1
FINDING PRIVACY CONFLICTS IN ONLINE SOCIAL
NETWORK SERVICES
1LATHA. S, 2 GAYATHRI. C 1,2Assistant Professor/CSE
Mahendra Institute of Technology,Mallasamudram 1[email protected],2 [email protected]
ABSTRACT
Online Social networking services (OSNSs) such as Face book or Twitter have experienced an explosive growth
during the recent years. Millions of users have created their accounts on these services because they experience great
benefits in terms of friendship. These OSNs not only offer attractive means for virtual social interactions and
information sharing, but also raises privacy issues and security. Although OSNs allow a single user to govern access to
her/his data, they currently do not provide any method to enforce privacy concerns over data associated with multiple
users, remaining privacy conflicts largely unresolved and leading to the potential disclosure of information that at least
one user intended to keep private. In this work, we propose an approach to enable collaborative privacy management of
shared data in OSNs. Specifically we provide a systematic method to find and overcome privacy conflicts for
collaborative data sharing. Our conflict resolution reveals a tradeoff between privacy protection and data sharing by
quantifying privacy risk and sharing loss. We examine how the lack of joint privacy controls over content can
inadvertently reveal secret information about a user including preferences, relationships, text messages, and photos. We
analyze social networks to find scenarios where conflicting privacy settings between friends will reveal information that
at least one user intended remain private. By aggregating the information exposed in this manner, we showed how a
user's sensitive information’s can be inferred from simply being listed as a friend or mentioned in a story.
Keywords
Cloud Computing, Data sharing, CP-ABE Attribute, Encryption.
1. INTRODUCTION
Privacy problems associated with digital
communication and network technologies have been a
major concern among Internet users over the past
decade. The emergence of social networks has even
increased these concerns. People register to these
OSNSs and share images, videos, and thoughts because
they perceive a great payoff in terms of friendship, jobs,
and other opportunities. The popularity of OSNSs
attracts not only faithful users but third parties with
adverse interest. If we consider the huge amount of
private information uploaded to those OSNSs and the
persistence of it in the social networks, the privacy of
OSNS users can be threatened. Recent cases show that
on-line thieves, stalkers, and bullies take advantage of
the information available on SNSs and use it for
purposes that were not the initially intended ones.
There are several definitions of privacy in the
related literature. In the context of this survey, we use
the definition of Alan Westin, who defined privacy as
‖the claim of individuals, groups, or institutions to
determine for themselves when, how, and to what
extent information about them is communicated―. This
definition implies that OSNSs have to offer their users
mechanisms that allow them to decide how their
information is disclosed. Current OSNSs have taken
steps towards this objective, but there still exist several
15
their information and how it is shared among the OSNS.Users demand better privacy mechanisms, with richer
and finer-grained privacy policies that take into account
the way OSNS users share information and interact with
others. Moreover, privacy controls for these new access
controls have to be easy to use, offering automatic
suggestions and learning from the behavior of the users.
This article reviews studies that enhance
privacy in social networks, as well as studies that
explore human relationships over social networks and
their behavior. Understanding how humans share and
manage their friendships on OSNSs is crucial so that
researchers can adapt their models and methods to cope
with the users’ needs and expectations. Studies are
classified according to the type of privacy risk they
address.
1.1 Privacy and Social Networks
As pointed out more than a century ago by
Warren and Brandeis [68], disclosure of private
information and the misuse of it can damage people’s
feelings and cause considerable damage in people’s
lives. In OSNS where intimate information of the users
is managed, privacy is of paramount importance. A
research of Gross and Acquisti in the early days of
Facebook showed that the majority of users were
unconcerned about privacy risks. They tended to use
default privacy configurations and personal data were
generously provided. More recent studies, like the one
from Boyd and Hargittai , show that the privacy
awareness of OSNS users has increased lately. The
widespread media attention on OSNS and on situations
where the leakage of personal information of OSNS
users affected their lives has positively influenced the
way OSNS users manage their privacy. Nevertheless,
the high number of privacy risks that affect OSNS
user’s leaves room for improvement in this field of
study.
The most important OSNS users’ privacy
concerns are: identity theft, unauthorized access, misuse
of personal information and stalking, and profiling. This
threat refers to the possibility of a malicious
dissemination of previously collected information. For
instance, users may face blackmailing situations when
embarrassing data is collected from a OSNS by a third
party. In the context of SNSs, misuse of personal
information usually occurs when users disclose
inappropriate information due to negligence during the
configuration of their privacy settings or ignorance
about how privacy is managed on the OSNS.
The rest of privacy threats affect different
levels of privacy on OSNSs and fall out of the scope of
this study. Identity theft and unauthorized access are
related to access control enforcement. For example,
unauthorized access can occur if the authentication
mechanisms of the OSNS are not good enough or if the
communication between the user and the OSNS is not
properly encrypted. Profiling is a threat when the party
which owns the information on the OSNS is not
trustworthy. A typical case of profiling occurs when the
party that manages the OSNS sells the information
available on the OSNS to third parties that use it for
marketing purposes.
