Sophos Urges Facebook to Take Privacy More Seriously

Facebook—it's a site users love to hate. Who hasn't seen status updates by their Facebook friends ragging on the very site they use to spread their hate mail.

U.K.-based security company Sophos on Monday took a step back and published an open letter to Facebook on its blog, Naked Security. Written by blogger and security analyst Graham Cluley, the letter outlines three fundamental steps that the company needs to take to better protect its users. It is signed "Naked Security" and thus is presumed to reflect the beliefs of the entire Sophos blogging team.

In the letter, Naked Security wags his finger at Facebook's opt-in privacy schemes, lack of vetted app developers (where many phishing scams originate), and a secure connection (HTTPS) standard that's turned off by default.

The letter states that Naked Security readers are "desperate for advice on how to deal with the consequences" when information from their Facebook accounts have been compromised. "A frequent refrain from users who contact us is, 'Why doesn't Facebook do more to protect us?'" he wrote.

The blog acts as Sophos' platform for sharing advice, opinions, research and news related to Internet and IT security. In the past, the blog has reported on and offered insight into various phishing scams and other fraudulent activities that pervade the online social network.

Toward the end of the brief letter, Naked Security suggests that it's only a matter of time before Facebook will be legally accountable for better protecting its users, and that it would be seen as a more ethical organization if it took more serious measures to protect users prior to the law requiring it.

About Our Expert

Jill Duffy

Contributor

My Experience

I'm an expert in software and work-related issues, and I have been contributing to PCMag since 2011. I launched the column Get Organized in 2012 and ran it through 2024, offering advice on how to manage all the devices, apps, digital photos, email, and other technology that can make you feel overwhelmed. That column turned into the book Get Organized: How to Clean Up Your Messy Digital Life. I was also the first product reviewer at PCMag to test fitness gadgets, including everything from early Fitbits to smart bras.

Currently, I'm passionate about the meaning of work and work culture, and I enjoy writing about how managers and employees can communicate better, with or without software. My most recent book is The Everything Guide to Remote Work. I also love a good workplace drama.

In addition to writing about work, I cover online education, focusing on learning for personal enrichment and skills development. I have a soft spot for really good language-learning software. Although I grew up speaking only English, some twists and turns in life led me to learn Spanish, Romanian, and a bit of American Sign Language. I've studied at the university level, as well as at the Foreign Service Institute, where US diplomats and ambassadors learn languages.

My writing has also appeared in WIRED, the BBC, Gloria, Refinery29, and Popular Science, among other publications.

Follow me on Mastodon.

The Technology I Use

Squeezing every last bit of usage out of the devices I already own is the only way I can tolerate my personal consumption. In other words, I do not own the latest cutting-edge technology. I buy things that will last and try to take care of them.

My life is organized by Todoist, and my notes live in Joplin. Where would I be without Dashlane as my password manager? Probably locked out of all my many online accounts—I have more than 1,000 of them.

When I share my contact information, it's an excruciatingly long list of phone numbers, messaging apps, and email addresses, because it's essential to stay flexible while also remaining somewhat mysterious.

Read the latest from Jill Duffy

Read full bio