Social Media’s Stealth Security “App” (TOS Violation Litigation)
Is the ‘Golden Age of Privacy” tanking as Generation Y Consumers worry less about exposing personal data on social platforms? Will heartburn meters at corporations spike, as workers embracing social media and BYOD cause a widening of risk parameters.
Consider the blurring lines between business and pleasure as online dating sites seek to enter the recruiting business, or how the CISO struggles to manage risk triggered by employees who forgot their iPhones, and use their Blackberries to deal with something of a personal nature that day.
Imagine the Risk Fest as the enterprise increasingly engages social networks, and business folk imbibe online cocktails with combinations of Facebook, Twitter, LinkedIn, YouTube, Amazon, and Match.com from their office PC, Tablet, or their smart phone.
Mass audience sites produce the greatest concentration of online security threats. While social media is not yet seen as handling “critical data”, business advertising on these networks is changing that as platforms seek ways to mitigate brand damaging security breaches (just ask Twitter and/or Burger King). In fact some research suggests that online advertisements are 182 times more likely to deliver malicious content than porn sites.
Twitter, like Facebook, is steadily introducing paid advertising options. Risks around disenfranchising business partners who are building up their advertising revenues are ramping, and the big boys of social media have a heightened sense of urgency to provide protection.
Enter TOS Violation Litigation; security startups & stalwarts alike are mobilizing to secure social media solutions, but users should take notice of another form of protection… changing legal strategies of companies that sue based solely on violation of a site’s TOS.
Last year Twitter sued those responsible for 5 of the most-used spamming tools on the site. “With this suit, we’re going straight to the source,” it said in a statement. “We hope the suit acts as a deterrent to other spammers, demonstrating the strength of our commitment to keep them off Twitter.”
Facebook also recently warned that they will aggressively enforce their TOS, threatening legal action against employers that force a user to violate the TOS by sharing a password.
We should be cognizant of how social media networks enforce their TOS in court. The current focus remains on malicious entities, and violation of TOS could be treated as vigorously as violation of state and federal law.
Okay – so how might this change the way that security vendors roadmap new products & services? While many security companies are starting to build social-media security tools directly into their antivirus packages and security suites, the state-of–the-art is far from elegant at this stage. Should security companies offer a service that profiles Twitter’s risk level, then rates their ability to win TOS litigation cases based on the number of users affected by a breach, and/or damage to the brand?
Similar to my thoughts around “unsung heroes” in an earlier post, I believe TOS violation litigation deserves consideration as Social Media’s Stealth Security “App”.