QR-48 Professor Harry R. Lewis is concerned about online privacy.
QR-48 Professor Harry R. Lewis is concerned about online privacy.

How Much About You Is Out There?

There is a certain freshman girl at Harvard who looks very sweet in her profile photo on Facebook. She has
By Adam P Schneider

There is a certain freshman girl at Harvard who looks very sweet in her profile photo on Facebook. She has a nice smile, a cute necklace, and an adoring male companion kissing her on the cheek. On the surface, it would seem that she has nothing to worry about by joining Facebook.

Her favorite movie, however, is “Backdoor Sluts 9.”

Her parents probably won’t find out about her enjoyment of unclad cinema, but they might if her name had been included in this article. If Fifteen Minutes had chosen to publish her name, the article would be easily accessible to anyone with the ability to use a search engine.

Assuming she’s lucky enough to have technologically incompetent parents (for whom finding the power button is difficult) the fact remains that her choice in film would be documented indefinitely on the internet.

And she certainly isn’t alone. There is also a male sophomore who lists his interests as “Drinking, Fucking, Suckin, Snorting,” and a female alumna who does “little girls’ bottoms.” Whether sarcastic or serious, millions of students all over the country are choosing to post large portions of personal information on social networking websites such as Myspace, Friendster and Facebook.

The reality is that most students do not realize how public and permanent their data truly is.

“There is a cultural shift such that students aren’t even sensitive to their own privacy,” says Harvard College Professor Harry R. Lewis ’68. “Things that shock me don’t shock my children.”

And Lewis is right. Students post everything on these websites: their sexual proclivities, illicit photographs, and perhaps most worrisome, their contact information.

With the advent of blogging and continuously updated online news media, access to information is almost unparalleled. Even information that seems semi-private, such as profiles on Facebook—which are only accessible by certain portions of the public—can be taken out of context, re-posted, and let loose in the vastness of cyberspace.

“In general, students forget that information is largely visible depending on how you protect it,” says Erin Nettifee, Harvard’s supervisor of residential computing.

Why should we care?

“I think that the whole growing phenomenon of people being stalkers on the internet is a little scary and worrisome but I don’t think it’s a really pressing issue,” says Jessica E. Becker ’09.

But is Becker correct? In a study conducted by the National Center for Missing and Exploited Children, one out of every five children who regularly uses the internet has received a sexual approach or solicitation overthe internet in the past year, and one out of every 33 children has received an aggressive sexual solicitation in the past year. An aggressive solicitation is one in which the predator asks a child to meet somewhere or called them on the phone.

Despite widespread incidences of unwarranted advances that occur over the internet, whether by email, instant messaging, or websites like Facebook, students are largely apathetic.

R. Breffny Morgan ’08 is “comfortable with all of the information” that he gives on Facebook, despite listing his e-mail address, cell phone number, and campus address. “When does browsing the Facebook become Facebook stalking?” he asks. “But there are good measures in place to control what people can find out and can’t find out. It’s up to the individual to control how much privacy they want to retain.”

Sam M. Chamberlain ’09 shares the same mentality. “I think there’s good control. You’re allowed to be private,” he says. “I don’t really like how people block their [Facebook] profiles from people at their school.”

But professors like Lewis are hoping students will change their mind after taking his course, Quantitative Reasoning 48: “Bits,” which covers the evolving role that information technology plays in privacy issues.

“People should be worried about the Facebook,” says Lewis. “We’re very rapidly moving into a society where the information you can’t control is becoming extremely dangerous.”

Last month, The Crimson reported that four undergraduate students faced drug charges for marijuana possession. The Crimson released their names in the story on thecrimson.com, and anyone who types their names into Google will likely be able to find evidence of their alleged criminal activity. This trend is increasingly disturbing. Personal information is posted about individuals at an alarming rate on blogs, online news media, and personal websites. The information is remarkably easy to access with a refined Google search.

The veracity of the internet’s wealth of information, however, is often questionable. Ethical standards blur as the internet continues to grow as an almost unending source of raw information. Sensationalized and instantaneous gossip, available on blogs like Gawker and Jossip, highlight such trends in internet information.

Facebook claims to be the industry leader in terms of the protection of privacy. “It’s really important to contextualize facebook,” says Chris R. Hughes ’06, a spokesperson for Facebook. “Myspace is much larger, much more well-know, and much less commendable.” Facebook is one of the only sites which allows students to restrict access to their profile information through a variety of factors.

