In a recent post, we alerted you to the fact that when you tag a photo, status update or post on your Facebook, then the Friends of the people you tag can see and comment on that post.

In this follow up post we want to show you how to prevent this using your Privacy Controls.

When you post a photo, video, or status update of any kind, you can use your Privacy Controls to customise who can see and comment on them.

  • When you post a Status Update (this can include posting a photo or video, or a Life Event) on your wall, click on the Privacy Settings button in the bottom right of the box next to the Post button. The Privacy Settings button usually defaults to Friends.
  • Click on the Custom link.
  • Uncheck the Friends of those tagged option.
  • Click on the Save Changes button.
  • You will see that there are also options for setting who specifically will, and will not see what you are posting.

This process can be used for photo albums, individual photos, videos, status updates and life events.

If you have any questions you would like us to answer regarding any form of social media security, please do not hesitate to comment below, or on our Facebook page at:



You may not know this, but when you tag a Facebook Friend in one of your photos, or in a comment, or status update, all the tagged person’s Face book Friends can then see, and comment on that photograph, comment or status update, even if those people are not your Facebook Friends. 

This can have some serious implications for your social media privacy. You may have all your security settings at maximum privacy, and the security setting on that particular item set to Friends only, but if you tag a Friend in one of your photos, comments, or status updates, then that person’s friends can see it and comment, and copy it, and do what they want with it.

It’s kind of like practicing safe sex. You’re not just sleeping with your partner, but all the other people they have slept with too, and all the other people those people have slept with, and so on…

So, what can you do? Well, it’s simple. Don’t tag.  Unless of course you don’t mind the whole world seeing what you are tagging. You can also set your privacy settings so that any of your content that your Friends tag, has to be approved by you first. While you’re at it, you could set your privacy controls so that any content Friends tag you in, has to be approved by you first.

Here’s how to do it:

  • On your NewsFeed page (the one that’s not your main Profile page), click on the down arrow (upside down triangle) in the top, right-hand corner of the page, next to Home.
  • Click on the Privacy Settings item.
  • Look for the Timeline and Tagging item in the list.
  • Click on the Edit Settings link.
  • Set Who can see posts that appear on your timeline because you’ve been tagged? option to Friends (or to anything other than Public.
  • Set Review posts friends tag you in before they appear on your timeline to On.
  • Set Review tags friends add to your own posts on Facebook to On.
  • Set Who sees tag suggestions when photos that look like you are uploaded? to No one.
  • Set Allow friends to check you in with mobile Places to Off.  
  • Click on the Done button.

After you have done this, anytime someone tags you, you will receive a notification that will show up on your main Profile page, as a red flag next to the Activity Log item in the top right hand corner of the menu bar, under your Cover photo (and to the right of your Profile photo). You can click on the red flag then approve or not approve the tags.



Last night I was sitting on my couch in my apartment in Paris, with a friend who was staying with me for Fashion Week. We were both looking at and sharing our Facebook with each other, laughing about some of the photos on her Facebook of horrible fashion faux pas, and looking at some of the entries I had recently made for eConscious Consulting.

We had just recently had a discussion about an article I had written about “Like”-ing pictures on Facebook, and how it can expose your activity to unknown third parties.

Suddenly, on my Facebook newsfeed, there appeared a gruesome picture of a severed head. I had to look twice to make sure, but someone had in fact posted a picture of a severed head, and had tagged two of my friends on it (this is how I could see the photo as the person posting it was not a friend of mine).

To say I was shocked was an understatement. I felt sickened and immediately made a comment on the photo querying the sanity of the person posting it, and then reported the photo to Facebook. I then rang my friend to alert them to the fact that they had been tagged on such a gruesome picture. They were aware of it, as the person who posted it was related to one of them, he had taken it after a bombing in their home country. They had requested that they be untagged and I am sure, suggested to the person posting it that it was not suitable for Facebook (or perhaps anywhere else).

I then got to thinking about another article we reposted about the people who are responsible for vetting reported photos on Facebook

Some other unsuspecting person was about to get a shock too. It certainly brought home the truth of what Hugh Pickens was saying in his article.

