research-article

Privacy wizards for social networking sites

Authors:

Kristen LeFevreAuthors Info & Claims

WWW '10: Proceedings of the 19th international conference on World wide web

Pages 351 - 360

https://doi.org/10.1145/1772690.1772727

Published: 26 April 2010 Publication History

Abstract

Privacy is an enormous problem in online social networking sites. While sites such as Facebook allow users fine-grained control over who can see their profiles, it is difficult for average users to specify this kind of detailed policy.

In this paper, we propose a template for the design of a social networking privacy wizard. The intuition for the design comes from the observation that real users conceive their privacy preferences (which friends should be able to see which information) based on an implicit set of rules. Thus, with a limited amount of user input, it is usually possible to build a machine learning model that concisely describes a particular user's preferences, and then use this model to configure the user's privacy settings automatically.

As an instance of this general framework, we have built a wizard based on an active learning paradigm called uncertainty sampling. The wizard iteratively asks the user to assign privacy "labels" to selected ("informative") friends, and it uses this input to construct a classifier, which can in turn be used to automatically assign privileges to the rest of the user's (unlabeled) friends.

To evaluate our approach, we collected detailed privacy preference data from 45 real Facebook users. Our study revealed two important things. First, real users tend to conceive their privacy preferences in terms of communities, which can easily be extracted from a social network graph using existing techniques. Second, our active learning wizard, using communities as features, is able to recommend high-accuracy privacy settings using less user input than existing policy-specification tools.

References

[1]

Facebook development platform. http://developers.facebook.com/.

[2]

Facebook statistics. http://www.facebook.com/press/info.php?statistics.

[3]

The igraph software package for complex network research. InterJournal Complex Systems, 2006.

[4]

A. Acquisti and R. Gross. Imagined communities: Awareness, information sharing, and privacy on the facebook. In Privacy Enhancing Technologies Workshop, 2006.

Digital Library

[5]

F. Adu-Oppong, C. Gardiner, A. Kapadia, and P. Tsang. Socialcircles: Tacking privacy in social networks. In Symposium on Usable Privacy and Security (SOUPS), 2008.

[6]

J. Anderson, C. Diaz, J. Bonneau, and F. Stajano. Privacy-enabling social networking over untrusted networks. In WOSN, 2009.

Digital Library

[7]

L. Backstrom, C. Dwork, and J. Kleinberg. Wherefore art thou r3579x?: anonymized social networks, hidden patterns, and structural steganography. In WWW, 2007.

Digital Library

[8]

J. Becker and H. Chen. Measuring privacy risk in online social networks. In Web 2.0 Security and Privacy Workshop, 2009.

[9]

L. Bilge, T. Strufe, D. Balzarotti, and E. Kirda. All your contacts are belong to us: Automated identity theft attacks on social networks. In WWW, 2009.

Digital Library

[10]

G. Brown, T. Howe, M. Ihbe, A. Prakash, and K. Borders. Social networks and context-aware spam. In CSCW, 2008.

Digital Library

[11]

B. Carminati, E. Ferrari, and A. Perego. Rule-based access control for social networks. In Workshop on Reliability in Decentralized Distributed Systems, 2006.

Digital Library

[12]

B. Carminati, E. Ferrari, and A. Perego. Private relationships in social networks. In ICDE Workshops, 2007.

Digital Library

[13]

Symposium on Usable Privacy and Security (SOUPS),

[14]

G. Danezis. Inferring privacy policies for social networking services. In AISec, 2009.

Digital Library

[15]

C. Diaz, C. Troncoso, and A. Serjantov. On the impact of social network profiling on anonymity. In Privacy-Enhancing Technologies Workshop, 2008.

Digital Library

[16]

A. Felt and D. Evans. Privacy protection for social networking platforms. In Web 2.0 Security and Privacy Workshop, 2008.

[17]

P. Fong, M. Anwar, and Z. Zhao. A privacy preservation model for facebook-style social network systems. University of Calgary Technical Report 2009-926-05, 2009.

[18]

S. Fortunato. Community detection in graphs. http://arxiv.org/abs/0906.0612v1 (Preprint), 2009.

[19]

C. Gates. Access control requirements for web 2.0 security and privacy. In Web 2.0 Security and Privacy Workshop, 2007.

[20]

E. Gilbert and K. Karahalios. Predicting tie strength with social media. In CHI, 2009.

Digital Library

[21]

K. Gollu, S. Saroiu, and A. Wolman. A social networking-based access control scheme for personal content. In SOSP, 2007.

[22]

R. Gross and A. Acquisti. Information revelation and privacy in online social networks. In Workshop on Privacy in the Electronic Society, 2005.

Digital Library

[23]

M. Hart, R. Johnson, and A. Stent. More content - less control: Access control in the web 2.0. In Web 2.0 Security and Privacy Workshop, 2007.

[24]

M. Hay, G. Miklau, D. Jensen, D. Towsley, and P. Weis. Resisting structural re-identification in anonymized social networks. In VLDB, 2008.

