook and Google have long known, with popularity comes scams and attacks. First, in September, came the “Twitter Worm,” a scripting flaw that allowed hackers to insert malicious codes into hundreds of Twitter feeds. Then, in December, users saw a new security alert for the site where hackers looked to Twitter’s Trending Topics on the site’s home page to find and select tweets that contained a popular topic and a shortened URL. The original URL was replaced with a different shortened URL that took users to a malicious Web. The problem with this scam came with Twitter’s up-to-the-second updates which gives scammers an endless supply, and, Tweeters themselves fascinated by whatever is the day’s hot topic. And, just a day later, a new worm hit mobile Twitter that used Goo.gl links to spread and either took over users’ accounts, or created new ones.
  3. Feds Enter Privacy Fray – It only took privacy breaches involving Twitter, then widgets, then Android and the iPhone, then Facebook apps, and, finally, Firesheep, for the federal government to step in and, you guessed it, create a committee and release a report. The Obama administration, in October, announced it would form a subcommittee to advise the White House on issues of Internet privacy and commerce. Two months later, the U.S. Commerce Department released its own much anticipated, 88-page report on online privacy that called for the creation of an online “Privacy Bill of Rights” and a new federal office to develop and oversee those guidelines.
  4. Geo-Location Locates You – Location-based social networking sites like Foursquare, Gowalla, Loopt and Facebook’s Places were all the rage in 2010. But while the “geosocial” trend grabbed the spotlight, so too did concerns that the sites’ ability to let users “check in” and notify friends of their whereabouts was as much a privacy concern as it was fun. While Disney World partnered with Gowalla and Places unveiled shopping deals, the U.S. military dealt the trend a blow. In November, the U.S. Air Force sent a memo to its commanders warning the applications are precise enough to pinpoint a person’s location on a map and cautioning troops that “careless use of these services by airmen can have devastating operations security and privacy implications.”
  5. Google “Buzz” Fizzes – In February, Google’s latest step into the social media world was quickly met with opposition from those who wished to keep their private lives just that, private. In the case of Buzz, a class-action suit was filed against Google because the private personal data belonging to Gmail users was made available to the public without permission, or knowledge, of its users. The company addressed the feature’sprivacy problems by letting users select the information they want to be public, but the “buzz” from users continued to sting.
  6. Google “Street View” Crashes – The online search giant was forced to admit in May that its “Street View” cars used to collect images of public buildings and roads had also recorded fragments of people’s online activities broadcast over public wireless networks for the past four years in more than 30 countries. The revelation came amidst months of legal wrangling as Google sought to expand the feature in more privacy-strict Europe and Asia abroad. Spain joined Germany, South Korea and Switzerland in seeking to block the feature, but, flexing its muscle once again, Google prevailed, launching the feature in Germany, and showed no signs of slowing down.
  7. “Do-Not-Track” Emerges – If “privacy” was the buzzword of 2010, coming in a close second was “Do Not Track.” The proposed tool, which would give consumers a way to “opt-out” of releasing their private data to advertisers, quickly swept the online world as the solution to all privacy concerns. Mozilla explored anti-tracking features for Firefox, while the advertising industry jumped ahead with their own policy, in hopes of heeding off what will likely be stricter regulations from the FTC and, possibly, Congress and the White House. Left to be determined is whether a “Do Not Track” feature would even work for the Web.
  8. “Firesheep” Roams Wi-Fi – Late October saw the release of “Firesheep,” a Firefox Web browser plug-in that took advantage of public Wi-Fi’s loose security settings to hack into 26 sites, including Foursquare, Twitter, Facebook, Yahoo, Google and the New York Times. The brainchild of Seattle software developer Eric Butler, Firesheep was an easy and quickly downloadable tool that signaled when anyone on an open, or Wi-FI, network visited an insecure site, and then allowed users to log in as them. The plug-in sparked the creation of “BlackSheep” and other tools to put malicious Firesheep users out to pasture, but not before Firesheep was downloaded more than 200,000 times after its release.
  9. Twitter Caught in “Idiocy” – Building on “Firesheep,” London-based software developer Jonty Wareing created a Web tool called “Idiocy,” which was used to monitor Twitter accounts being accessed on unsecured public Wi-Fi networks. The tool searched for users logged onto Twitter at their local Starbucks, for example, and, once found, hijacked their session with a tweet explaining what happened. Luckily for those tweeters, Wareing designed Idiocy as a teaching tool rather than a hacking device. In a message on his site, he explained that he was merely demonstrating the security risks people subject themselves to when accessing Twitter on public Wi-Fi networks.
  10. MySpace Slips – Once the premier social networking site, MySpace was forced to reinvent itself this year, but not before falling down to privacy flaws of its own. In May, the Wall Street Journal first reported that MySpace was among the social networking sites that had been sending users’ data to advertising companies without consent. After the report, MySpace promised to stop, but the problems continued, as it was found that when account holders clicked on MySpace ads, their unique IDs were transmitted, revealing their location and personal photos. The site released new privacy settings in August, the first changes in two years, but still ended the year behind both Facebook and Twitter in popularity.