This morning, as I was once again sat browsing through my Facebook, looking for inspiration and pertinent articles for eConscious Consulting, enjoying many of the articles and posts about International Women’s Day, when up popped another picture, posted by a non-friend, but with a friend tagged on it (which is how I could see it), that also kind of shocked me. I don’t know how many of you know this painting ‎”l’origine du monde” by Gustave Courbet, 1866, which is hung at the Musée d’Orsay here in Paris,

(Warning: graphic painting of female genitalia)

but it is quite graphic, and very much on topic for IWD.

What concerns me is the randomness of these images, one gruesome and violent, and one artistic but graphic. Both of these pictures were posted by non-friends, but the mere act of tagging my friends on them, combined with leaving the privacy setting on the photos as Public, allowed me to see them. And I don’t want to have seen them, especially not the first one.

Fortunately, I was not in a public place, or in a professional environment, nor were there any children around that could have been accidentally exposed to these pictures, but it could happen.

Pay attention to what you post, if the content is private or disturbing, or could compromise another person’s privacy, ensure that the privacy settings are not left as Public. And, be aware that anything could pop on your Facebook newsfeed, so be consciousof who could be exposed to it.


In cyberspace, someone or something always knows where you (digitally) are, what you are saying and who you are saying it to. Every person that logs on leaves a digital footprint on the Internet. We assume that everyone pretty much knows this by now, and most of us are fairly careful about what we say and do. But even though we are aware and careful, many of us out there still believe that we have the right to say what we want, when we want (even if we don’t actually say it).

This is not entirely accurate.

Nowhere is it less accurate than in the workplace. In the USA, most people might believe that their freedom of speech on the internet is protected by the First Amendment. Those people might be a little surprised to learn that in the workplace it is not. When you use your employer’s Information Technology (IT)*, all content you create, view, and disseminate is essentially the property of your employer. And, your employer has the right to search and view all content on their IT systems. This includes emails, Instant Messaging (IM) messages, posts to social media sites such as Facebook, Twitter, YouTube, Pinterest, Instagram, FlickR, ASmallWorld, and Myspace, among many others. It also includes blog entries, comments on another persons social media sites or blog entries, and your search engine history (what you search for in Google, Bing and Yahoo etc.)

Most people know that content on an employer’s internal and proprietary systems is discoverable, but assume that content on application’s external to the employer’s is not. When you use your employer’s IT systems to run external software such as IM, Skype, Facebook, Facebook Chat, and other such applications, your employer has the right to monitor and record whatever it is you type or upload, or download. And this doesn’t have to be just within business hours.

If you are using a company provided laptop computer, tablet computer, or Smartphone, or any other technology that is provided by your employer, they have the right to monitor and record all data on that equipment, whether inside of our outside of business hours.

So be aware of what you are writing, uploading and downloading when using employer provided technology, even at home.

There have been many cases of employees being dismissed for misuse of company provided IT systems. Surprisingly, a lot of these cases have concerned people publicly dissing their employers or co-worker on their Facebook or Twitter accounts, or in their blogs. We can expect to see a lot more of this.

In Australia employers have the right to monitor and record all data on their IT systems. It is recommended that all employees should be made fully aware of the type of monitoring being conducted. A well designed and thorough IT Usage document and ePolicy covering all aspects of IT usage including social media, can provide protection for both employers and employees. An example of what to include in an ePolicy document can be found in the ABC’s Use of Social Media Policy:

  • Do not mix the professional and the personal in ways likely to bring the ABC into disrepute.
  • Do not undermine your effectiveness at work.
  • Do not imply ABC endorsement of your personal views.
  • Do not disclose confidential information obtained through work.

Employers should make their electronic Policy (ePolicy) clear to all employees. They can provide education sessions, written copies of the ePolicy to all employees, and an information point for any questions that employees may have.

The following story came to us from a NineMSN Staffer in Australia. It highlights not only why you should pay attention to what you put out there on social media, but also that there are people watching what you Tweet, and put on other social media sites. The USA is very sensitive about security issues, and as the following story shows, even a joke or a throw away line can land you in serious trouble.

Social Media is worldwide. As is true when doing business internationally, when posting on our social media sites, it stands us in good stead to be culturally sensitive, and aware of who may see what we are posting.

By ninemsn staff:

“Two British tourists were stopped from entering the US and held at the airport after they joked on Twitter they were going to “destroy America”.

