Fired by Facebook?!

Screenshot_2015-09-25-12-31-22I was recently fired by Facebook*. Not as an employee, as a customer – even more shocking, right?

Here’s the thing…I opened my Facebook account and saw this message – confirm my identity. As a privacy attorney, I thought nothing of it….wow, a social media platform adding extra security steps. Except it’s not a security step for my account.

The next screen asked me to enter the name by which I am conventionally known. Well, I entered my name “K Royal” which rather than thanking me for my prompt attention took me to a page in which I was asked to submit government identification to prove I am me. I was outraged! and that is an understatement.

Turns out, if one does not wish to upload two forms of government ID, one can choose from about 30 non-government ID options, but at least one must contain a photo and date of birth.

Funny enough, I had just posted my nursing badge in the whole #nursesunite campaign against TheView for mocking Miss Colorado, although Ellen Degeneres countered that brilliantly.

This is truly and utterly ridiculous. Let me count the reasons:

  1. It’s a social media site. Not a government benefits site or healthcare or financial or education. Social. Fricking. Media.
  2. Facebook has questionable privacy policies – have you heard?
  3. They’ve been engaged in this ridiculousness for a couple of years and caught some heat for it.
  4. They say that there is no algorithm to detect potentially unreal names, but they tend to target groups of people.
  5. They say they want your “authentic” name – the one you go by on a daily basis. How many of us would be caught by that, because the name we go by is not on government ID? In this digitized world, it is very difficult to get government ID or an ID with a picture and a date of birth showing a nickname rather than a birth name. Consider my cousin, Skinny, who has gone by the nickname “Skinny” for 70 years or so. The only ones who even knew his government ID name were his mom, brother, and the Social Security Administration. He was forced to change it to Michael on Facebook, because they would not accept the name he went by in daily life and he did not want to upload three forms of ID to prove Skinny. I was ready to battle for him, but he decided to acquiesce. I should’ve battled, cause look at me now.
  6. My name is K Royal. Yes, at one time, there was something else there, but it is no longer. Has not been for many years. I have gone by K since at least I was six years old. I have about 100 different stories behind my name, but the point is- K Royal is my true, legal, documented, full name.
  7. What the heck will Facebook do with my ID if I do send it? which I won’t.
  8. It is easier for them to Google “K Royal privacy” than it is for them to review anything I did send.
  9. Sending ID over open email is utterly, unequivocally stupid.
  10. Facebook does not offer a secure alternative to sending ID, anyway. And if they did, I still would not trust them.

So I have been fired from Facebook. One of the privacy professionals who truly enjoyed them. They have not yet answered my communication to them asking about it. I am apparently no one to them, but on the other hand – I just might finally get an instagram account!


Don’t let the digital door hit you in the button on the way out.

*Facebook is a trademark owned by Facebook, Inc. any other trademarks used in this post are the owned marks of their respective companies.

1/642 What can happen in a second (in privacy)

John F. Kennedy once said “JFKThings do not happen. Things are made to happen.”

So rather than considering what can happen in a second in privacy – which brings to mind all kinds of crazy stuff…breaches, hacks – let’s instead consider what could be made to happen in a second.

I went online to find you an interesting link for breaches and instead saw an article, hot news, one hour ago that 80,000 students’ data was compromised who were enrolled at Cal State in an online sexual violence prevention class.

That happened in a second.

What could be made to happen in a second? Awareness – instantly share the news article via myriad social media.

Shame – 80,000 students may now be ashamed of their online class. They may not be. 80,000 students may now be proud.

Anxiety. Confusion.  80,000 students may now not know how they feel. It’s a non-credit required course. They have nothing to be ashamed or proud of. The breach exposed passwords used to log into the class, user names, campus-issued email addresses, gender, race, relationship status, and sexual identity. Now these 80,000 students may have to change their passwords for whatever they use based on that email – grades? financial aid? What if their sexual identity is something they did not want known publicly?

On the other hand, based on amount of breaches in the news, are we desensitized? Can apathy happen in a second?

Could lawmakers get motivated in a second? It may take years to get someone to see the light, but perhaps that light blows on like the winds of a haboob in Arizona in August.

  • It only takes a second longer than normal to use a password that is resistant to compromise.
  • It only takes a second to lock your computer when you walk away.
  • It only takes a second for a hacker to publish ill-gotten gains.
  • It only takes a second for your identity to be taken.

It only takes a second to realize your life has changed forever and way too many seconds to put it back together.

Make something good happen in a second.

first step to 642 PRIVACY things to write about

642 51WAhDYHNcL._SX418_BO1,204,203,200_There never seem to be a limit to issues about which to write involving privacy or data protection. However, I like to run a different path at times and well, when I want to run the same path as others, it may just be coincidence. Recently, we’ve had all kinds of good stuff to write about – the Wyndham decision, Microsoft slipping in tracking tools to Windows 7, voting selfies, and the Ashley Madison hack (to which I refuse to link). I just get bored.

I bought this book a while back and use it in place of a personal journal. I could never consistently keep a journal – I was bored rehashing my life…it’s a recurring theme with me – blame the ADD. So I use this book and date the entries. Of course, I just randomly choose pages and topics, so the dates are interspersed throughout the book.

It occurred to me that I could take this same tactic to privacy. 642 things to write about … in the privacy world. Sure, I’ll still highlight critical issues and add my own little commentary at times – and I’ll give HIPAA tutorials and professional advice. But, this sounds like a fun way to do it – and goodness knows what we’ll wind up with. It’ll be a fun little journey.