Privacy in Social Networks is bad

Hubertus Primus, Stiftung WarentestIn its biggest privacy research to date, Stiftung Warentest, the leading consumer product testing organisation in Germany, has attested bad marks to Facebook, Myspace & Co.  Eight of ten checked social networks showed “remarkable” or “big” failures with data security or the users’ privacy protection.  Especially the online communities located in the U.S. do not respect the European informational self decision rights, Hubertus Primus, responsible for institute publications, marked.  For example, the U.S. network LinkedIn sets a browser cookie valid for 68 years.  Furthermore, it does not inform about how long IP addresses are stored.  Primus makes clear: “That is nothing but telecommunications data retention.”

For the analysis being published in the April issue of the “test” magazine, the experts have chosen ten networks.  Among them were all German-speaking platforms with more than 100,000 daily users.  Schüler- and StudiVZ by Holtzbrinck were tested as well as Lokalisten, wer-kennt-wen and Jappy.  Further networks were the U.S. companies Facebook and MySpace and the business network Xing with its U.S. pendant LinkedIn.

Primus called the test results “very intermingled.”  Especially the data security status is “bad.”  For example, only six networks have agreed to a “hacking attack with prior agreement.”  All U.S. networks and Xing declined, resulting in a decreased test result rank due to “lacking transparency.”  Out of the cooperating sites, Jappy, wer-kennt-wen and Stayfriends got an “insufficient” note, while the VZ networks and Lokalisten got a “medium.”  Primus named a special data security hole: When signing in mobile, user name and password are transmitted unencrypted.  Providers must fix this problem as soon as possible, said Primus.