For past 2 months I have been frequently visiting LinkedIn and keeping my profile up-to-date. As a direct consequence of spending time on LinkedIn, I have befriended many friends over the time. I mostly add people when a suggestion is made by LinkedIn about them. In the recent past, I have observed that some of the suggestions popped up are really weird. I don’t have 2nd or 3rd or any degree relationship with these people on my LinkedIn circle, but off course I know these people outside LinkedIn. This forced me to think how LinkedIn get to know about them. Being a information security professional, I know about the energy and money spent by these company to develop algorithms to connect as many edges as possible in the graph of people. Though unsurprisingly, these were the people with whom I have exchanged at least an email in the past or they are acquaintances on Facebook.
As a personal rule, I never link any of my two accounts ( by using FB, Gmail or Twitter etc) and keep my online footprint as small as possible. This made me feel uncomfortable for next 2 days. After some more thinking, I realized that the devil was in the email account. My LinkedIn and FB accounts are operated using the same email address. For records my email account is on Gmail. The creepy suggestions popping up are from the same email contacts. My email address is being used as a unique key to access my contacts on my various online services unauthorized. And now I am almost sure that LinkedIn is accessing my contacts on various accounts without my consent to do so.
One of the solution I am thinking to work out is to use separate email accounts for all these services. This will be painstaking, as I have to build my respective profiles again on various services, but an important thing to prevent these companies from stealing all the information about you. Secondly, doing away with Gmail as my email provider, as most important personal information is stacked in my emails and if my email provider colludes with some other companies, then I don’t have any personal information by definition. All is public. Not many good alternatives to Google services exist, but there have been many discussion on Hacker news and I will go through them again to find one that suits me the most.
Some might argue that one should discontinue using all social services, but doing so is difficult considering that you have to stay connected with your network some way or the other. In my case, I have lived in 5 different countries and to stay in touch with all my friends professionally or socially, LinkedIn and Facebook are the only good means. In the recent past I have almost done away with wasting time on FB, reading some useless status updates and liking them, but FB messages is still used by many friends of mine to contact me.
One thought still lingers on my mind, how many NSAs are out there and building your personal profile just by using online footprints you left behind?