Location Privacy
Facebook has lately gotten a lot more interested in attaching locations to status updates and photos.
One route for it to get this information is directly from your device, e.g. from your iPhone location (if you've given it permission) or from your browser's location function.
In Firefox, if you've already given a page permission to access your location, there is no "location manager" to help you see what you've authorized. You can only go per-page and then go to the obscure Tools->Page Info->Permissions tab and then change Share Location.
To globally disable location sharing in Firefox, open about:config and change geo.enabled to false.
See more info in Firefox Location-Aware Browsing FAQ.
In Chrome, it's buried in Preferences... Under the Hood->Privacy->Content Settings... (click the button then scroll down to the Location section).
However, even if you block the browser from sharing your location, it can still be extracted from the information invisibly embedded in your photos. This may be full EXIF-GPS (the exact location the photo was taken, embedded automatically by most cameraphones and by some cameras) or e.g. IPTC keywords giving the location as a text string e.g. "Ottawa, Ontario, Canada". (IPTC actually has many fields for location text strings, including creator contact address and image location broken down into city, province and country.)
It's not clear what Facebook is using and what it is storing. It is certain that in some cases it has enough data to create plots like this of where photos were taken:
(from What Facebook knows about you)
Facebook has also gotten a lot more aggressive about asking for explicit location information, both when uploading (every photo now has an attached location field) and retroactively for albums:
There's not a lot you can do easily to protect your location information. Some basics are disabling the location-aware features in your web browsers, and not completing the blank Location fields Facebook provides. You can also disable location features in your camera phone, e.g. on an iPhone go to Settings->Location Services and either turn Location off entirely (which means maps won't work) or go into the list of apps within Location Services and set Camera (and any other photo apps) to OFF.
Beyond that, you could strip all EXIF information, particularly GPS and IPTC keywords and location fields, but that is often difficult or impossible to do on a camera phone, and awkward to do in photo editing apps (which are more intent on preserving EXIF than destroying it).
Photo Privacy
It is important to realise that there is no "private" on the Internet. There is only "systems attempting to enforce privacy". Systems can be hacked or have holes, intentional or unintentional.
Facebook very much wants as much of your content as possible to be public.
One consequence of this is that every single photo in Facebook has a public URL (a public link) regardless of what limits you have set on it (e.g. "Friends only").
It is easy to find this link for an entirely album. Simply go to one of your albums (your wall photos are also an album). If you don't know how to find albums, go to http://www.facebook.com/media/albums/
Click a photo to go into a specific album. Scroll to the bottom if necessary. You should see "Share this album with anyone by sending them this public link". That's right. Regardless of your photo controls. With anyone. Public link.
It's a bit more complicated to see this with an individual photo, but you can find it: Right click on a single photo within an album, to pull up your browser menu. In e.g. Firefox then do "Open Link in New Tab". At the bottom of the new photo tab that opens, you will find "Share this photo with anyone by sending them this public link".
With "more than 250 million photos uploaded per day" (Facebook Statistics) and Facebook already hosting on the order of 150 BILLION photos (yes, billion, with a "b") that's a lot of surface area for photo privacy attacks.
Facebook doesn't even provide minimal location exclusion features, unlike Flickr, which lets you geofence important locations, so that even if by accident you upload EXIF-GPS data for e.g. your school or your home, Flickr won't display it.
Thanks to Neil Saunders (@neilfws) for getting me thinking about this.
Comments