Despite the fact that it is easy to provide misleading information about yourself on Facebook, “It’s more difficult to misrepresent oneself as compared to Myspace,” Hughes says. “There’s no curtain to hide behind because your profile is always linked to your .edu email address.”

Even then, students should be aware that their information is never truly private. “The whole point of Facebook is for other people to see it,” says Hughes. And with 12.4 million unique users as of December, there are certainly enough eyes out there.


In February 1995, The Crimson determined that it was possible to identify Harvard network users who were downloading pornography and to read the names of the files that they transferred. A computer service log file was accidentally made public through the Harvard network. The Crimson, accessing this file, found the names of 21 undergraduates and seven graduate students who had used the Harvard network to download pornography. In response to the investigation, Harvard tightened its network security and fixed the loophole in the system. Just last spring, however, The Crimson reported its discovery of a loophole that provided access to confidential drug histories of many Harvard students and employees. The information had been available for months to anyone with access to the internet.

Harvard responded quickly, securing the loophole and bringing in auditors to assess the security of the network. “They made a lot of really good changes,” says Nettifee of the fallout.

The point, however, remains the same. Information transmitted over the internet is inherently vulnerable, whether one is a sophisticated hacker or simply a layman with access to a web browser. Even with a sophisticated security systems and round-the-clock experts at its disposal, Harvard is unable to protect student information all the time. “The biggest problem is people not thinking about things,” says Scott Bradner, the University’s technology security adviser. Bradner says that careless use of passwords and generally “being sloppy” are the greatest vulnerabilities students face when using the internet.


A more disturbing trend, however, is not the dissemination of private data, but students’ willingness to surrender such data about themselves over the internet. Gawker, a blog that bills itself as a source of Manhattan media news and gossip, published the Facebook photo of Luke Russert, a student at Boston College, back in October, 2005.

The photo showed Luke, son of “Meet the Press” host Tim Russert, with a bevy of bikini-clad girls. Following Gawker’s publication of the photo, his profile picture quickly changed. He now boasts a more modest picture of himself with a friend.

Samuel Alito’s son, Philip, was ahead of the online media, however, when he chose to remove his Facebook profile following his father’s nomination to the Supreme Court. The use of social networking websites in online media is hardly restricted to the sons and daughters of celebrities. The Crimson, as well as other college newspapers such as the Daily Princetonian, the Daily Bruin, and many others regularly use Facebook to contact individuals and do research for their stories. The trend can also be seen in major newspapers like The New York Times and Wall Street Journal, where stories about social networking websites and their capacity for journalistic research have recently been published.

Blogs and newspapers beware. According to Hughes, Facebook is very strict on its policy of the reproduction of information. “We aren’t opposed to pursuing legal action in the future,” he says.


Few people take the time to read privacy disclaimers on the internet. Allison E. Baum ’09 said she usually just “checks the box,” but with regards to Facebook, she did take time to read the notice. To her, the privacy disclaimer “seemed pretty typical” and for the most part, it is.

Indeed, Facebook’s privacy policy states, “No personal information that you submit to Facebook will be available to any user of the Web Site who does not belong to at least one of the groups specified by you in your privacy settings.” Furthermore, Hughes says that Facebook does not sell private student information.

Sounds good, but like your friends at the Law School say, read the fine print. The policy later states, “We reserve the right to change our privacy policy at any time.”

“If you grow up surrounded by the expectation that everything can be recorded and observed, it doesn’t bother you,” says Katherine Albrecht, author of “Spy Chips” and an Ed.D. candidate at the Graduate School of Education. “That’s so disturbing to me.”


On Nov. 30, Harvard’s Office of Career Services (OCS) alerted students in an e-mail to the potential dangers of posting information on social networking websites. OCS warned that they had reason to believe that potential employers were logging onto such websites to gain additional information about job applicants.

“As much as anything, it was prompted by conversations we were having with employers and graduate schools,” says William Wright-Swadel, the Director of OCS. “We found out that one of the tools they were using to evaluate candidates was information students were posting on the internet on websites such as Facebook.”

Hughes disagrees with Wright-Swadel about the prevalence of employers using Facebook for this purpose. “First of all, they have to go to your school. They have to have an alumni e-mail address, which many schools don’t give out,” he says. “They have to know about Facebook. And finally, the student has to have their profile accessible to alumni.”

