Posts

Tweet Breach: 140 Characters of Destruction

tweet-breachLike a wounded, cornered Doberman, I was irrational and reactive.

My blog was down, non-existent. When you earn your keep by communicating ideas, like I do as a professional speaker, any threat to the distribution of those ideas raises the peach fuzz on the back of your neck. After days of being unable to reach my webmaster by office phone, cell phone, SMS text, instant message or email, I dialed up the pressure on him to respond. I turned to the powerful and influential world of social media…

I tweeted him. Publicly.

@johnswebguy Where in the name of Google Earth are you? Why won’t you contact me? [poetic license applied to save face]

140 characters that delivered the impact of a rabid canine. Yes, there was obvious anger in my words, but they were transformed into a venomous rant in the hands of others. Those reading it from the outside could feel the rage I felt at having been cornered without a backup plan. Unfortunately, in my anger, I didn’t make it a direct tweet (a private communication that only the recipient could see), so anyone following these hyper-succinct mini-blogs could view my dirty laundry and fill in the blanks with any back-story they liked. And fill in they did.

In the ensuing minutes, my tweet was re-tweeted (sent out to a mass number of recipients), screen shot (digitally captured to be preserved forever in all its glory) and used as an example as why others shouldn’t do business with my webmaster. I had never even considered ending my relationship with my webmaster, so driving his customers away was the last thing on my mind.

I just wanted to know where he was!

In that instant, dumbfounded with regret, I understood the power of social media to communicate, influence and destroy. Destroy personal reputations. Destroy brand identity. Destroy profit margins, relationships and open communication. As I hit the enter button, I thought I was tossing a snowball, but quickly discovered it had the potential to become an all-out avalanche. For all of its brevity, the words we publish on Twitter or Facebook can be misinterpreted, read as gospel or spread like the plague. It can be very difficult to separate emotion from fact in 140 characters.

My webmaster contacted me from the hospital; he had just gotten out of surgery. Fortunately, I deleted the tweet before it went totally global, explained my mistake to my followers, apologized to my webmaster and got down to resuscitating my blog (when he had recovered from surgery).

Explaining what I had done to someone the following day, I used a term that has stuck in subsequent conversations — tweet breach. Here is my current working definition of tweet breach:

tweet•breach n. 1. Accidentally or intentionally exposing data through social media or other Web 2.0 applications (e.g., Twitter, Facebook, LinkedIn, Wikipedia, Second Life, blog posts, webmail, text messaging, instant messaging, etc.) that would otherwise have remained acceptably private, confidential, anonymous or otherwise properly controlled by the owner or agent responsible for the information. 2. Self-inflicted tweet breech (common) is the act of accidentally or reactively releasing one’s own private information without thinking through the consequences.

Examples: a) posting an individual’s personally identifying information (phone number, credit card account, social security number, etc.) without their consent, knowledge and understanding; b) posting someone’s physical whereabouts, personal history or confidential information without their agreement; c) improperly revealing proprietary corporate information such as intellectual capital, corporate financials, business processes, deal secrets, organizational structure or other sensitive commercial data; d) improperly using social media as a tool of leverage, extortion (if you don’t do this, I will…), or revenge (posting sordid details about your ex, dirty laundry about your former employer, etc.).

I learned so much as a product of my experience that it will provide materials for years to come. Let me share a few of the many fundamental takeaways that you should keep in mind both personally and professionally:

  1. Posting is Public. This seems so obvious, but it is constantly overlooked. When you post (I use the term post to encompass tweeting, blogging, commenting, writing on a wall, publishing to a website, and certain types of texting, instant messaging, etc.), you are making the information available to everyone on the internet (unless you somehow restrict access).In-person relationships are often subtle. For example, you probably wouldn’t tell the same joke to your young child as you would your closest friend. You wouldn’t tell your boss about a successful job interview with another company in the same way that you would tell your sister. But when you post these items online, you are collapsing those layers of distinction, or access, into a one-dimensional view. Everyone has equal and identical access to your joke and your job news, whether you want them to or not. Denial and misunderstanding of this basic principle, that posting is public and will be seen by others, is what leads teenagers to populate MySpace with pictures and content that they would never want their future employers, college admissions officers or even parents, to see.
  2. Posting is Permanent. When you post, you are creating a permanent piece of digital DNA that, for all practical purposes, never disappears. Your words and photos and videos are forwarded, replicated, backed up, quoted and made a permanent part of the internet firmament. In other words, if you post it, you’d better be willing to claim ownership of it for the rest of your life. It is very hard to think a week in advance, let alone 20 years. Would George W. Bush have ever been President had he tweeted his DUIs or possession of Cocaine arrest? The viral and permanent and traceable nature of the information would have doomed his chances.
  3. Posts are Exploitable. Whether they are used against you in a court of law (yes, posts have been used as admissible evidence), used by identity thieves and social engineers (e.g., once a con knows your social network, they can easily use it against you to establish undeserved trust), or aggregated by companies that want to sell you something, posts can and will be used in ways that we average users are not currently considering.

Without question, social media and social networking are killer apps and are here for the long haul. They fulfill too deep a need and too profitable a role in our lives and businesses to write off as a fad. Fortunately, there are concrete solutions for preventing tweet breach and for minimizing damage when it does inevitably happen. I am already experiencing corporations (probably because of their increased risks and liability) beginning to pro-act on the ever evolving side effects of social media. For starters, they are gaining a competitive advantage by:

  • Learning about Twitter, Facebook and other social media first hand. A fun place to start are the videos by Twitter Goddess Gina Schreck (@GinaSchreck).
  • Educating their workforce on the benefits and drawbacks of social media, including tweet breach, productivity gains and losses, social media exhaustion, etc.
  • Establishing guidelines for how to use Twitter, Facebook and Web 2.0 tools in responsible, productive ways
    that deliver the greatest ROI with the least risk
  • Incorporating age-old ideas of etiquette, editorial policy and discretion into the fabric of their new media strategies

I would love to hear your ideas on tweet breach and examples that you have come across. Please feel free to comment with your own tweet breach or similar stories.

After losing his business to data breach and his reputation to identity theft, John Sileo became America’s leading identity theft and data breach speaker. He speaks on the topics of workplace identity theft, data breach and tweet breach. His recent clients include the Department of Defense, the FDIC, Blue Cross Blue Shield, and Pfizer. You can follow his tweets at @john_sileo.