These days, so MANY of my friends have been totally sucked in to the ‘spam vortex’ (that’s my own colorful term for it) of hi5.com, that I couldn’t bear it any longer. I’ve always been bombarded with messages inviting me to hi5, but it has reached a crescendo over the past few weeks that I can’t stand it any longer and MUST warn people against (possible) dangers.
Those who don’t know what it is, are very lucky. hi5 is a ‘social networking’ site (please read ‘spam’, lots of spam) that is pretty much the rage, at least in India. Which is why, I’m not going to tear apart other such sites like MySpace.com, Zorpia.com, Friendster.com etc, because although I do get invitations from friends on these sites, that is miniscule (and their privacy policies, I feel, are better). Nevertheless, I’m still not a member of these sites. The only site of a similar nature, yet better, that I look forward to joining is orkut (because it’s owned by Google), but alas, here my luck runs out because I never got an invite from anyone. This works to orkut’s advantage, because it keeps spammers out, and there’s at least one person to vouch for you. Hope someone does that to me!
Coming back to hi5, my first complaint is that user data is too easily available. Personal information is very easy to extract from this site. Enter any person’s name or email ID, and you get truckloads of information tumbling out. Spammers can easily confirm existence of possible email addresses, or just enter a few common names, and laugh the way to their email server with the address of users. Sure, even others like even Blogger make such information available to an extent, but users have far more control, and it doesn’t have a ‘come here and search’ link in bold letters on it’s main page.
- Section 5, Content Posted on the Web Site: By Posting Content to any area of hi5, you automatically grant, and you represent and warrant that you have the right to grant, to hi5 an irrevocable, perpetual, non-exclusive, fully paid, worldwide license to use, copy, perform, display, and distribute such information and content and to prepare derivative works of, or incorporate into other works, such information and content, and to grant and authorize sublicenses of the foregoing.
This is similar to what happened to GeoCities when Yahoo! took over it; there was a huge uproar and many GeoCities users left, and then Yahoo! had to change it so that copyright remained with authors. Now this is prominently pointed out in GeoCities ToS. hi5 says that anything you post on hi5 may be used by them for profit, with zilch going to you. And you relinquish all claim of copyright to your work. Do you people seriously want that?
- User Content: hi5 says that it can choose to process the data collected in a country where privacy laws are less stringent than your own country.
- Use of Information: …to send invitation e-mails to people that you specified as being interested in joining the hi5 community…hi5 members can use the search feature to search for other members by different criteria, like location or gender. The Personal Information that hi5 members enter into the hi5 profile will be used for these searches…Please be aware that any information that is publicly posted throughout the hi5 network can be accessed by every visitor of the Website…
Allowing ANY visitor to access this information puts a person at the risk of being spammed. Which EXACTLY the reason we have something called ‘user registration’.
Offers. Hmmm. Sounds familiar, straight out of the Spammers’ Manual? Look at the loophole. First, they mention that information can’t be released by other parties, and then sneak in the last ‘it is governed by their policy, not ours’. Which could very well say ‘we’ll be happy to leak all this to spammers’. It doesn’t mean the spam will originate from ‘@hi5.com’; it simply means your data may get out. And with most companies with such statements, it does. At a later stage, it also says ‘we restrict access to information by third-parties’. Note ‘restrict’? It’s not the same as ‘deny’.
No need to panic if you’re a user of hi5. Just send a mail to firstname.lastname@example.org with the subject ‘account deletion’ and account details. And you’ll be freed from this. But I guess much damage would have been done already.
Apart from that, the sad fact is, that ‘social predators’ are as common as snow in Alaska on these sites. At least, MySpace took encouraging steps to stop this by roping in one the best online security experts (I’m in no hurry to join though). I’ve got an answer to hi5’s ‘Who’s In?’ tagline – ‘Spammers are in’.
P.S. – Are you an orkut user? Puhleassseeee send me an invitation.