Privacy and social media investigation: how I tracked down an entire family from one tweet

Last Saturday I presented to students taking part in the brilliant Young Journalist Academy.

The topic was “New Media” (not my title) and the primary aim was to get them up and running with their own blog and learn to publish online.

However, I also knew it would be the perfect opportunity to gauge just how aware a group of bright, 16 and 17-year-olds were on the issues of web privacy and of just how easy it is to track down information about people online.

The case study I included shocked them, especially when it came to Facebook privacy.

I won’t be publishing it online in order to protect the identity of the individuals involved. However, I have been asked to explain the process I went through to obtain the information that I did. This is the purpose of this post.

It frightens me how simple it was to get all that I did.

Step 1
I chose a few keywords “gunfire, shot, attack, missile” and ran them through Twitter search. Most of what I get back is utter rubbish. However, a few genuine tweets shine out. One in particular is particularly interesting: it references the first name of a person and says they were coming under attack. It also uses some army jargon that seems genuine.

Step 2
I check the Twitter profile of the tweet. It provides me with what looked like the real name of the person tweeting, a profile picture, the town they live in and a profile description which connects them to the US military.

Step 3
I use Google to search for their full name and the town in which they live. This brings up two results on White Pages. One of these is associated with a person who had the same first name as the person mentioned in the original tweet. It looks like I may now have their home address and phone number (I haven’t called to check though).

Step 4
I use Google again to search for the full name of the person mentioned in the tweet and find a Linkedin profile that matches the name and location. It also provides a military job title that makes perfect sense in the context of the tweet.

Step 5
I conduct a number of Google searches that include the name of the person mentioned in the tweet, their location and their job title in an attempt to find out more information about where they might be.

This is not so easy, but thanks to a local military historian and an interview with someone else on a military history website I can make a very good guess at the regiment they serve in and where they are currently stationed. I imagine if I hadn’t come to this topic cold, I could find more ways to search or, indeed, could make a few useful phonecalls at this point…

Step 6
Google again. This time I search for both the name of the person in the tweet and the name of the tweeter. This brings up a profile on the website of a small business.

The “About Us” section has an entry about the tweeter. They are a member of staff. There is a profile picture (the same one used on Twitter), job title and some friendly information about them confirming: that they are married to the person mentioned in the tweet, how long they have been married, the names of their children, their email address and the organisations that they volunteer with in their spare time.

Step 7
I Google (again) the name of an organisation I now know the group the couple volunteer for. It has a public Facebook page. One scan for the tweeter’s first name on that page uncovers comments left by a Facebook profile that the couple share.

Step 8
Clicking onto the couple’s Facebook profile reveals that they must have Facebook’s recommended privacy settings. This means that all their past profile pictures are publicly visible. So, I now have a lovely family photo to go with the names of the couple and their children.

Step 9
The couple have also been fantastically diligent with linking up with family members on Facebook. This means I now also get to see a list of profiles for the extended family. I learn the maiden name of the wife. It also turns out her mother has no privacy settings on her profile at all – her wall and all her photos are available to browse.

However, I don’t browse them.

I’ve gone from one tweet to knowing an entire family’s names, location, address, contact details, what they look like, how they are connected to the military and, potentially, where a part of the US army is coming under fire.

I stop there because I am already completely freaked out by just how far I’ve already got from a few Google searches.

It’s easy to say it’s incumbent on the individual to protect their own privacy, but it’s hard to see how we can always stop this type of jigsaw identification of people online. Sometimes people are mentioned online without them even knowing. Certainly having stricter default Facebook privacy settings would help, but it’s not the only answer.

The PCC has started to issue guidelines to journalists about how they use information from social media profiles in their stories and anything obtained online is still subject to the “public interest” test. However, the “reasonable expectation of privacy” guidance doesn’t feel that well tested yet – especially when you can easily build up a picture of someone from fragments from numerous public websites. I’d be interested to get some more information about the law in this area.

Even if it had, I am sure there are those who would still be interested in using this type of technique for their own purposes and would not feel bound by any ethical code…

Microsharing – a future we’re ignoring?*

Today, in an attempt to get people talking about something I’ve been mulling over for a while, I had thought I accidentally invented an awful new word: Microsharing

Luckily,  I hadn’t.

