Three years ago, when Brittany Thorogood was in her early 20s, she received a message from a friend urging her to check out the link they had attached. When she clicked on it, she was taken to a “cam girls” website. She scrolled down the page and was mortified when she saw photos of herself and her friends, along with personal information, posted on the site.
“They took a couple pictures from my Facebook albums,” said Thorogood. “I have no idea how they got there.”
The anonymous poster had intimate knowledge of Thorogood and her friends and created a distorted rumour about them. Their first name and last initial were posted along with their locations.
A few days later, things got worse for Thorogood. She began to receive obscene texts and calls from a number she was unable to trace. Someone had gotten her phone number through her Facebook and began harassing her.
“One said that he was being inappropriate while he was looking at my photo. Then he was asking me to meet up with him,” said Thorogood. “I thought it was a joke. I thought someone was just playing a joke on me until the phone calls started.”
Thorogood and her boyfriend tried tracing the calls, but it all amounted to nothing. Things finally came to a head when her boyfriend answered the phone and told the caller to stop or they would be contacting the police. After three weeks of harassment the ordeal ended and Thorogood stopped receiving the texts and phone calls.
***
David Shipley is the director of Strategic Initiatives at the University of Brunswick and part of their Cyber Security Team. He says these kind of situations can easily become out of control and that often police forces lack the resources to address these cyber issues.
“This kind of case certainly does expose some real gaps in Canadian law,” said Shipley. “It is a challenge and it’s one that is certainly not understood or addressed politically either.”
While all the posts on the third party site were anonymous and untraceable, Thorogood contacted Facebook in an attempt to have them removed.
“They just responded that I needed to make everything private. There was nothing that they could do about it,” said Thorogood.
Thorogood was never able to get the photos removed from the website, nor did she ever find out how or by who her photos and information were obtained.
***
Shipley said Facebook is a free service because terms and conditions allow them to sell private user information to advertisers.
“When a company has that kind of a focus, they’re not all that terribly concerned about privacy issues,” said Shipley. “It’s particularly tough for undergraduate students to seek recourse when this kind of stuff happens. They could address the company directly and request that their photos be taken down but really most of these things are dealt with through legal processes, which can be expensive and often difficult to access.”
The experience has taught Thorogood to be wary of what she posts on social media websites. She looks at recent privacy violations, such as revenge porn, to warn people nothing you put online is private.
“You have to make everything private,” said Thorogood. “Be careful with what you send to anyone, anywhere because they can take it and post it on Facebook or anywhere else online.”
Shipley agrees and said as a rule, when using electronic communications, we should consider whether or not we would want other friends, family or partners to see this information.
He points to Ashley Madison as an example of what can happen when any online platform is hacked.
“It is definitely a challenge because, of course, there are so many different positive benefits to social media,” said Shipley. “But when something is digital, it’s never guaranteed to be private.”
The embarrassment some people have suffered in the Ashley Madison case has even resulted in suicides, according to Shipley. He also says students need to be wary of using devices equipped with GPS when using applications with geolocation technologies. While some people purposely tag their locations, sometimes the information is used without their knowledge.
Girlsaround.me is an app that was designed to collect data using geolocation.
Shipley said they used publicly available information from Foursquare, Facebook or Twitter to locate potential ‘dates’ for users of the app without people even knowing their information was being used in that way.
“Knowledge is your best defence,” said Shipley. “Really getting informed about what you’re consenting to when you provide your information… there is, without a doubt, always an element of risk involved with sharing your information on social media.”
Geolocations are dangerous since they can lead to stalking or cyber stalking. The Marauders Map, said Shipley, was an app that worked with the Google Chrome browser. It used hidden information to show your location in every Facebook Chat message.
“Facebook has since been forced to fix that particular issue,” said Shipley. “But that just highlights that even when you think you’re being secure, you’re still trusting these companies to treat your information securely and that can be a bit of a gamble.”