2 RELATED WORKS
There is an extensive body of research on
protecting and examining privacy in social networks.
The most related of these works to our research are
attempt to demonstrate in the current privacy controls of
social networks. Zheleva et al. Examine the risks of
revealing group membership and friendships, while He
et al. model correlated features between friends as a
Bayesian network.
Adapting previous approaches to attribute
inference, Mislove et al. looked at community
structures among friends, finding that tight-knit
16
Our work can be seen as a refinement of theirtechniques, presenting new ways to identify meaningful
friends and filter relationships that are likely to impede
inference. We also examine previously unexplored
avenues such as wall posts for inference, pointing out
that any relationship or tag between two users can
potentially violate privacy.
While we limit our discussion to preventing
crawling and mining by third parties, other researchers
have looked at how to protect information from social
network providers and server break-ins. yByNight,
NOYB, and FaceCloak all use encryption or
steganography to protect a user's personal information
to prevent a social network operator such as Facebook
from reading or mining personal data. Keys are then
distributed to trusted friends out of band from the social
network operator, allowing friends to decrypt profile
information.
Despite the potential added privacy from
encryption, each of these protection mechanisms rely on
the social network to keep track of friends and do not
extend to content posted by friends, leaving users
exposed to the inference techniques we describe.
Other research in extending social network
privacy includes protecting users from third party
applications. Social networks such as MySpace and
Facebook allow users to install applications such as
games or media plug-ins, in turn granting the
application access to all of their personal data.
Applications currently lack access control restrictions,
allowing programs to of load all of a user's data in
addition to that of a user's friends. Felt et al. and Singh
et al. both propose new application architectures to
restrict personal data available to applications. Because
applications are granted access to both the installer's
data and the installer's friend's data, application security
must address the requirements of multi-party privacy to
guarantee users are not put at risk by their friends.
In addition to privacy protections within social
networks, data released by network operators to the
public also poses a significant challenge to user privacy.
De-anonymization efforts have shown that publishing
anonymized or restricted social graph information is
riddled with complications. These same techniques for
de anonymization can also be used for inferring
properties about data leaked by users within social
networks, highlighting the need for better privacy
controls that suit the range of each user’s privacy
expectations.
3 CHALLENGES AND CONTRIBUTIONS
To understand the risks posed by the lack of
joint privacy controls in social networks, we construct a
formalism for privacy conflicts that defines the
situations where a user's privacy can be violated and the
extent of information leaked. To develop this
formalism, we begin by analyzing scenarios in
Facebook where users can unintentionally violate one
another's privacy. We then deconstruct these examples
into a formalism that captures all potential privacy
conflicts. Exploring Privacy Conflicts Social networks
are inherently designed for users to share content and
make connections. When two users disagree on whom
content should be exposed to, we say a privacy conflict
occurs. Multiple privacy conflicts can occur between a
user and his friends, each revealing a potentially unique
sensitive detail. We specifically analyze two scenarios
in Facebook friendship and wall posts to understand the
types of information exposed by conflicts.
Friendship: A central feature of social networks is the
ability of users to disclose relationships with other
members. Each relationship carries potentially sensitive
information that either user may not wish revealed.
While Facebook provides a mechanism to conceal a
user's list of friends, the user can only control one
17
Consider a scenario where a user Alice adoptsa policy that conceals all her friends from the public.
On the other hand, Bob, one of Alice's friends, adopts a
weaker policy that allows any user to view his friends.
In this case, Alice's relationship with Bob can still be
learned through Bob. We say that a privacy conflict
occurs as Alice's privacy is violated by Bob's weaker
privacy requirements.
Wall Posts and Tagging: Wall posts and status updates
provide users with a built-in mechanism to
communicate and share comments with other users.
Each post consists of a sender, receiver, and the content
to be displayed. Facebook currently allows only the
receiver to specify a privacy policy. When Alice leaves
a message on Bob's wall, she relinquishes all privacy
control over her comments. Similarly, if Alice posts to
her own wall, she has sole control over who can view
the message, even if she references other users who
wish to remain anonymous.
By ignoring the privacy concerns of all but one
user, information can be exposed that puts other friends
at risk. Consider an example where Alice makes a
public comment on her own profile stating \Skipping
work with @Bob and hitting the bars at 9am". Bob is
unambiguously identified by the message, but cannot
specify that the message should not be broadcast to the
public per his privacy policy. Alternatively, if Alice
posts on Bob's profile about current relationship trouble,
she cannot specify that the message should only be
visible by her friends, not all of Facebook.
Additional Conflicts: Friendship and wall posts
represent only two of numerous situations where
Facebook and other social networks lack multi-party
privacy. Group membership, fan pages, event
attendance, photo tagging, and video tagging are
additional situations where multiple parties can be
referenced by data, but cannot control its exposure.
Each exposure leaks sensitive information about a user
even if the strictest privacy controls available are
adopted.
