More than half of the world population (54%) spends an average of 2 hours and 21 minutes on social media daily. Users’ likes, opinions, geotags, photo uploads, and friend connections are considered personal data.

What social media companies do with that information is vitally important. However, users often give those platforms enormous control over their data when they sign user agreements.

While those agreements protect companies legally, their use of personal data does not always appear ethical. It also puts personal data at enormous risk of falling into the wrong hands.

Earlier this year, LinkedIn used 20 million users to run an experiment without their consent or knowledge. The company had a hunch that people land more jobs through distant acquaintances than close personal contacts.

To test the theory, LinkedIn altered the types of connections it showed to people, potentially impacting the job prospects of thousands of users.

On top of transparency and ethics concerns, there are data breaches to worry about. Twitter has been a prime target for cyber attackers over the years, and the year 2022 was no exception.

After exploiting a zero-day vulnerability on the site, hackers posted the private information of over 5 million account users on a dark web marketplace.

This raises fundamental questions about the security and privacy of our personal information online, compelling us to scrutinize how social media platforms handle our personal information and what we can do to shield it from misuse.

Data Privacy on Social Media Post-Cambridge Analytica Scandal

Some users still haven’t forgotten the information privacy scandal that hit Facebook (now Meta) five years ago. It brought data privacy concerns to the fore and put social media company data-sharing practices under intense public scrutiny.

The story broke in March 2018. The Guardian and The New York Times reported that digital firm Cambridge Analytica had gained access to over 50 million Facebook users’ personal data without their consent.

The company had acquired the data through a third-party app. It then used the data to generate detailed psychological profiles of American-based users.

Donald Trump’s 2016 presidential campaign leveraged those profiles to target advertising and sway votes. A US congressional hearing was called to investigate the use of personal data for political purposes.

Facebook CEO Mark Zuckerberg was questioned about the platform’s data-sharing practices and policies. While Facebook claimed no data was stolen and no breach had occurred, users had questions.

Given how far Facebook allowed personal information to travel, users were left wondering whether the company valued their privacy at all.

Why is Data Privacy Important on Social Media?

With so much power held by social media companies, and so much online activity concentrated there, they’re magnets for misuse and exploitation.

Fraudsters gather private information to use in financially motivated scams. Some also build profiles of individuals from publicly available photos, friend facts, and places visited and use them in identity theft schemes.

Many users need to recognize all the data types that social media platforms collect. Scammers can easily learn a lot about you besides the apparent profile information, like name, birthday, and email. All it takes is some scrolling.

Your clicks, likes, and shares provide information about your interests and hobbies. Your status updates give away valuable information about your workplace, life milestones, relationships, and personal beliefs.

Location and check-in data say everything about where you are. It can even tip off a burglar about when you’re on vacation. Posts published by your work colleagues, friends, and relatives construct a network of your social relationships and round out the “who’s who” of your data profile.

Social marketing and monitoring companies process this information algorithmically and use it in targeted advertising. Some users see value in personalized ads, while others find them creepy and a violation of privacy.

Either way, bad actors can also tap into that data for nefarious purposes.

Four Common Social Media Privacy Issues

Knowing how your data is used—with your consent and without—can help you safeguard your profile and make informed decisions about the information you share online. If you’re a social media user, here are four of the most common concerns to think about.

1. Account Takeovers and Identity Theft

Many accounts are protected by basic security questions like “Where did you go to college?” instead of strong passwords.

Some users use pet names, nicknames, and favorite sports teams. Clever fraudsters can glean that information from your social media posts, use it to guess passwords and gain access to your account. Once inside, they can pose as you to get more data and commit identity theft.

2. Social Media Phishing

If your social media account is public, anyone can contact you to start a conversation.

When scammers know what interests you, they can direct message (DM) you with enticing invitations to check out other sites. On LinkedIn, it might be a skills seminar. On TikTok, it might be a prize contest. Be wary, as these are often phishing campaigns with fraudulent links.

3. Complex Privacy Settings and Loopholes

While platforms like Meta give you control over your privacy, those settings can be complex and confusing. For example, you might share a post with a private friend group, but a member of that group might employ different settings, making the same post visible to a larger audience.

Social media companies also make frequent updates to their privacy policies and technologies. An update could apply to older posts you thought were out of bounds. Meta has settings to limit viewership of past posts, for example, but these updates can be challenging to keep track of.

4. Doxxing, Cyberbullying, and Harassment

The anonymity of the internet has made it a cruel and unforgiving place. People with opposing views from you or those motivated by hate can use personal information discovered on social media to bully and harass.

Doxxing is when cyberbullies publish private information about an individual, such as their email, home address, and phone number, to encourage more direct harassment.

How to Protect Your Social Media Data

If you’re a regular social media user, it’s critical to understand how your data is stored, used, and accessed by both the platforms themselves and third parties.

Here are some tips to help you protect your personal information on social media websites.

Read the Privacy Policies

A thorough understanding of a platform’s privacy policy is vital to safe, secure use of social media. Be aware that blindly accepting the terms and conditions may lead to data vulnerability.

Create Strong Passwords

Create a strong and unique password for every social media account you open. This means using a combination of both uppercase and lowercase letters, numbers, and special characters. For added protection, Terranova Security recommends enabling multifactor authentication (MFA) for all social media accounts.

Adjust Your Privacy Settings

Ensure that your information is viewed and shared in ways you’re comfortable with by adjusting the social media platform’s privacy settings.

Like the privacy policy, ensure you update those parameters regularly since platform or app updates can cause small but significant changes to your settings.

Be Mindful of What You Share

Before posting, sharing, or updating personal information on a social media platform, consider where that data will live on the site and who can see it. This precautionary step, which also applies to photos and videos, is key to the safe curation of your social media activity.

Get Consent from Others

Mindfulness on social media doesn’t just concern your data. Your posts often contain information about or photos of other people. Information you think is shareable might be considered sensitive by a colleague or friend for reasons you might not know or understand.

Before posting, make sure you get consent from the people involved.

Watch Out for Scams

Finally, keep your eyes open for scams in social media newsfeeds and personal messages. From phishing and spear phishing threats to malware sharing, inspect posts, messages, and links thoroughly before clicking, responding, or sharing.

Getting Smarter About Sensitive Data on Social Media

Data breaches and questionable privacy practices have dented consumer confidence in data privacy on social media. As Meta, Twitter, and other platforms pledge to do right by their mistakes, there’s hope that real change is on the horizon.

In the meantime, organizations need to recognize how much social media activity spills into the workplace and take action to protect employee and company data. An important place to begin is by educating employees about social engineering, one of social media’s most rampant threat vectors.

This whitepaper, How to Protect Your Data from Social Engineering, explains how cyber attackers play on people’s emotions and outlines steps to safeguard your data against these threats. Download it today and start building a cyber-aware culture across your organization.


How to Protect Your Data from Social Engineering

This white paper explains how cyber attackers play on people’s emotions and outlines steps to safeguard your data against these threats. Download it today and start building a cyber-aware culture across your organization.