How to protect your privacy without sacrificing your online existence and why our digital attitudes are about to shift dramatically.
Facebook app on a phone screen

Can you have social media accounts and be safe online?

Our species has undergone a significant shift in the way community is realised. Facebook has 2.2 billion users – about 90 times greater than the population of Australia. 25 per cent of humans use the site at least once a month. It’s quite likely that you’re reading this on a browser that’s also logged into your Facebook account – you may have even found a link to this page through Facebook.

With the recent revelation that Facebook’s third-party application settings once allowed for large-scale transfer of user’s (and friends-of-user’s) profile data, and one particular instance of that data being passed to now-infamous political marketing firm Cambridge Analytica, the core of our relationship with social media feels different and conflicted.

Since the revelation, a #DeleteFacebook movement was trending across a few social media sites, but the story isn’t quite as simple for the majority of users, who rely heavily on social networking.

At our Data61 unit, we focus on deep science and deep tech, alongside exploring the cultural, social and economic risks and benefits of technology. Part of our mission is furthering the interests of Australian community, and privacy is a major factor in much of the work we do. The quantities of information transferred between previously disconnected individuals and groups is expanding both in quantity and diversity.

Dali Kafaar, Group Leader of Data61’s Information Security and Privacy Group and Scientific Director of the Optus-Macquarie University Cyber Security Hub, has published a range of research on the complex relationship between the data we generate as users and the lifecycle of that data after it leaves our hands.

We spoke to Dali Kafaar about what the recent news means for your own social media use:

D61: A lot of us have been using Facebook for almost a decade now. Why is that trove of information we’ve loaded onto their servers something we should think about?

DK: People who use social media platforms submit ‘explicit’ data to platforms, for example, consciously liking the fan page for a particular band. En masse, and over time, these explicit data points can be used, through inference to create an implicit data set: eg, inferring that for everyone who ‘liked’ a band might also possess a particular personality trait.

D61: That’s surprising. Has this been studied?

DK: A paper we published in 2014, examining 997 Facebook and 377 ReRen (a chinese social networking site), found that 22 per cent of Facebook apps provide user’s information to one or more fourth-party tracking entities, such as advertisers, entertainment companies or analytics firms.

In 2012, we published a paper entitled ‘You are what you like: Information leakage through user’s interest”, where we guided a small group of volunteers, who made their Facebook information available to us, through what they were really saying when they ‘liked’ pages. Specifically, we used their music-related Facebook likes to infer surprisingly accurate private information.

D61: That’s pretty similar to the recent news – seemingly innocuous information can be converted to deeply private insights. Does this mean we should stop using Facebook?

DK: Our model could predict hidden information, which suggests these sites need to raise the bar of privacy protections. For now, social media is really great in many different ways, but people should be cautious in how they use it. You should keep, in the back of your mind, that a lot can be inferred from the small things you’re doing.

D61: Do you use Facebook?

DK: I do use Facebook, but I don’t use it that often. I visit Facebook once a week, but I also don’t provide too much information. I pay attention to things that might be perceived as seemingly harmless information – our ‘likes’ are a particularly powerful signal that can be used to draw private inferences about us.

D61: This isn’t just Facebook, is it? Don’t most sites track user behaviour as they move across sites?

DK: Yes, you could potentially install anti-tracking tools in your browser. This is something else we’re examining directly, and we’re working on a new tool that counteracts tracking across sites. We presented on blocking JavaScript tracking at least year’s Privacy Enhacing Technologies Symposium. We’ve done work on ‘Virtual Private Network’ apps too, which purport to protect your privacy but can come with risks of their own.

D61: What about after the data’s left our hands? How can companies, business and governments stop sensitive data sets getting in the wrong hands?

DK: We work on technology that can algorithmically remove identifiable individual information from data sets while at the same time preserving the ‘statistical shape’ of the original data. The underlying philosophy of this approach is ensuring that we don’t have to opt-out of important and increasingly unavoidable digital tools if we want to be confident about our privacy.

Though there’s plenty of work being done to increase awareness of the very novel risks presented by big new digital platforms, and to protect large troves of sensitive data collected by companies, there’s always real worth in being wary of what you’re signing up to when you sign up for useful and slightly addictive tools like Facebook – we’ve learnt, this month, that there’s a decent chance your data might come back to bite, if you don’t.

D61: So, should I delete Facebook?

Dali: This depends on how much you get out of using Facebook, and how strongly you want your information to remain truly private. The key issue here isn’t deleting or not deleting Facebook; it’s really that many of us are unaware of just how ‘leaky’ these networks are, and so we end up with a false sense of security. One way of correcting that is simply to provide less information to a social media site, and to make more thoughtful decisions about the information we do provide even when these are seemingly harmless.


  1. I realise it smacks of “echo chamber” psychology, but I consciously only “like” or even “share” environmentally or socially responsible useful and educational material in the vain hope it will increase it’s presence on FB not only to my “friends” but to my kids and everyone! Also when I opened my FB account 10 years ago I lied ridiculously about my age and address, and it’s still there. I’ve had minimal advertising to put up with over the years. No idea if I’m warping the algorithms!

  2. Grant David makes a point on Google. A particularly worrying aspect of big-brother occurred to me in searching patents to see if a particular idea of mine was old news. The first round of searching produces all sorts of unrelated nonsense, subsequent refinements pretty much define the idea you are testing… nice work for patent scalpers.

    I know it is an act of faith and maybe unjustified but I use StartPage for my default search engine. Actually it is not a search engine but a proxy facade for interrogating a number of other search engines including Google but the originating address cannot (?) be traced.

  3. Is it possible to ‘trick’ Facebook? Some years ago I changed my year of birth and that means I’m not longer targeted by the ads that were annoying me.

  4. What about Google? Data is collected via so many channels and there is seemingly a deliberate attempt to make it increasingly difficult to protect your own data. Android is particularly intrusive and I certainly useless unless you agree to share your life with Google. Facebook is nothing in comparison.

  5. What if we set out to do the reverse? Since know we are being watched so then deliberately like a lot of articles from real media outlets. In my case I would probably like a lot of articles about the environment, articles about the economy, renewable energy etc.
    Regarding renewable enery surveys show close to 80% of Australians think we should be reducing our reliance on fossil fuels – but you wouldn’t guess that from the Commonwealth Government policy. But what if close to 80% of Australian facebook users started to like articles about alternative energy? What if 80% of Australian Face Book users also liked War on Waste?
    I wonder if we were less nice and more political on Face Book if it might not make it harder for our political parties to ignore the electorates wishes on things like climate change. Being nice generally becomes in effect supporting the status quo, and, by being nice and unconfontational on Face Book we might genuinely send incorrect messages about what we really think and want.
    On the other hand Face Book presumably gets the most out of it’s information if we like things like bands, TV shows or movies etc. that it recognises. So what if we choose to like things that it might not be able to compute? For example songs and groups that aren’t on i-tunes (which is very easy if you like songs that are sung in languages other than English). So if we flood it with obscure things likes, deliberately choose not to like mainstream things that we do like, and perhaps put in a few false likes of things we know Face Book will recognise – maybe we might break it’s data collecting and personality matching.

Commenting on this post has been disabled.