Evan Schuman: Hijacked by social media
- 21 January, 2014 15:02
A bizarre case of social networking coming up against local police has arisen in Massachusetts, where a 32-year-old Beverly man was jailed because Google+ sent an email using his name without his knowledge. Turns out Google+ sent it to the man's former fiancee, who had a restraining order against him, prohibiting all contact.
Now that must have been an interesting conversation with police. "No, Officer, honest. I didn't send it. The social networking site I use sent it, all on its own. Funny, huh? [Pause] No, the handcuffs aren't too tight." A Massachusetts judge is now trying to clean the case up.
Although that example is certainly extreme, Google+ is far from the only company that wants to send messages on behalf of customers without their knowledge. When Starbucks announced a program with Twitter late last year, it required customers to link their Twitter and Starbucks accounts. Why? "By linking your accounts, you authorize Starbucks to access your Twitter account and post on Twitter on your behalf. If your Twitter account settings are set to 'protected,' you will need to go to Twitter and change this setting in order to send an eGift using the Program."
Both Facebook and LinkedIn also seem to send out missives in their users' names and without their knowledge. Facebook users have been complaining about friend requests going to people they never invited, and LinkedIn participants have at times learned that invites had gone out under their name without their knowledge.
The social sites usually say that such automatic behavior was accepted by their users, who didn't object when notified. But the notifications are in teeny-tiny print that goes unnoticed in routine email alerts ostensibly about something inoffensive, if not downright boring. You know the kind of thing I'm talking about: "We are thrilled to tell you today -- in this 19,000-word email -- about why we chose this shade of blue for our homepage. Let's go through a detailed analysis of every other shade that we considered." With a start like that, not many people are going to get to the part 20 pages in where the company casually slips in something actually worth knowing, such as, "In the unlikely event you ever say the word 'like' between noon and 11 p.m. EST, you have signed over all of your worldly possessions to us." Or that the company will be contacting the users' friends, families and business associates to do a little marketing in the users' names.
Those automatic messages can be a problem even for people who don't have restraining orders issued against them. They can be a problem even for large businesses. The prospect of a self-driving social engine is a nightmare waiting to happen.
It isn't that hard to imagine. Say that you're an executive entering into highly sensitive negotiations with Apple. The Apple executives that you're dealing with are now in your email contacts list. Eagle-eyed Google spots them and sends them an invitation in your name to join you on Google+. The Apple executives are less than thrilled to see you mentioning Google, much less endorsing it. At your next meeting, things are awkward, and you're not sure why.
How about this possibility? You've applied for an IT job at Dunkin' Donuts headquarters. Because you entered into an obscure agreement during a Starbucks promotion, that company is able to send out a tweet in your name extolling its coffee. Now, why haven't you heard back from Dunkin' Donuts? you wonder. The interview seemed to go great.
Or let's say that the social site's automated email software has a glitch -- it could happen, right? Because of the glitch, not one message goes out to everyone on your list, but 1,000. You're suddenly shunned as a spammer.
This is the thing: If you allow an automated script to do anything under your name, you're asking for it.
Many executives are leary of letting 21-year-old interns interact with clients via email. So why in the world should they trust a software program controlled by the marketers at a large social networking site to do it? They shouldn't, of course, and neither should you. Do what you must to make sure that every message with your name on it is actually from you.
Evan Schuman has covered IT issues for a lot longer than he'll ever admit. The founding editor of retail technology site StorefrontBacktalk, he's been a columnist for CBSNews.com, RetailWeek and eWeek. Evan can be reached at firstname.lastname@example.org and he can be followed at twitter.com/eschuman. Look for his column every Tuesday.
Read more about social business in Computerworld's Social Business Topic Center.
Join the Computerworld Australia group on Linkedin. The group is open to IT Directors, IT Managers, Infrastructure Managers, Network Managers, Security Managers, Communications Managers.
- Cost of a Privacy Act breach could extend to ongoing audits: legal expert
- How Hunter Water is saving $50k a year in software licences
- NSW government invites registrations for ServiceFirst contract
- Audit agency does BYOD with BlackBerry
- Telstra breached privacy of over 15k customers: Privacy Commissioner
Cost of a Privacy Act breach could extend to ongoing audits: legal expert
If you haven't retired Windows XP and haven't been fired yet, get busy
Turnbull asks how the NBN got that way
Turnbull asks how the NBN got that way
Vodafone launches smartphone app for encrypted calls