Post on 04-Jul-2020
Privacy Implications of Privacy Settings and Tagging in Facebook 1
Privacy Implications of Privacy Settings andTagging in Facebook
Stan Damen, Nicola Zannone
Eindhoven University of Technology
10th VLDB Workshop on Secure Data Management
COMMIT/
S. Damen & N. Zannone Privacy Implications of Privacy Settings and Tagging in Facebook 1
Privacy Implications of Privacy Settings and Tagging in Facebook 2
Motivations
Social Networks
Increasingly popular
I millions of users across the world
Benefits
I Finding old friends
I Building communities around commoninterests
I Gaming
I ...
S. Damen & N. Zannone Privacy Implications of Privacy Settings and Tagging in Facebook 2
Privacy Implications of Privacy Settings and Tagging in Facebook 3
Motivations
Information Sharing
I Posting
I Sharing pictures
I Profile (partially) publicly available
I Third party applicationsI games, online marketplace
I Tagging
Huge amount of personal information available on social networks
S. Damen & N. Zannone Privacy Implications of Privacy Settings and Tagging in Facebook 3
Privacy Implications of Privacy Settings and Tagging in Facebook 4
Motivations
Privacy Issues
I Social network privacy practices: related to the collection andprocessing of personal data by the social network and theirdisclosure to third parties.
I user tracking (e.g., Facebook “Like” button), user profiling foradvertisement purposes, secondary usage of data, and storinginformation after it was deleted by the user.
I Information disclosure to contacts: misuse of personal informationby other users in the social network.
I e.g., cyberstalking, identity theft, discrimination
S. Damen & N. Zannone Privacy Implications of Privacy Settings and Tagging in Facebook 4
Privacy Implications of Privacy Settings and Tagging in Facebook 5
Motivations
Privacy Paradox
“There is only one thing in the world worse than being Facebook stalked,and that is not being Facebook stalked”
Atwan and Lushing (2008)
S. Damen & N. Zannone Privacy Implications of Privacy Settings and Tagging in Facebook 5
Privacy Implications of Privacy Settings and Tagging in Facebook 6
Motivations
Privacy Regulations
I Privacy legislation imposes stringent requirements onthe collection, processing and disclosure of personal data
I Upcoming European regulation on data protectionI user empowerment in controlling own dataI easier access own dataI right to be forgottenI right to data portability
S. Damen & N. Zannone Privacy Implications of Privacy Settings and Tagging in Facebook 6
Privacy Implications of Privacy Settings and Tagging in Facebook 7
Motivations
Empowering Users
I Social networks provide control toolsI Privacy settingI Facebook “View As” functionalityI Google Dashboard
I False confidence of being in control of data
Goal
I Understand exiting privacy controls for collaborative systems.
I Focus on privacy impact of privacy settings and tagging in Facebook.
S. Damen & N. Zannone Privacy Implications of Privacy Settings and Tagging in Facebook 7
Privacy Implications of Privacy Settings and Tagging in Facebook 7
Motivations
Empowering Users
I Social networks provide control toolsI Privacy settingI Facebook “View As” functionalityI Google Dashboard
I False confidence of being in control of data
Goal
I Understand exiting privacy controls for collaborative systems.
I Focus on privacy impact of privacy settings and tagging in Facebook.
S. Damen & N. Zannone Privacy Implications of Privacy Settings and Tagging in Facebook 7
Privacy Implications of Privacy Settings and Tagging in Facebook 8
Outline
Facebook Profile
Privacy Issues
Proof-of-Concept
Conclusions & Future Work
S. Damen & N. Zannone Privacy Implications of Privacy Settings and Tagging in Facebook 8
Privacy Implications of Privacy Settings and Tagging in Facebook 9
Facebook Profile
Profile Model
Profile
Image
Post
Tag
Profile Information
Comment
Posted_By
User
Data Provider
Tag TargetData Host Tag Issuer
Owns
1
*
1
1
1
Made_By
Album
1
1Group
Belong_To
1
Uploaded_By
*
Issued_ByRefer_To
1
1
*
11
1
*
1
*
*
1*
1
*
1
1
**
*
1
* *
Defined_By*
S. Damen & N. Zannone Privacy Implications of Privacy Settings and Tagging in Facebook 9
Privacy Implications of Privacy Settings and Tagging in Facebook 10
Facebook Profile
Privacy Settings
I Settings for visibilityI Specify who can view an objectI Defined in terms of groups (only me, friend, friend of friend, custom
groups)I Defined for each object (album, photo, post, etc.)
