Stuff that occurs to me

All of my 'how to' posts are tagged here. The most popular posts are about blocking and private accounts on Twitter, also the science communication jobs list. None of the science or medical information I might post to this blog should be taken as medical advice (I'm not medically trained).

Think of this blog as a sort of nursery for my half-baked ideas hence 'stuff that occurs to me'.

Contact: @JoBrodie Email: jo DOT brodie AT gmx DOT com

Science in London: The 2016 scientific society talks in London blog post

Sunday, 22 July 2012

Ways in which your email address can 'give you away'

Update: For Twitter at least there's a way to stop people from finding your Twitter account based on your email address, see details in the image below - thanks to Aerliss who commented below.
"You can keep your email private on Twitter though. If you go to settings, under your email is a little tick box that says "Let others find me by my email address". Unticking that should solve the problem, as long as Twitter plays nice." - Aerliss
-----------------------------------------------

Not 'give you away' in the 'you've something to hide' sense but I'm quite interested in the way the internet and social media allow already public things to surface in a way that people might not be aware of. A while back I created a spare Twitter account with one of my umpteen email accounts so that I could give it to my mum to follow me. She didn't want to sign up to anything herself but was curious to play around with it. Sadly she died before she had much opportunity to use it but the account lies fairly dormant and is locked.

I was a bit surprised later to get an automated request to follow me from a friend who'd signed up to Twitter. After they'd signed up they authorised Twitter to access the contacts list that lives in their email account - and my email address was among them. This then let them decide which people they either wanted to follow directly on Twitter or, if they're not on Twitter, to send them an invite by email to join. Had my account not been locked then my friend would have just been able to start following me.

Twitter already had my email address and knew which account I had and was able to share this information with my friend. This seems a little bit like oversharing to me...


When friends (or business contacts or anyone that has your email address) authorise a social media tool to access their contacts list your use of that tool (or not) is 'surfaced' and your email address becomes available to said tool. A number of people have been fantastically peeved to receive repeated email requests from LinkedIn to join the service - these arose from precisely this sort of 'invite all contacts' and for a while it was difficult to persuade LinkedIn to make it possible to block this sort of thing. I think it's all sorted now.


Of course this is exactly the sort of thing you'd expect from tools where sharing is the default - there's really nothing wrong with it and I've signed up to things after email invites. I just think it's helpful to be aware that your email address leaks information in this way.


Here's what I wrote (as section 35) in my guide for celebrities who are thinking about using Twitter. I hope they have social media managers to tell them this sort of thing anyway!


---------------------------------------------------

35. Your email address can give you away

Be careful (or at least aware) what email address you use to create your Twitter account
If other people (friends, agents, lawyers) have your email address in their contacts then they can find your Twitter account if you used that email address to create your account.

If your friend is on Twitter then s/he can authorise Twitter to access his/her email contact list and so can find out which of their chums / clients is also using the service. If you're in there, you'll show up. You may or may not want this. If you don't like this, and would prefer to be under the radar, then consider using a disposable email address.

A commenter on another post I wrote about this pointed out that on Twitter at least you can protect against this by unticking an option to 'let people find you by email' - click on the image below to enlarge it and follow the steps.

















The picture below shows what your friend sees when they authorise Twitter to access their contacts information. Note that the email systems (Yahoo, Gmail. Hotmail and AOL listed on the right) have nothing to do with YOUR email account but relate to the type of email they're using.

If someone lets Twitter read their Yahoo contacts and my academic email address happens to be there then they'll find my Twitter account.



4 comments:

  1. Good advice.

    I use several different emails that are sectioned into "officially me" that I use for anything relating to money (banking, Amazon, PayPal) and for family and job stuff and "online me" that are for Twitter, Facebook, gaming, blog comments etc. I have a third set for signing into things that I know are going to send my email all over the place. I try to keep them unconnected (not always possible).

    You can keep your email private on Twitter though. If you go to settings, under your email is a little tick box that says "Let others find me by my email address". Unticking that should solve the problem, as long as Twitter plays nice.

    ReplyDelete
  2. Genius! Thanks Aerliss - I can't believe I'd not spotted that although it turns out I had already set it to do that (or it was like that as default). Will amend post and the 'celebrities' one. Wonder if Facebook let you do that too, somehow I doubt it ;)

    ReplyDelete
  3. I had already unticked the 'let people find you by email' box and yet the other day I received an email from Twitter suggesting I connect with some people that I happen to know in real life but with whom I have no shared Twitter contacts. I can only infer that they permitted Twitter to access their address book and rather than disclose to them that I was on there, it contacted me directly to make the suggested connection. Technically acceptable under their terms, but nonetheless on the 'creepy and intrusive' side. I can't figure out how to solve that one.

    ReplyDelete
  4. Oh that is a bit weird. Although I think I'd rather they did it that way (in that it's presumably just between you and Twitter rather than snitching to your real-world pals "hey your chum Anonymous is on Twitter").

    ReplyDelete

Comment policy: I enthusiastically welcome corrections and I entertain polite disagreement ;) Because of the nature of this blog it attracts a LOT - 5 a day at the moment - of spam comments (I write about spam practices,misleading marketing and unevidenced quackery) and so I'm more likely to post a pasted version of your comment, removing any hyperlinks.

Comments written in ALL CAPS LOCK will be deleted and I won't publish any pro-homeopathy comments, that ship has sailed I'm afraid (it's nonsense).