Leigh Van Bryan, 26, was handcuffed and held in a cell with Mexican drug traffickers for 12 hours after arriving at Los Angeles airport with his 24-year-old friend Emily Bunting last Monday.

Mr Van Bryan had been flagged as a potential danger by the Department of Homeland Security after he tweeted his friend days before he left the UK, the  Daily Mail reports.

“Free this week, for a quick gossip/prep before I go and destroy America?” he wrote.

But when the pair arrived in the US, they were both detained by armed guards.

US officials ignored the protests of Mr Van Bryan and Ms Bunting, who tried to explain that “destroy” was British slang for “party”.

They were held for five hours on suspicion of planning to “commit crimes” and had their passports taken away.

Van Bryan was also questioned about a separate tweet, in which he quoted US comedy Family Guy.

“3 weeks today, we’re totally in LA p—ing people off on Hollywood Blvd and diggin’ Marilyn Monroe up!” he wrote.

Officials searched through their luggage, reportedly looking for spades and shovels, saying Ms Bunting was planning to act as Mr Van Bryan’s look out while he raided Monroe’s tomb.

“It’s just so ridiculous its almost funny but at the time it was really scary. The Homeland Security agents were treating me like some sort of terrorist,” Mr Van Bryan said.

The pair spent 12 hours in separate cells — Mr Van Bryan was locked up with two Mexican drug traffickers — before they were sent home via Paris.

The pair must now apply for visas from the US Embassy in London before flying to America again.”

Here is a link to the news story in another publication:

Cyber Bullying

I have been asked by many of my friend’s children to be their Facebook friend. I usually say yes, and then I take the opportunity to talk to my friends about how they are monitoring their children’s social media presence(s). Most often, the conversation is centered on either cyber bullying, or the posting of inappropriate content. Many of my friends worry about what to do if their child is the victim of cyber bullying, but not many of them talk about what the consequences could be, if their child was the cyber bully.

Recently, I read an article about how social media may change the law in 2012. One area that is most in need of development are the laws that protect people, all people, not just children, from cyber bullies, and provides redress for those who find themselves victims of this crime (and here I refer to it in the moral sense and well as the legal sense).

Cyber bullying is using any form of electronic communication to harass, embarrass, intimidate, or terrorise another person by means of threats, sexual remarks, pejorative labels (hate speech), ridicule, false statements or disclosure of personal data.

Traditional bullying has been characterized by:

  • An intention by the bully to hurt the target (emotionally or physically)
  • An imbalance of power.
  • A continued threat of further aggression.
  • An inability by the target to defend themselves, or “fight back”.

All of these characteristics can be extended to, and even enhanced by the use of electronic media.

The term ‘cyber bullying’ is more often applied to the practice when it is perpetrated by one child upon another, or by an adult upon a child. When the practice is perpetrated by one adult upon another the terms ‘cyber stalking’ or ‘cyber harassment’ are more often used. This differentiation in terminology could be a proving point when deciding whether or not the act constitutes a crime or an infringement of law, as stalking and harassment appear to be more prevalent in the law courts, and perhaps easier to prove and legislate against.

All over the world governments are working on creating laws that protect their citizens from cyber bullying, stalking and harassment. But as you can imagine, this is an incredibly difficult task, given the breadth of the meaning that can be given to these terms and the needs to protect individual rights like freedom of speech and freedom of information, whilst trying to balance the need to protect citizens.

In the USA there is currently no Federal cyber bullying law that has been tested in the courts. A federal lawsuit did eventually result in Megan’s Law being passed in Missouri in 2008. Statute Chapter 565 – Offenses Against the Person Section 565.090 is unofficially known as Megan’s law, the statute is named after 13-year-old Megan Meier who committed suicide in 2006 after being the victim of an Internet hoax set up by a schoolmate’s mother. The law makes it a felony for someone 21 years or older to communicate with someone 17 years or younger by phone or electronic means in order to recklessly frighten, intimidate, or cause emotional distress to that person.

In New Jersey, the case of Tyler Clementi spurred legislators to pass the “Anti-bullying Bill of Rights.” Many other states have introduced their own legislation in various forms to try to prevent cyber bullying.

In the European Union (EU) there are no laws to prevent cyber bullying.

