How Facebook’s Security Settings Outed Two University Students
Jeromie Williams Eats The Internet For Breakfast
Two college students at the University of Texas are dealing with the fallout of a lapse in Facebook security settings, that inadvertently outed them to their friends and family on Facebook after they were added to a group for the university’s “Queer Chorus,” sending out a publication on their timeline’s for all the world to see.
Bobbi Duncan and Taylor McCormick, both students at the University of Texas were added to a group for the school’s Queer Chorus by the group’s president after joining which published the information to their timelines, circumventing their heightened security settings in an apparent loophole in Facebook’s security protocols.
The incident which took place last week, is a direct result of Facebook’s settings which allow administrators of Facebook groups to add people to a group without their permission, and publicizing that information on their profiles.
The Wall Street Journal reported last week that “The two students were casualties of a privacy loophole on Facebook—the fact that anyone can be added to a group by a friend without their approval. As a result, the two lost control over their secrets, even though both were sophisticated users who had attempted to use Facebook’s privacy settings to shield some of their activities from their parents,” the article said.
What transpired after the students were outed to their families has caused both students to suffer rifts in their families, and for Bobbi Duncan, the emotional toll has been particularly devastating.
The same night that Duncan was added to the group “Ms. Duncan’s father left vitriolic messages on her phone, demanding she renounce same-sex relationships, she says, and threatening to sever family ties,” the Wall Street Journal explained.
Facebook spokesman Andrew Noyes spoke publicly about the incident saying that “Our hearts go out to these young people. Their unfortunate experience reminds us that we must continue our work to empower and educate users about our robust privacy controls.”
In response to the incident Facebook has reportedly changed the wording in its Help Center to better clarify the usage of groups and how to ensure that as an Admin of group that member’s information about being pulled into a group will not go public, and has added a link to this new wording when groups are first created.
Should Facebook make it possible for people to be pulled into a group without their permission? Are Facebook’s security settings too relaxed in this type of situation? Who is to blame for this situation? Leave a comment below and let us know what you think.