Show Hide image Security 5 September 2016 People you may know: is Facebook’s friend-finding algorithm putting you at risk? Facebook is under fire after it recommended that a psychiatrist's patients add one another as "Friends". Sign up for our weekly email * Print HTML The girl you went on a date with two months ago. Your therapist. The personal trainer you haven’t seen since January. Your lawyer, barber, maybe even your drug dealer. Scrolling through Facebook’s curated suggestions of “People you may know” will often leave you feeling like the social network can read your mind. Don’t worry, it can’t. But it is reading your address book. Most people are unaware that if you give Facebook access to your phone and email contacts (you can check if you’ve done so here and here) then it will use this information to recommend you “Friends”. In fact, simply having a phone number linked with your account means Facebook can and does mine your contacts. Although many users find it creepy and mysterious, this is why your Tinder date or the man you once sold a coffee table to will pop up in your sidebar from time to time. But what about the other – seemingly random – people listed under “People you may know”? According to Fusion.net, you may be more connected than you think. Speaking to Kashmir Hill, a Fusion editor, a psychiatrist revealed how Facebook suggested that her clients should all become friends with each other on the site. The psychiatrist, who wished to only be identified as Lisa, said that one of her clients showed her his friend recommendations and she recognised many of her patients on the list. Hill concluded that because Lisa’s clients had saved her number in their phones, Facebook’s algorithm assumed they were all connected in a network. Shocking as it is, Lisa’s case is nothing unusual. If you search the words “people you may know therapist” on Twitter, there is a tweet almost every day of someone complaining that Facebook recommended their health professional as a friend. If this many people are seeing their therapists within the suggestions, it is possible they’re also seeing their therapists’ other clients, whether they know it or not. Dr Dawn Branley, a health and social psychologist specialising in the risks and benefits of internet and technology use tells me that if the algorithm works like this, the consequences could be “particularly problematic”. “In addition to breaching patient confidentiality through allowing clients to identify one another, this could also raise issues over the triggering of negative behaviour,” she says, referring to patients who suffer with eating disorders or self-harm. “For example, it could encourage communication between vulnerable users or draw users’ attention to social media profiles which may include images or posts that could trigger negative health behaviour.” Branley recommends that to avoid these issues, professionals should not link their Facebook with their work mobiles or email addresses. “There are options on Facebook to remove synced contact information and to opt out of syncing your phone contacts, should users wish to do so,” she says. “Therefore this should not pose too much of a problem providing users are tech savvy and aware of the implications of allowing access to their phone and email contacts.” As Whatsapp is on the cusp of sharing its one billion users’ phone numbers with Facebook, it’s also important to be careful there. Unfortunately, being careful in this instance might not be enough. Even if you don’t share your phone contacts with Facebook, if someone who has your number shares their contacts, Facebook will still know you are connected. There is also potential that even if you don’t use Facebook, the site might assume two users are connected if they both have your phone number. If this is the case, psychiatrists would need to have one phone for each of their clients – an impossible task. And it’s not just health professionals who are at risk. Anyone who uses their personal phone for work, or has download Facebook on their work phone, is vulnerable. Not only is it unnerving to see your clients on your recommended friends, potentially exposing your clients to one another is a problem for everyone from lawyers to drug dealers, to landlords to prostitutes. “Almost every professional person I have had contact with has ended up in my ‘People you may know’ tool,” says Maya, a 37-year-old from Sydney who was shocked when her ex-therapist popped up nearly two years after she stopped seeing her. “Personal trainers, naturopath, accountant, yoga teachers, dietician, real estate agent, even customers at my work. It's always such an awkward feeling and has only served to reinforce why I share as little information about myself as possible.” Maya didn’t have her therapist in her phone contacts, nor did she ever email her. It is likely that Facebook made the connection because her therapist had her number or email saved, making Maya’s own attempts at privacy redundant. She speculates, however, that Facebook made the connection for other reasons. “The only way I can possibly imagine she would have been included would be if she had looked at my profile,” she says. Although there is little evidence for this, it has long been a rumour that people who are stalking your profile appear as recommended friends. These rumours are given credence because Facebook’s description of how the “People you may know” tool works is extremely ambiguous. It reads: “We show you people based on mutual friends, work and education information, networks you’re part of, contacts you’ve imported and many other factors.” These “other factors” might be people who are looking at your profile, as Maya speculates, or they might be people who share the same phone contacts, as Hill believes. Facebook readily admits that it uses “the info you’ve uploaded about your contacts to make friend suggestions for you and others”, but it couldn’t confirm Hill’s case because Lisa was unable to share her clients’ confidential information with the site. For now, then, individual users are the ones highlighting this flaw. Be it the woman who allegedly found out her husband had another family because of the tool, or the journalists worried about exposing their protected sources, multiple people have expressed their concerns. As far as finding out who your real friends are, then, Facebook has been indispensable. It is now clearer than ever that the site cannot be trusted. › The personal and political: Nicola Sturgeon speaking about her miscarriage is a radical new step Amelia Tait is a technology and digital culture writer at the New Statesman. Subscribe from just £1 per issue More Related articles Will Donald Trump let Russia's "Fancy Bear" hackers slip out of sight? New computer virus prompts you to infect others to save yourself “A disaster waiting to happen”: Can you trust the government to digitise your personal data?