Many students appreciated the warning, valid or not, if they didn’t know about it already. “It reinforced impressions they were beginning to figure out themselves,” says Wright-Swadel. He argues that it is not apathy that is responsible for the problem, but instead a lack of awareness. “The fact is that tools like Facebook are designed, and people have an expectation for how the tools are going to be used,” he says. “Unfortunately, when you project that kind of information in a public domain, everyone gets a chance to read it and interpret it.”


Nick A. Noyer ’09 isn’t worried about using his FAS email. “I think when you’re corresponding via e-mail, it’s similar to a phone conversation or anything like that unless you’re viewed as a threat,” he says.

Lewis disagrees. “The dominant phenomenon is that people use e-mail as a telephone,” he says. But, as Lewis explains, e-mail can never really be deleted. “E-mail is not encrypted,” says Nettifee. “You need to be careful what you say. You don’t know if someone is going to forward it.”

While one hopes that the Harvard administration doesn’t systematically read students’ e-mail, “systems administrators may gain access to users’ data or programs when it is necessary to maintain or prevent damage to systems or to ensure compliance with other University rules,” according to the Student Handbook.

Many students are also unaware of how easy it is to forge e-mail. “Students don’t understand the technical detail behind email,” says Nettifee. With a few keystrokes, one can easily change his or her e-mail address to read as lawrence_summers@harvard.edu. And while it is possible to confirm the real identity of a fraudulent sender, few of us have the technical resources or the time to verify if each of the e-mails in our inbox is really from the sender that it appears to be. The ability to forge an e-mail identity, along with the capacity to include invisible recipients on e-mails (like bcc:), allows almost anyone to create deceptive e-mails.


So far there is “no official stance” on the use of Facebook as an investigative tool by the Harvard administration according to John L. Ellison, assistant dean of Harvard College and secretary of the Administrative Board. “Nor is there any indication that we will use it in the future,” he says.

“We didn’t intend it to be used for faculty to catch 18 year olds with Coronas in their hands,” says Hughes.

Other colleges around the country, however, are not turning a blind eye to the power of Facebook to crack down on underage drinking and other illegal activity.

Four students at Northern Kentucky University were “fined, put on one year probation, and were forced to attend a class about the dangers of binge drinking” after they were found to have broken rules against drinking in their dorm rooms, according to The Northerner student newspaper. The students at Northern Kentucky join countless other students around the country who are being held accountable for information posted on Facebook.

Just last month, according to the Benton County Daily Record, John Brown University, a private Christian school in Arkansas, expelled Michael Guinn for being in violation of the school’s campus lifestyle guidelines. Guinn had posted numerous pieces of information on Facebook and his Xanga blog that indicated he was gay.

The most frightening case to date, however, involves Saul Martinez, a sophomore at the University of Oklahoma, who was questioned, according to the Oklahoma Daily, by special agent Dana West of the Department of Homeland Security Secret Service regarding a comment about killing the president that he posted on a “Bush Sucks” Facebook group. The Crimson contacted the Oklahoma Secret Service Division, which confirmed that they had investigated the threat. “There was an alleged threat against the president of the United States, and we investigate all threats,” says Jeff Shelton, assistant special agent.

When contacted by The Crimson, Martinez said that the context of the comment was completely misunderstood. “It really was a joke,” says Martinez.

According to Martinez, when the Secret Service agent came to his dorm room on March 1, 2005, it was nearly four months after he had posted the following: “We should all donate a dollar and we could raise millions of dollars to hire an assassin to kill the President and replace him with a monkey.” Martinez further alleges that the agent asked him about his medical records, his family background, and his propensity to assassinate the leader of the free world.

“Honestly, I think it’s hilarious and blown completely out of proportion,” says Martinez. “If I was serious, I would feel much more strongly. Instead it was a waste of time.”

While Harvard may not currently use Facebook as an investigative tool, there is nothing stopping it from doing so. “I’m sure if there were a compelling incident, the administration would have to follow up on it,” says Lewis.


As internet consumers, we have the option to surrender ourselves to the pleasures and dangers of technology, or to protect our privacy with a more vigilant attitude toward cyberspace. Social networking websites like Facebook do have some positive aspects, and are often credited with facilitating new relationships and preserving old ones. Yet involvement in such networks places its beneficiaries in a tenuous position, in which our rights can change at the click of a mouse.

Alexander J. Dubbs and Michael C. Koenigs contributed to the reporting of this story.