Privacy Implications of Privacy Settings and Tagging in ...zannone/publication/... · Privacy...

Privacy Implications of Privacy Settings and Tagging in Facebook 1

Privacy Implications of Privacy Settings andTagging in Facebook

Stan Damen, Nicola Zannone

Eindhoven University of Technology

10th VLDB Workshop on Secure Data Management

COMMIT/

S. Damen & N. Zannone Privacy Implications of Privacy Settings and Tagging in Facebook 1


Motivations

Social Networks

Increasingly popular

I millions of users across the world

Benefits

I Finding old friends

I Building communities around commoninterests

I Gaming

I ...



Motivations

Information Sharing

I Posting

I Sharing pictures

I Profile (partially) publicly available

I Third party applicationsI games, online marketplace

I Tagging

Huge amount of personal information available on social networks



Motivations

Privacy Issues

I Social network privacy practices: related to the collection andprocessing of personal data by the social network and theirdisclosure to third parties.

I user tracking (e.g., Facebook “Like” button), user profiling foradvertisement purposes, secondary usage of data, and storinginformation after it was deleted by the user.

I Information disclosure to contacts: misuse of personal informationby other users in the social network.

I e.g., cyberstalking, identity theft, discrimination



Motivations

Privacy Paradox

“There is only one thing in the world worse than being Facebook stalked,and that is not being Facebook stalked”

Atwan and Lushing (2008)



Motivations

Privacy Regulations

I Privacy legislation imposes stringent requirements onthe collection, processing and disclosure of personal data

I Upcoming European regulation on data protectionI user empowerment in controlling own dataI easier access own dataI right to be forgottenI right to data portability



Motivations

Empowering Users

I Social networks provide control toolsI Privacy settingI Facebook “View As” functionalityI Google Dashboard

I False confidence of being in control of data

Goal

I Understand exiting privacy controls for collaborative systems.

I Focus on privacy impact of privacy settings and tagging in Facebook.



Outline

Facebook Profile

Privacy Issues

Proof-of-Concept

Conclusions & Future Work



Facebook Profile

Profile Model

Profile

Image

Post

Tag

Profile Information

Comment

Posted_By

User

Data Provider

Tag TargetData Host Tag Issuer

Owns

1

*

1

1

1

Made_By

Album

1

1Group

Belong_To

1

Uploaded_By

*

Issued_ByRefer_To

1

1

*

11

1

*

1

*

*

1*

1

*

1

1

**

*

1

* *

Defined_By*



Facebook Profile

Privacy Settings

I Settings for visibilityI Specify who can view an objectI Defined in terms of groups (only me, friend, friend of friend, custom

groups)I Defined for each object (album, photo, post, etc.)

I Settings for posting (define who can post)I Settings for the visibility of new objects

I User friendlyI By default, more permissive settings



Facebook Profile

Tagging

I Tagging allows users to share information faster and easier

I A tag is an unambiguous link to another user

I Additional “features”I Modify visibility of tagged objectI Create a copy of the tagged object in the profile of the tagged user



Facebook Profile

Permissions

I Permissions: view, delete, post, comment, tag

I Depending on the roleI Data host: all permissionsI Data provider: delete his post (if still in visibility of the post)I Tag target: delete tag

I Depending on privacy settingI users can see a post if they are in the visibility of the post

I Privacy settings can only be seen by data host



Privacy Issues

Scenario (1)

1. Alice posts on Bob’s profileVisibility: Bob’s FoF

2. Eve becomes Alice’s friendEve in the visibility of the post on Bob’s profile

I Eve can see contents on Bob’s profile without Bob knowing itI Facebook’s “View As” functionality does not help

I Bob can restrict visibility to only me or friend



Privacy Issues

Scenario (2)

1. Alice posts some content on her profile and tags BobVisibility: Alice’s FoF ∪ Bob’s FoFVisibility (copy): Bob’s FoFEve in the visibility of the post

2. Alice changes the visibility to friendVisibility: Alice’s friend ∪ Bob’s friendVisibility (copy): Bob’s FoFEve in the visibility of the post

3. Alice changes the visibility to only meVisibility: Alice ∪ BobVisibility (copy): Bob’s FoFEve in the visibility of (the copy of) the post

I Alice cannot remove Eve from the visibility of the post withoutremoving the tag

I Alice depends on Bob’s settings



Privacy Issues

Scenario (3)

1. Bob uploads a picture of Alice and tags EveVisibility: Bob’s friends ∪ Eve’s friendsVisibility (Eve copy): Eve’s FoF

2. A tag of Alice is added to the pictureVisibility (Eve copy): Bob’s friends ∪ Eve’s friends ∪Alice’s friendsVisibility (Eve copy): Eve’s FoFVisibility (Alice copy): Alice’s FoF

I Alice (data subject) cannot influence visibility of the post

I Alice can only remove the tag



Privacy Issues

Issues

I User(s) in control of informationI data host in controlI privacy concerns data subject

I Object-centricI copies are treated as independent objects

I Business-drivenI Personal data (and their sharing) are a business assetI By default, more permissive restrictions

I TaggingI visibility difficult to controlI can be used to identify data subject(s), but not main goalI additional risk of data exposure



Proof-of-Concept

Proof-of-Concept

I Implementation of privacy settings in FacebookI Actual view on information (vs. object view)

I LimitationI Need access to privacy settings of usersI Can only be deployed as a functionality of the social network





I Privacy issues mainly caused by design decisions

I Need for novel access control model for collaborative systemsI able to consider role of users wrt dataI able to support novel modalities of social communication (e.g.,

tagging)

I Need for user-friendly transparency toolsI visualize who can see informationI notify when own policy is not enforced


Privacy Implications of Privacy Settings and Tagging in ...zannone/publication/... · Privacy...

Documents

Transcript of Privacy Implications of Privacy Settings and Tagging in ...zannone/publication/... · Privacy...