Cyber Bullying Law in Australia

Cyber bullying is a growing problem in Australia, and a recent article suggests that Australia has been polled as the worst country for cyber bullying in the world[1] Perhaps one of the reasons for the rise is not that children and young adults are becoming meaner, but perhaps more that they are not only becoming desensitized to violence and bullying through their mass exposure to violent images via mass media (TV, movies, games), coupled with less parental supervision (due to busy lifestyle schedules); but also that the ability to bully anonymously takes away the feeling of moral responsibility they may feel when face-to-face with their victim.

The majority of cyber bullying ‘cases’ that have come to light in Australia have mainly involved one child being cyber bullied by one or more other children. The question, when looking at this from a legal perspective is “can the offender be deemed by law to be responsible for their actions?” This question ascertains whether or not the offender can be deemed to have perpetrated a criminal act. And this is why education in schools, coupled with parental discussion with regards to bullying, and now cyber bullying, is of the utmost importance.

In Australia, at common law, the age of criminal responsibility is 10 years (by statute). This means a cyber bully under 10 years will not be criminally responsible. Between the ages of 10 and 14, it must be proven that the child knew that they should not have committed the offence. Anyone over the age of 14 can be held criminally liable for their own conduct.

Legal discussion in Australia around cyber bullying has tended to focus on children and schools. New South Wales is the only state or territory to have introduced provisions to prevent cyber bullying, and these provisions only cover situations where both the offender and the victim, child or teacher are actually on the school premises.

Cyber bullying could be prosecuted in all Australian states and territories as ‘assault’. That is, if there exists a threat of force that puts the target in fear of imminent violence, whether there is in fact any actual direct or indirect application of force, then a common assault may have been committed. However, in order to prove such an offence the threat must be evidenced in some way, and under Queensland, Tasmania, and Western Australian statutes, words or images online are insufficient evidence of a threat.

The Commonwealth Criminal Code Act 1995 could be used as a redress against cyber bullying as it covers a number of offences including the misuse of telecommunications services to menace, threaten or hoax other persons.

This Act highlights a very important aspect of bullying and by extension, cyber bullying; and that is the intention of the bully. Even if the target of the bully does not have the fear that the bully will carry out their threat, if the intention of the bully can be proven, the bully can be prosecuted.

The Commonwealth Crimes Legislation Amendment (Telecommunications Offences and other Measures) Act (No. 2) was passed in 2004 and covers offences relating to mobile phones, including making hoax threats and hoax triple zero calls, making threats of violence and sending offensive images. The maximum penalty under this act is three years in prison, and an automatic criminal record.

Allem Halkic (17) jumped from Melbourne’s West Gate Bridge on February 5, 2009, after an ex-friend sent him a stream of threatening messages via SMS and the Internet. On April 8, Allem’s tormentor, Shane Phillip Gerada, 21, became the first person in Australia to face prosecution for stalking via cyber bullying when he pleaded guilty in the Melbourne Magistrates Court to stalking. Said magistrate Peter Reardon; “It demonstrates SMS messages or Internet communication may have severe consequences on intended victims, whether meant to or not.”

It is important to note here that bullying is not always just one person bullying another. Quite often there are several people involved in the bullying. This is the case in an increasingly common form of bullying known as ‘happy slapping’. This is where an unsuspecting victim is assaulted, and another party, or other parties capture the assault, often and increasingly using a mobile phone, and the resulting footage is then posted online. The people recording the assault are then accomplices to the assault under the Commonwealth Criminal Code Act 1995.

In 2011 there was outrage amongst the public when a mobile phone video went viral of a bully attacking another boy at a Western Sydney high school. In the wake of incidents like this, South Australia’s Attorney General John Rau proposed new laws to prosecute anyone involved in such activity.

All Australian states and territories have their own threat offences, which mirror the Commonwealth threat provisions.

There have been several well-publicized cases of cyber bullying, and cyber bullying related suicide amongst teenagers in Australia. But the majority of cyber bullying, especially amongst children and teenagers will go unreported.

It is important to remember that cyber bullying is not only the domain of children and teenagers. Work place cyber bullying is a practice that employers must be aware of and educated about in order to protect themselves from prosecution and their employees from being victims of or carrying out cyber bullying. This problem cannot be addressed by merely extending current workplace practices policies to cover cyber bullying.  New methods of education and redress need to be put in place, monitored, updated and reapplied regularly.

