Monthly Archives: April 2011

In a FINRA world, it’s a tangled Web 2.0

By nleong,   April 22, 2011

Reading third-party comments to blogs, Facebook posts, and group discussions is oftentimes more amusing that than the original piece of content that got the ball rollin’ in the first place.  Sarcastic comments, witty repartee, and timely humor are standard fodder for many social media sites.  Of course, not all’s a laughing matter, especially when it comes to FINRA-related content on social networks like Facebook, LinkedIn, and Twitter.

Financial advisers are keen to use these sites to prospect for new customers or to strengthen existing relationships.  There’s no disputing that.  However, things get a somewhat murky when an adviser responds to a third-party post (we’ll call this a “3PP” from here on out) to his or her, say, Facebook page.  Whether it’s an outright comment to a 3PP or a “Like”, FINRA may consider this an endorsement of the 3PP, which would require pre-approval by a firm principal.

FINRA’s “entanglement” and “adoption” theories rear their heads in situations like these.  The way FINRA sees it, if the firm or one of its personnel paid for or was involved in the preparation of the 3PP prior to its posting, then the 3PP would be considered a “communication with the public” that requires pre-approval (under the entanglement theory).  If the firm or one of its personnel “explicitly or implicitly endorses or approves” the 3PP, then it requires pre-approval under the adoption theory.  This means advisers have to be very careful before pushing that “Like” button on LinkedIn or Facebook pages.

The speed at which social networks release new features (e.g., Like, Recommendation, Retweet, etc.) is phenomenal.  During March 2011, LinkedIn made 74 changes.  74!!!  It’s enough to cause a few palpitations amongst the compliance community.  The role of the compliance team is made that much more complicated (and stressful) by the amount of internal pressure they receive from some groups that need access to these social media sites….for absolutely legitimate reasons.  On the other hand, you’ve got the watchful eyes of FINRA regulators circling the waters.

That’s why social media monitoring and archiving initiatives have been emerging in financial institutions in recent months.  Whether you’re a Goldman Sachs, an investment advisory firm, or a small hedge fund, the need to manage social media content remains a constant, regardless of the perpetual change.  And, as firms move towards realizing the benefits of social media and Web 2.0, they’ll need to straighten out the tangles of the social Web.

Safe Facebook = Clean Coal??

By Jae Kim,  

There have been lots of discussions around energy recently in the aftermath of the Fukushima nuclear disaster, especially about clean-burning coal technology and its hopes and reality.

I don’t know about you, but when I hear clean coal, I know I have to pay extra attention to actual scientific claims to differentiate marketing and political spins from scientific facts.  I get a similar feeling when watching late-night TV ads, such as the one for the “no-exercise weight loss” drug.  Something just smells fishy.

Well, that’s what I felt when I heard the words “privacy,” “safety,” and “Facebook” uttered in the same sentence.

The whole premise of Facebook and social media revolves around sharing.  However, there’s an inherent risk:  sharing information with someone with whom you didn’t intend.  In fact, it happens quite often.  Think about a disgruntled ex-employee who causes harm using inside information.  Although information is shared in good faith, it can cause damage if you share too much information without some level of protection.

Behold, victims of hacked Facebook accounts.
See for yourself at

It should be noted that using Facebook, likewise, is inherently risky business.  You can always share too much without proper protection.  The only mechanism that protects us from someone using that information against us is mutual trust.  We all value trust and that’s what’s keeping these social interactions possible in Facebook.

But, there are always cases where people fall victim to information piracy because of not knowing whom to trust or how much to trust.  That’s a real problem.

When we meet people in real life, we rely on our senses to see, hear, read, and touch people around us and, ultimately, assessing just how trustworthy they are.  Yet in Facebook, it’s not as clear-cut.  It’s too easy for individuals with ill intentions to mask their true identities and pretend to be someone else.  All they need is a fake Facebook account and copy-and-pasted picture to impersonate someone.

