Tony Karrer's eLearning Blog on e-Learning Trends eLearning 2.0 Personal Learning Informal Learning eLearning Design Authoring Tools Rapid e-Learning Tools Blended e-Learning e-Learning Tools Learning Management Systems (LMS) e-Learning ROI and Metrics

Sunday, September 16, 2007

Risk of Identity Theft Due to Social Networking and Blogging

First question -
Identity theft and electronic stalking are scary issues. The more one you participate in blogs, discussions groups and other social networking tools, the more information there is about you in the world for anyone to access. Does this concern you? If yes, what guidelines do you follow to minimize the risk? If no, why not?
I am definitely concerned about identity theft, and less so about electronic stalking. Of course, the situation with Kathy Sierra was an eye opener.

The basic guidelines I have is not to put anything in my blog, on a social network, even when I register on a site (even when that site is supposed to keep the information private) that I wouldn't want to be public. If you assume that everything you are doing, including what you write in email and IM, is fully public, you tend to protect yourself. In my mind, the risk is pretty high already with simply the personal search tools that exist on the web. Going to intelius hints at information that's readily available.

If I look at what I put in my blog and on social networks, I don't believe that this creates real additional risk because of the type of content I provide. Unfortunately, there will continue to be some extreme cases, but the actual risk - if you use precautions, is not significantly higher.

I'm curious if anyone does believe that blogging, social networking, etc. poses much of a risk?

4 comments:

Anonymous said...

I love how you are engaging in this discussion with Kristen. It is good to see a well known blogger takes the time, which as a result I have been introduced to a group who are blogging on topics that interest me.

Personally I try not to think about electronic theft and stalking. What does concern me is the knowledge that as you get more of a public profile there are individuals that start to think you are fair game and open for attack.

But the same holds true whether it be f2f or online. The key is how you respond to attacks. There will always be trolls and flame warriors, and generally they do run out of steam if you just ignore, just as you would any bully.

Sue

Guy Boulet said...

The key to prevent identity theft is to keep sensitive information off the net.

Personally, I do not disclose information such as social security number, home phone number, street address, or even personal email address on any web site, unless they are secured trusted sites with which I regularly do business such as my bank or stock broker.

Even on my blog or blogger profile I never disclose such information. On my website, people can contact me using a form, so no email address appears on the site to be sucked by a robot. I use a hotmail address for everything public so I can change it quickly when to many unsollicited mail comes in.

This is simply common sense. I would not display that information on telephone poles, so why would I on the net?

Anonymous said...

Hi Tony,

You said, "If I look at what I put in my blog and on social networks, I don't believe that this creates real additional risk because of the type of content I provide." Same here. Nearly 95% of the content I contribute is related to my profession, not my personal life.

I try not to worry about identity theft. Unfortunately, if somebody wants to do harm, they probably can. There are just too many ways information can be obtained (legally and illegally). The good news is that banks, credit card companies, and other financial institutions now do a better job of monitoring accounts and dealing with problems when they occur. As an example, earlier this year, my main credit card was compromised days before I was to leave for the eLearning Guild's conference in Boston. Several charges started appearing from overseas. My credit card company notified me, took care of everything, and I was able to enjoy my trip to Boston without worry. Yes, it can be inconvenient, but I don't believe it's as life-shattering as it used to be. (Then again, my case was pretty simple. I'm sure there are still some cases that aren't as easy to deal with.)

Anonymous said...

Most identity theft occurs offline, not online (63% vs. 12% in one 2005 survey). It's much easier for someone to take bills out of a mailbox than to hack into an online database. Check out CNet's article Separating myth from reality in ID theft.

It sounds like some of what we're talking about here is privacy rather than identity theft though. These don't seem like the same issue to me. As far as privacy, I think your idea of assuming that everything you write could be made public is the right way to go. Anyone who really wants to find out about you can. However, you might as well make it easy to find out the professional things you want them to know (by blogging, using LinkedIn, or whatever) and use common sense in limiting what you post for personal information.