Concerns around the Facebook data we voluntarily provide in return for the free use of the platform have been high in the wake of the Cambridge Analytica scandal.
What this debacle has proven above anything else is that our personal data can be and is used to manipulate our opinions, our beliefs and our behaviour. Personally, I think it’s the tip of the iceberg.
And yet most people just don’t care enough to want to do anything about it. We accept that if we want to use Facebook for free we have to give away our data so that advertisers will pay Facebook to try and sell us stuff.
And from an advertisers perspective, the fact that they can micro-target us by our lifestyle interests, how old our kids are, what our income is, what postcode we live in, what our beliefs are and an enormous number of very scary and very accurate variables is hugely valuable. It generates results and it cuts costs.
These were the points I was keen to get across when I was invited to debate how the Cambridge Analytica mess might impact Facebook on BBC television’s Victoria Derbyshire programme on Friday. You can watch that below.
But given that the vast majority of us aren’t worried enough about our personal Facebook data to want to quit the network, what can we do to minimise the risk? Facebook’s privacy settings are notoriously impenetrable and many people leave them on default as a result. And that’s not good given that, in a nutshell, that means anyone can see anything.
Follow the process below and you can lock down your Facebook data (at least to a reasonable level) without impacting the way you use the network. It’ll only take you about 20 minutes, which has got to be worth it for the sake of your personal details, right?
Step One: Review What Data Facebook Holds on You
Facebook gives you the option to download all of your data at any time. And even if you do nothing else here, please do this. You’ll be stunned by what you find. Every photo you’ve ever uploaded, every page you’ve liked, every ad you’ve interacted with, the date and time of every login…it’s all here.
Follow the instructions here. You’ll receive an email inside of an hour with a zip file that you can review at your leisure. Have a stiff drink handy.
Step Two: Check Your Login Security
Before we get into the details of privacy settings and third party access and ad settings, let’s do some basic housekeeping. I’m going to assume that you have a strong password or we really are in trouble! I use and recommend LastPass to generate and store passwords made up of 12 random characters. Even I don’t know what my Facebook password is, but I don’t need to as LastPass manages it for me.
That aside, first of all and on the desktop version of Facebook, click the down arrow in the top right corner and then click on Settings.
From there, click on Security and Login. There are two things to do here. The first is to set up two factor authentication on the account to prevent someone else logging into your account from a new device.
The second is to clear access from all devices you’ve previously logged in from. Under Where You’re Logged In you’ll see a list of all the devices that could potentially be used to access your account. I was amazed when I looked at this; at least a dozen mobiles and computers when I currently use just three devices. Use the Log Out of All Sessions option to force log out of all of them. Combined with a strong password and two factor authentication you just seriously minimised the chances of being hacked.
Step Three: Tighten Up Third Party Access
This is really important. The Cambridge Analytica issue stemmed from 270,000 people who took part in a personality quiz on Facebook, which opened up a social graph of over 50 million users.
Every time you login to a website or an app with the Facebook option because you can’t be bothered to think of a password (see LastPass above), you are giving that website or app access to your Facebook data. Every time you take a quiz through Facebook and link your account to do so, you’re doing the same. The vast majority are benign, but if even one passes your Facebook data on you could be targeted for unscrupulous and unethical reasons and find yourself voting for Trump or to leave the EU. Imagine THAT!
So you’re going to spend a few minutes on this one.
Head to Settings > Apps. You’ll see a list of all of the third parties that have access to your Facebook data. Depending on your habits it could be a very long list. But you need to look at each app individually and with a critical eye.
Remove any apps that you no longer use. That quiz you did about pets back in 2015 that can still access your personal data? Remove access. The website that you could log into using a password? Remove access and go and create a proper account with a secure password instead. Be fierce.
With the apps that are left, you can change what information each can see and use on an individual basis using the pen/edit settings icon. Do they really need to know a specific detail to operate? If not, remove access to that piece of data.
This is where you can make a real difference to the security of your Facebook data and to who can see what. It’s worth spending time on and revisiting occasionally. Stick a reminder in your calendar once a month to review it. It’ll take no time whatsoever if you keep on top of it.
Step Four: Adjust Your Privacy Settings
In Settings > Privacy there are several things to check and adjust. First, set the default for who can see your future posts to Friends. If you want to post more widely, you can adjust each post individually when you publish. Second, also limit your past posts to Friends. This is a one click method of tightening up your entire account.
Next, limit who can see your friends list. Why does anyone need to know who you’re connected to? And call me paranoid, but if someone can get to your friends they’re a step closer to getting to you! Now remove the option for people to find you using your email address and phone number. No one uses that, so lock it down.
Finally in this section, unless there’s a good reason otherwise (like you want people to be able to Google you for some reason), stop search engines from linking to your profile. Giving Google access to your Facebook profile (even if not the data inside it) is just about the biggest online privacy double whammy there is!
Step Five: Review Who Can Interact With You
Next, hop to Settings > Timeline & Tagging and make sure that you limit who can post to your timeline and who can tag you. This one is down to personal preference (you may not want anyone to be able to tag you) but at least limit these to Friends.
Step Six: Review What Ads You See
Advertising is part of the Facebook experience. And I say that not as someone who uses ads, but as someone who accepts that there is a pay off between Facebook being free and being exposed to advertising.
Given that, why not make the effort to understand what sort of ads you might be presented with? Head to Settings > Ads and review what you see there.
If there are advertisers who might have your Facebook data, whose websites you may have visited or whose ads you’ve clicked but whom you’re no longer interested in, get rid of them. Do the same with interests.
Then check how Facebook categorises and groups you and remove or correct anything that’s not accurate (most if not all will be, which is the scary thing!).
A word of caution: don’t be too harsh. Advertising is inevitable, so what you’re trying to do here is to help Facebook to help you by showing you stuff that is relevant to you. Delete everything and you’ll start being served with ridiculous ads that will just annoy you.
So there you go. Six steps and 20 minutes of your time for a relatively secure Facebook profile. I say ‘relatively’ because the only way to be truly safe is to delete your account. But we both know you’re not going to do that, so please invest a little of your time to lock things down and tell your friends to read this and do the same. Look after yourself and each other.