Some chap called Tony Obregon (I’m guessing this  Tony Obregon) did the hard work slapping it up on Wikipedia back in 2006.

However, I’m slightly miffed we haven’t got around to talking about it from the perspective of making money from content until 2011. Hopefully, this post gets the ball rolling.

So to microshare is:

…to offer access to a select piece or set of digital content by a specific group of invited or otherwise privileged guests in a controlled and secure manner.

So, why does it interest me?

Well, in what was a glorious example of perfect linkbait keyword combos, a VC chap named Bradford Cross recently put across his view on how the iPad would destroy print journalism.

Most of what he was saying has been said a million times before, but when Bradford starts thinking about how payment models might integrate with the social web it suddenly gets interesting:

What should I be able to do with that Economist article?  Should I be able to share it à la carte so I can discuss it with the people I want?  Should I be able to share it within my network, or within the intersection of my network and the network of paying Economist subscribers?

Should I be able to share it publicly?  Maybe I could share it with a special shortened link that encapsulates a special key – that key could charge me if I share it with my friends and I want them to read it, or it could charge the clicker of the link if the Economist decides to allow à la carte payment on some new kind of media platform.

This is the first time I’ve seen anyone think beyond the “if it’s not free it can not be shared on the social web” line… and I’ve been looking out for someone to do it for quite a while!

In real life humans are perfectly capable, and generous enough, to purchase something of value to them and then to loan or give it to someone they care about, trust, or share an interest with. It’s a nice thing to do. We feel good about it, especially when we loan something to someone who finds it really valuable too.

However, with the social web this doesn’t happen. Shared stuff is either free and shared with everyone or it’s paid for and can be shared with no one (unless they too feel compelled to pay for it).

Why the difference, if paying for stuff doesn’t stop us sharing it in real life? Perhaps the social web hasn’t yet evolved to a point where we can share like this as easily as we do in real life?

I think it might be rather nice to have something in the middle: a “licensed sharing of paid-for content“. I think it might even create another strata of the online gift economy.

The trick, however, is to find a way to do it that moves beyond voucher codes and limited previews and puts the power to share in the hands of the person who has paid.

I like the idea of integrating with an existing network then defining the people you want to send the content too (much like you would send an link out to a group in an email). I’m told, however, this is may be too laborious.

So I’m wondering what you think? Do we need it? If so, what form do you think it could take?

*Or, following the Bradford Cross school of post titling: “Why microsharing will destroy the future… OF EVERYTHING”

**And Kindle have on this very day announced book lending – microsharing in action! 🙂

QIT #5: The two most valuable assets for sustainable online journalism?

This really is not thought out as well as I’d like, but it seems important so here goes:

In search of the sustainable business model for online journalism it seems to me that there are two areas that are key:

1. Well-organised data

News is information, information is data. The better the structures you have in place to organise and classify that data, the more likely you will be able to sell what you have as a unique service. You also have a better ability to repurpose, reinvent and diversify what you do for the changing needs of clients/customers.

2. A loyal network

In journalism you are nothing if you don’t have a community backing you. Newspapers need readers, sites need users. Online is no different, you may have the scale, but you also need some form of loyalty and personal buy in to what you do. These are the people who are of interest to sponsors/advertisers and they also might save you if times get tough.

How to approach social media like a grown up

I have just come across this presentation made by Sacha Chua for IBM called “Gen Y Guide to Web 2.0 at Work”:

It was linked to from a Read Write Web article called “Why Gen Y is Going to Change the World” which is also worth looking at.

There are many people that feel uncomfortable operating in the public sphere of the web, yet it can reap such fantastic benefits.

Web 2.0 … The Machine is Us/ing Us

I remember being shown this video by Pete Ashton, about the same time as I first dipped my toe into the blogging pool. I watched it again today in amazement at how much more I understood about social media and how much I still had to learn.

If you haven’t seen it (and I know it has done the rounds on the web for over a year) it is an introduction to the social Internet by Michael Wesch, assistant professor of cultural anthropology at Kansas State University.

I’ve realised I need to keep re-visiting it as I make my mistakes and learn my own lessons about the web. So, I thought I’d post it here:

[youtube=http://www.youtube.com/watch?v=NLlGopyXT_g]