I Settings for posting (define who can post)I Settings for the visibility of new objects
I User friendlyI By default, more permissive settings
S. Damen & N. Zannone Privacy Implications of Privacy Settings and Tagging in Facebook 10
Privacy Implications of Privacy Settings and Tagging in Facebook 11
Facebook Profile
Tagging
I Tagging allows users to share information faster and easier
I A tag is an unambiguous link to another user
I Additional “features”I Modify visibility of tagged objectI Create a copy of the tagged object in the profile of the tagged user
S. Damen & N. Zannone Privacy Implications of Privacy Settings and Tagging in Facebook 11
Privacy Implications of Privacy Settings and Tagging in Facebook 12
Facebook Profile
Permissions
I Permissions: view, delete, post, comment, tag
I Depending on the roleI Data host: all permissionsI Data provider: delete his post (if still in visibility of the post)I Tag target: delete tag
I Depending on privacy settingI users can see a post if they are in the visibility of the post
I Privacy settings can only be seen by data host
S. Damen & N. Zannone Privacy Implications of Privacy Settings and Tagging in Facebook 12
Privacy Implications of Privacy Settings and Tagging in Facebook 13
Privacy Issues
Scenario (1)
1. Alice posts on Bob’s profileVisibility: Bob’s FoF
2. Eve becomes Alice’s friendEve in the visibility of the post on Bob’s profile
I Eve can see contents on Bob’s profile without Bob knowing itI Facebook’s “View As” functionality does not help
I Bob can restrict visibility to only me or friend
S. Damen & N. Zannone Privacy Implications of Privacy Settings and Tagging in Facebook 13
Privacy Implications of Privacy Settings and Tagging in Facebook 14
Privacy Issues
Scenario (2)
1. Alice posts some content on her profile and tags BobVisibility: Alice’s FoF ∪ Bob’s FoFVisibility (copy): Bob’s FoFEve in the visibility of the post
2. Alice changes the visibility to friendVisibility: Alice’s friend ∪ Bob’s friendVisibility (copy): Bob’s FoFEve in the visibility of the post
3. Alice changes the visibility to only meVisibility: Alice ∪ BobVisibility (copy): Bob’s FoFEve in the visibility of (the copy of) the post
I Alice cannot remove Eve from the visibility of the post withoutremoving the tag
I Alice depends on Bob’s settings
S. Damen & N. Zannone Privacy Implications of Privacy Settings and Tagging in Facebook 14
Privacy Implications of Privacy Settings and Tagging in Facebook 15
Privacy Issues
Scenario (3)
1. Bob uploads a picture of Alice and tags EveVisibility: Bob’s friends ∪ Eve’s friendsVisibility (Eve copy): Eve’s FoF
2. A tag of Alice is added to the pictureVisibility (Eve copy): Bob’s friends ∪ Eve’s friends ∪Alice’s friendsVisibility (Eve copy): Eve’s FoFVisibility (Alice copy): Alice’s FoF
I Alice (data subject) cannot influence visibility of the post
I Alice can only remove the tag
S. Damen & N. Zannone Privacy Implications of Privacy Settings and Tagging in Facebook 15
Privacy Implications of Privacy Settings and Tagging in Facebook 16
Privacy Issues
Issues
I User(s) in control of informationI data host in controlI privacy concerns data subject
I Object-centricI copies are treated as independent objects
I Business-drivenI Personal data (and their sharing) are a business assetI By default, more permissive restrictions
I TaggingI visibility difficult to controlI can be used to identify data subject(s), but not main goalI additional risk of data exposure
S. Damen & N. Zannone Privacy Implications of Privacy Settings and Tagging in Facebook 16
Privacy Implications of Privacy Settings and Tagging in Facebook 17
Proof-of-Concept
Proof-of-Concept
I Implementation of privacy settings in FacebookI Actual view on information (vs. object view)
I LimitationI Need access to privacy settings of usersI Can only be deployed as a functionality of the social network
S. Damen & N. Zannone Privacy Implications of Privacy Settings and Tagging in Facebook 17
Privacy Implications of Privacy Settings and Tagging in Facebook 18
Conclusions & Future Work
Conclusions & Future Work
I Privacy issues mainly caused by design decisions
I Need for novel access control model for collaborative systemsI able to consider role of users wrt dataI able to support novel modalities of social communication (e.g.,
tagging)
I Need for user-friendly transparency toolsI visualize who can see informationI notify when own policy is not enforced
S. Damen & N. Zannone Privacy Implications of Privacy Settings and Tagging in Facebook 18