This problem manifests itself in multiple forms in Facebook.

One obvious case is people creating fake Facebook IDs.  Although it’s clearly in violation of the site’s terms of use, Facebook is not validating anyone’s identities.

Another problem is the proliferation of malware in Facebook applications.  Facebook has written an application developer’s guide to encourage good behavior, but there are too many individuals exploiting this “social trust.”  As the number of people who abuse this trust grows, Facebook will ultimately become less reliable and will have to deal with less sharing as a consequence.

Yet another issue is unclear privacy policies.  As I wrote in my last blog entry, the FTC determined that Google must be held accountable to third-party privacy audits.  Adding a new feature without clear privacy guidelines is a bad thing, and the FTC has shown its willingness to go after such underhanded tactics.

It’s refreshing to see similar sentiments expressed in other bloggers like Graham Cluley at Sophos and Justin Williams at Classy Llama Studios.

The ball is entirely in Facebook’s court now.  Will Facebook burn cleaner coal for the rest of the social media industry?  Or will it continue to pollute social media with unregulated social pollutants?

What do you think?  Please tell us how Facebook can build a more socially responsible environment for all of us.

What Has Privacy Got to Do with Social Networking?

By Jae Kim,   April 8, 2011

As social media users, we have all gotten used to accepting less privacy as a necessary evil for social networking sites. When you sign up for a new social networking service, checking off that Terms of Use Agreement checkbox means that “yes, I trust you to do the right thing when it comes to sharing my information.”  And, social networking sites usually take this to mean whatever makes sense for them.  Especially when they are introducing a new feature, they would like to interpret it to mean, “surely, you must want to use our new service since you haven’t deleted your account.”

Google Is Vowing Not To Repeat Buzz’s Mistakes,
And It Shows How Google Has Designed/Launched ‘+1′;
Note The ‘Publicly’ and ‘Undo’.

Well, that was yesterday’s interpretation.  No more bending the privacy rule to bootstrap the newly launched service.  Thanks to the Federal Trade Commission (FTC) and Google’s bungled attempt to launch Buzz by automatically signing up all Gmail users, now all social networking sites will think twice before stretching the privacy rule and determining the default options.

The other day, the FTC made its first ruling against the floundering social networking site, Google Buzz, to enforce a third-party privacy audit every two years for the next 20 years.

What’s interesting is that FTC’s complaint includes finer points on how not to design an interface.  The 8-page FTC complaint points out that “the controls that would allow the user to change the defaults were confusing and difficult.”   Translation:  no more deceptive tactics like making the Default setting to share more and burying the Privacy Settings link deep within the site.

We are already seeing some signs of Google taking this lesson to the forefront of their Google +1 design (Google’s interpretation of Facebook’s Like “thumbs-up” button).  Here’s what Google is doing differently with +1:

1. Silent launch

Chances are you have not heard of Google +1.   That’s not too surprising.   Google has not made a lot of noise about its new social search enhancement.  They are underplaying its significance and released it as an experimental feature, which is an opt-in only service for now.  Compare this with the big splash Google made with Buzz.

2. Clear user feedback that everything is shared by default

Google is providing clear feedback to users that any link a user endorses will be shared with everyone else.  Whenever a user clicks the ‘+1′ button, Google displays this privacy setting for you.

Google Is Hiding ‘+1′ Tab From Public View By Default;
It Looks Like Google Learned The Lesson From Buzz

3. ‘+1′ tab is not shown to everyone by default

Once you opt in to try Google +1, you will start seeing the ‘+1′ tab showing up on your Google profile page.  And, it’s not shown to everyone else by default.  This default value is clearly shown to the user when s/he opens the ‘+1′ tab.

So, don’t give up on Google and their social search.  This time around, it looks like you’ll also get better privacy controls with the help of the FTC.  That will certainly be welcome news to all users.

What do you think?  What do you think of the FTC’s complaint?  Have they gone far enough, and do you think Google’s taking enough action?  Let us know.