Shruthi Rajegowda Privacy Issues with Social Networking Sites Ai Ho, AbdouMaiga, EsmaAïmeur Département d'informatique et de recherche opérationnelle Université de Montréal Montreal, Canada
Social Networking Sites (SNS) Information Build Network Expect Change in Education System Social Media for Education NSBA Survey Report : Nine-to-17-year-olds –spend about 9hours per week on social networking activities NSBA - National School Boards Association
Social Networking • Most Visited Web Sites – 7 out of top 20 • Potential Privacy threats • Identity theft • Disclosure of sensitive information.
Privacy Issues • Problem 1: Lack of user education/awareness about • Settings defaulted to share users’ personal information • Privacy warnings or privacy settings provided by SNS
Privacy Issues • Problem 2: Lack of Privacy Tools to protect user data • Only basic access control • Profile public or private • Privacy setting interface is Complex
Privacy Issues • Problem 3: Users cannot control what others may reveal about them • Cannot control Friends’ profile • Risks from third party application Just for FUN!!
Privacy Framework • Role: Foundation to address privacy issues • Categorize user data, user privacy concerns and profile viewers • Adapt privacy levels - based on these categorizations • Adapt Tracking level
User data • Categorize user profile information into the following groups: • Identity - determine physically who is the user • Demographic profile- age, gender, weight, race, political view…. • Activity - lists all the activities that users perform • Adding new friends • Commenting on profile • Change in personal information • Social Network • Relationship status • User friends • User subscribed groups • Added content - blog, photos, music or video clips
User privacy concern • Classify data to be shared as a privacy concern • Healthy data – • General information about users • Nick name • Hobbies, • Landscape photos • Harmless data - User’s demographic profile • Harmful data – • Inappropriate photos • Blog entry that may damage the user’s reputation • Poisonous data - Sensitive information that may cause Security risks
Profile Viewers Group people who can see the profile based on intimacy and trust • Best Friends – Trustworthy, can share all information • Good Friends – Real life friends, can share more information • Casual Friends - Based on similar interest, limited information share • Visitors - could be users or non-users of the SNS, not in friend’s List
Privacy levels • Based on Profile Viewers, four levels of privacy
Tracking levels • Strong tracking-User does not mind being tracked on SNS • Weak tracking – User minds if his/her profile is tagged to friends profile • No tracking – No name, no tags, no photos in friends list
Conclusions • Existing solutions do not protect user privacy totally • Lack of user awareness • Privacy comes with a price • Need for Privacy tools – strong and easy to use • Need for Legal Law Enforcement to protect privacy
References • Ai Ho, Abdou Maiga, Esma Aimeur, "Privacy protection issues in social networking sites,", The 7th ACS IEEE International Conference on Computer Systems and Applications,2009 • D. Rosenblum, What Anyone Can Know: The Privacy Risks of Social Networking Sites. IEEE Security and Privacy, 2007 • http://www.contrib.andrew.cmu.edu/~gct • http://www.masternewmedia.org/learning_educational_technologies/social-networking/social-networking-in-education-survey-on-new-generations-social-creative-and-interconnected-lifestyles-NSBA-20071109.htm • http://mashable.com/2010/03/26/facebook-proposes-revisions-to-privacy-policy-hints-at-more-location-features/ • http://www.washingtonpost.com/wp-dyn/content/article/2010/04/27/AR2010042702969.html • http://www.cit.cornell.edu/policies/socialnetworking/facebook.cfm • http://www.facebook.com/policy.php • http://www.eff.org/deeplinks/2010/04/facebook-timeline/