4. METHODOLOGY OVERVIEW
We evaluate our approach for privacy conflict
resolution by comparing our solution with the naive
solution and the privacy control solution used by
existing OSNs, such as Facebook with respect to two
metrics, privacy risk and sharing loss. Consider the
example demonstrated in Figure 1, where three
controllers desire to regulate access of a shared data
item.
Figure 1: Example of Privacy Conflict Identification
Based on Accessor Space Segmentation.
The naive solution is that only the accessors in
the non-conflicting segment are allowed to access the
data item as shown in Figure 2(a). Thus, the privacy
risk is always equal to 0 for this solution. However, the
sharing loss is the absolute maximum, as all conflicting
segments, which may be allowed by at least one
controller, are always denied. The Facebook solution is
that the owner’s decision has the highest priority. All
accessors within the segments covered by the owner’s
space are allowed to access the data item, but all other
accessors are denied as illustrated in Figure 2(b). This
is, obviously, ideal for the owner, since her/his privacy
risk and sharing loss are both equal to 0. However, the
privacy risk and the sharing loss are large for every
18
Figure 2 Example of Resolving Privacy Conflicts.CONCLUSION AND FEATURE WORKS
In this paper, we have reviewed approaches
that offer partial solutions to the most critical problems
of privacy management on OSNSs. However, current
OSNSs have not adopted them and still lack the suitable
privacy management tools. Approaches like Google+,
where the control of information dissemination has
been given great visibility, are first steps towards
OSNSs that are more respectful of privacy. In the
not-so-distant future we envision an OSNS that offers a
privacy mechanism that satisfies every requisite
mentioned in this paper and provides the features that
users demand. In order to develop this ideal OSNS,
developers and researchers will have to deal with
several challenges. Our conflict resolution mechanism
considers privacy-sharing tradeoff by quantifying
privacy risk and sharing loss. Also, we have described a
proof-of-concept implementation of our solution called
Retinue, along with the extensive evaluation of our
approach. As part of future work, we will formulate a
comprehensive access control model to capture the
essence of collaborative authorization requirements for
data sharing in OSNs.
REFERENCES
[1] Internet.org. (2014). A focus on efficiency
[Online]. Available:
http://internet.org/efficiencypaper
[2] K. Thomas, C. Grier, and D. M. Nicol,
―Unfriendly: Multi-party privacy risks in social networks,‖ in Proc. 10th Int. Symp.
Privacy Enhancing Technol., 2010, pp. 236–
252.
[3] A. Lampinen, V. Lehtinen, A. Lehmuskallio,
and S. Tamminen, ―We’re in it together:
Interpersonal management of disclosure in
social network services,‖ in Proc. SIGCHI
Conf. Human Factors Comput. Syst., 2011, pp.
3217–3226.
[4] P. Wisniewski, H. Lipford, and D. Wilson,
―Fighting for my space: Coping mechanisms for SNS boundary regulation,‖ in Proc.
SIGCHI Conf. Human Factors Comput. Syst.,
2012, pp. 609–618.
[5] A. Besmer and H. Richter Lipford, ―Moving
beyond untagging: Photo privacy in a tagged
world,‖ in Proc. SIGCHI Conf. Human Factors
Comput. Syst., 2010, pp. 1563–1572.
[6] Facebook NewsRoom. (2013). One billion—
key metrics [Online]. Available:
http://newsroom.fb.com/download-media/4227
[7] J. M. Such, A. Espinosa, and A.
Garc_ıa-Fornes, ―A survey of privacy in multi-agent systems,‖ Knowl. Eng. Rev., vol. 29, no. 03,
pp. 314–344, 2014.
[8] R. L. Fogues, J. M. Such, A. Espinosa, and A.
Garcia-Fornes, ―Open challenges in
relationship-based privacy mechanisms for
social network services,‖ Int. J.
Human-Comput. Interaction, vol. 31, no. 5, pp. 350–
370, 2015.
[9] R. Wishart, D. Corapi, S. Marinovic, and M.
Sloman, ―Collaborative privacy policy
authoring in a social networking context,‖ in
Proc.IEEE Int. Symp. Policies Distrib. Syst.
19
[10] A. Squicciarini, M. Shehab, and F. Paci,
―Collective privacy management in social networks,‖ in Proc. 18th Int. Conf. World
Wide Web, 2009, pp. 521–530.
[11] B. Carminati and E. Ferrari, ―Collaborative
access control in online social networks,‖ in
Proc. 7th Int. Conf. Collaborative Comput.:
Netw. Appl. Worksharing, 2011, pp. 231–240.
[12] H. Hu, G.-J. Ahn, and J. Jorgensen, ―Detecting
and resolving privacy conflicts for
collaborative data sharing in online social
networks,‖ in Proc. 27th Annu. Comput.
Security Appl. Conf., 2011,pp. 103–112.
[Online]. Available:
http://doi.acm.org/10.1145/2076732.2076747
[13] H. Hu, G. Ahn, and J. Jorgensen, ―Multiparty
access control for online social networks:
Model and mechanisms,‖ IEEE Trans. Knowl.
Data Eng., vol. 25, no. 7, pp. 1614–1627, Jul.