Vladimir Rakhmanin | Deputy Online Editor
Late August of last year, I found myself in a situation that many others across the world had experienced. I had received a friend request on Facebook – the issue was that I had never seen or heard of this person in my life. He had a foreign, Asian name, and his account stated that he was from Thailand. Who was this mysterious person, and where did he find my account? If were to add him, he would have access to my photos, my timeline posts, and my friends list – maybe not the most sensitive information he could obtain, but adding him would still be allowing a stranger into my personal life. Surely others would do the same when presented with a similar dilemma?
Or would they? I began to think about the issue at hand. The general piece of advice that is told to Facebook users concerning their personal information is to switch on their privacy settings. But technically, those privacy settings won’t help one bit if you add random people as your friends. By doing so, all the stuff that’s kept under wraps by Facebook’s control settings is made available to the person you just brought into your online social circle. So how many people, upon such an encounter, would fall into the simple trap?
To test this, I decided to carry out an experiment. The goal was simple – to set up a fake Facebook account and add random people – Trinity students of both genders to make the study relevant to the readers of The University Times – and seeing if they would respond. Some friends of mine who live abroad (meaning that no one in Ireland should already know what they look like) allowed me to use their photos to make the account appear genuine. The faces in all the photos were obscured, meaning that they could not be easily recognised. I also changed the gender of the account some time into the experiment, to see if this would have any effect. I ‘liked’ some random typical pages to make the account plausible, and added a generic landscape cover photo. The general aim of this is to create an account that could be mistaken for someone any given test subject had met – utterly generic and fairly typical. It’s far more likely that a person would add me if they thought that maybe the dummy was someone they had met at a party, or spoken to in passing but had not found out their name. For ethical reasons, I deactivated the account after the experiment had concluded.
By the time I culminated my analysis, my dummy account had acquired 104 friends. The results speak for themselves.
To carry out the experiment, I used Facebook’s Friend Finder system, which allows you to add people you may know by filtering them through various categories. As I have stated before, I decided to limit the study to Trinity students, and so I began to add everyone who had put ‘Trinity College Dublin’ as their education status. Of course, there could be an error margin here of people who are graduates and had forgotten to change their education, or people who simply do not go to the college who for some reason decided to state to the internet that they go to Trinity. I did my best to figure out who was genuinely a Trinity student and who wasn’t, but, nevertheless, I must say that the possibility of error is there.
Things did not go so well at the start of the experiment, when I was still using a default female account with a regular profile picture. Only a few people accepted my requests out of the very many that I sent out, and Facebook blocked me from friending people for two weeks because of those rejections.
After that fortnight, I decided to take a different approach. Obviously, the people I had been trying to add did not have any mutual friends with me, obviously making my requests very suspicious. To counteract this problem, I started adding assorted accounts dedicated to nightclub promotions and Trinity societies. These corporate accounts obviously benefit from getting as many friends as possible – this allows them to communicate their promotions, deals and events to an enormous amount of people.
My acceptance rate sky-rocketed from 10% to around 60%. Due to the fact that those people did not bother to check who exactly our mutual friends were, they had unwittingly led a completely random person into their life.
However, my goal was not to benefit from these promotions. I had a different idea in mind. The people who were also friends with those companies would see that we had several mutual friends. What if the fact that the mutual friends in question were non-human entities? What if all they saw was that under my friend request it said ‘7 mutual friends requests’, and clicked accept without further consideration? In fact, this was exactly what happened. My acceptance rate sky-rocketed from 10% to around 60%. Due to the fact that those people did not bother to check who exactly our mutual friends were, they had unwittingly led a completely random person into their life.
Things went a lot smoother after that – the number of people with mutual friends grew larger and larger, and my circle of online connections increased significantly. The next improvement came when I changed my profile picture to a more revealing one (still of the female gender). As was expected, the number of males to accept this account increased, while the number of females who accepted stayed the same. It’s fascinating how the men in this study would add a random woman quicker if she was wearing less clothes, even if they had never met her in real life.
Of all the people added, only three sent me personal messages asking me how I know them (after accepting my friend request, not before). This is probably the safest approach with these kinds of situations, but only if you do it before adding a person, not after. Otherwise, the stranger still has access to your information. Perhaps the most hilarious thing to come out of this experiment is the fact that two people actually sent me friend requests, despite the fact that they couldn’t possibly have known the dummy. The only plausible explanation I could find for this is that they might have accidentally clicked my name on the ‘people you may know’ side banner.
So what is it that compels people to add strangers on Facebook, knowing full well that they don’t know that person? For one, it could be the idea of reciprocity that has governed human behaviour for generations. We see a friend request as something of value – therefore, it would be rude not to respond, to recognise the act of kindness that the stranger has sent your way. It could also be the fact that a friend request is a significant ego boost to a person. We all wish to be social – we all wish to have friends. In real life, you are able to make friends by spending time together, or by doing activities together, etc. Facebook bypasses that and directly tells you that ‘X wishes to be your friend’. This allows people to satisfy their need for popularity in a quick and cheap way (despite the fact that it lacks vital parts of human interactions).
In any case, this experiment has definitely demonstrated how 104 people voluntarily fell into a trap, divulging personal information to a complete stranger who managed to bypass their privacy settings in an extremely simple way. I believe that the main lesson to learn from the study is that maintaining your privacy in the digital age is a proactive process – switching on privacy settings is not enough; one must always be on guard against potential breaches.