I have a Facebook Friend, he sent me a Friend Request several years ago, and because I was still at the “new and impressed” stage of my Facebook history I thought to myself “Why not?” He looked interesting enough. I was there after all to make new friends and discover the Facebook world.

Please be my Friend Wiz.

It was only after we had been Friends for a while, and had some pretty good conversations, that I checked out his ‘Friends’ list, and discovered he was a ‘collector’. You know the ones…. Guys that send out Friend Requests to women they like the look of, lots of them, and gather the ones that actually accept his Friend Request, into their harem.

These ‘collectors’ usually respond to the sorts of women whose pictures are a little bit saucy. Bikini shots, provocative facial expressions, semi-nude, or sexily dressed, or even just attractive and nice. These guys troll Groups and Pages, and worse, their Friend’s Friend Lists for new ‘conquests’. Why they do this should not be such a mystery, I’m guessing it’s for the pictures; we all know how visual guys are. And judging by some of the pictures I see being posted on Facebook, they are getting lots and lots of satisfaction.

Anyway, I’m not telling you this little anecdote as an indictment on my Friend, I’m describing it because his activity on Facebook highlighted a possible area of weakness on Facebook. Through his Likes of the pictures posted by his harem, I have been able to discern exactly what his ‘tastes’ are. You see, when you Like a picture on Facebook, if the person posting that picture has left the Privacy setting on it as ‘Public’ , or as “Friends of Friends’, then everyone on your Friend list will see your Like in their News Feed, providing they are looking at their News Feed at the time your Like is posted, or for the duration it is visible for above the line.

Now, not everyone spends as much time on Facebook as I do (it is my job after all), so not everyone is so acutely aware of what their Friends are up to as I am, but it was just one of his Likes that piqued my attention and caused me to somewhat subconsciously look out for him in my News Feed. And soon I was discovering all sorts of things about his tastes in women, clothing styles, poses and tattoo placement.

Perhaps I should mention here that I have used the Facebook ‘Lists’ functionality to segregate all my Friends into different Lists:

  • Family
  •  Close Friends
  • Acquaintances
  • Work Friends
  • Stalkers (kidding)
  • Watch List (people who are ‘helping’ me with my work)
  • Subscriptions
  • Etc.

I’m not spending the whole day viewing what every single one of my Friends is up to. I usually check in with my Family and Close Friends Lists in the morning, and throughout the day, then, if I have time I might browse some of my other Lists.

I have noticed that I can learn quite a lot about my Friends by what they. For instance, I have a Friend in the USA who likes French cooking sites. She Likes a lot of pictures of cassoulet and rabbit stew, and cheese.

Mmmmm..... Cheese.

Another Friend likes polar bears, so you can guess the type of pictures she Likes a lot.


But then there are those Friends, usually male, whose Likes make me look again and say “Really?”


Which led me to the question “What do your Likes say about you?”


As a Socially Secure Individual, you want to know exactly what it is you are putting out there in the digital domain. This means being familiar with all the privacy settings on the social media applications you use. Some of these applications change their privacy setting often, and often without notification, so you need to check them regularly and thoroughly.

Here’s one tip for today:

Before you Like a photo, or an article or anything else on Facebook, check what the privacy setting is. If it is Public, then ask yourself if you want the whole of your Facebook world to know that you Like it?

You can also ask all your Friends to unsubscribe from your Likes and other actions on Facebook like this:

“As you all know I like to keep my FB private except to those I am friends with. So if you all would do the following, I’d appreciate it. With the new FB timeline on its way this week for EVERYONE. . . please do both of us a favour: Hover over my name above. In a few seconds you’ll see a box that says “Subscribed”. Hover over that, then go to “Comments and Likes” and unclick it. That will stop my posts and yours to me from showing up on the side bar for everyone to see, but most importantly it limits hackers from invading our profiles. If you repost this I will do the same for you. You’ll know I’ve acknowledged you because if you tell me that you’ve done it I’ll “Like” it.
Thanks everyone”

And yes, the best way is still to just think about what you are doing, and be a present and aware content creator.