Digital Library

[25]

D. Lewis and J. Catlett. Heterogeneous uncertainty sampling for supervised learning. In ICML, 1994.

[26]

D. Lewis and W. Gale. A sequential algorithm for training text classifiers. In SIGIR, 1994.

Digital Library

[27]

H. Lipford, A. Besmer, and J. Watson. Understanding privacy settings in facebook with an audience view. In Proceedings of the 1st Conference on Usability, Psychology, and Security, 2008.

Digital Library

[28]

K. Liu and E. Terzi. A framework for computing the privacy scores of users in online social networks. In ICDM, 2009.

Digital Library

[29]

M. Lucas and N. Borisov. flybynight: Mitigating the privacy risks of social networking. In Workshop on Privacy in the Electronic Society, 2008.

Digital Library

[30]

E. M. Maximilien, T. Grandison, T. Sun, D. Richardson, S. Guo, and K. Liu. Privacy-as-a-service: Models, algorithms, and results on the facebook platform. In Web 2.0 Security and Privacy Workshop, 2009.

[31]

I. Mierswa, M. Wurst, R. Klinkenberg, M. Scholz, and T. Euler. Yale: Rapid prototyping for complex data mining tasks. In SIGKDD, 2006.

Digital Library

[32]

A. Narayanan and V. Shmatikov. De-anonymizing social networks. In IEEE Symposium on Security and Privacy, 2009.

Digital Library

[33]

M. Newman and M. Girvan. Finding and evaluating community structure in networks. Physical Review, 69(2), 2004.

[34]

R. Ravichandran, M. Benisch, P. Kelley, and N. Sadeh. Capturing social networking privacy preferences. In Symposium on Usable Privacy and Security (SOUPS), 2009.

Digital Library

[35]

R. Reeder, L. Bauer, L. Cranor, M. Reiter, K. Bacon, K. How, and H. Strong. Expandable grides for visualizing and authoring computer security policies. In CHI, 2008.

Digital Library

[36]

D. Rosenblum. What anyone can know: The privacy risks of social networking sites. IEEE Security and Privacy, 2007.

Digital Library

[37]

K. Singh, S. Bhola, and W. Lee. xBook: Redesigning privacy control in social networking platforms. In USENIX Security, 2009.

Digital Library

[38]

A. C. Squicciarini, M. Shehab, and F. Paci. Collective privacy management in social networks. In WWW, 2009.

Digital Library

[39]

K. Strater and H. Lipford. Strategies and struggles with privacy in an online social networking community. In British Computer Society Conference on Human-Computer Interaction, 2008.

Digital Library

[40]

E. Zheleva and L. Getoor. To join or not to join: The illusion of privacy in social networks with mixed public and private user profiles. In WWW, 2009.

Digital Library

Cited By

Xu MDennis LMustafa MDastani MSichman JAlechina NDignum V(2024)Safeguard Privacy for Minimal Data Collection with Trustworthy Autonomous AgentsProceedings of the 23rd International Conference on Autonomous Agents and Multiagent Systems10.5555/3635637.3663060(1966-1974)Online publication date: 6-May-2024
https://dl.acm.org/doi/10.5555/3635637.3663060
Marky KStöver APrange SBleck KGerber PZimmermann VMüller FAlt FMühlhäuser M(2024)Decide Yourself or Delegate - User Preferences Regarding the Autonomy of Personal Privacy Assistants in Private IoT-Equipped EnvironmentsProceedings of the 2024 CHI Conference on Human Factors in Computing Systems10.1145/3613904.3642591(1-20)Online publication date: 11-May-2024
https://dl.acm.org/doi/10.1145/3613904.3642591
Ul Ghani MShe KRauf MAlajmi MGhadi YAlgarni A(2024)Securing synthetic faces: A GAN-blockchain approach to privacy-enhanced facial recognitionJournal of King Saud University - Computer and Information Sciences10.1016/j.jksuci.2024.10203636:4(102036)Online publication date: Apr-2024
https://doi.org/10.1016/j.jksuci.2024.102036
Show More Cited By

Index Terms

Privacy wizards for social networking sites
1. Security and privacy
  1. Database and storage security
2. Theory of computation
  1. Theory and algorithms for application domains
    1. Database theory
      1. Theory of database privacy and security

Recommendations

A privacy recommendation wizard for users of social networking sites
CCS '10: Proceedings of the 17th ACM conference on Computer and communications security

Privacy is a huge problem for users of social networking sites. While sites like Facebook allow individual users to personalize fine-grained privacy settings, this has proven quite difficult for average users. This demonstration illustrates a machine ...
Uses and gratifications of social networking sites for bridging and bonding social capital

Applying uses and gratifications theory (UGT) and social capital theory, our study examined users of four social networking sites (SNSs) (Facebook, Twitter, Instagram, and Snapchat), and their influence on online bridging and bonding social capital. ...
Privacy concerns on social networking sites

This study examines the impact of the types of posting, information types, and privacy concerns toward audience types across two types of social networking sites (SNSs), Facebook and Twitter. The findings indicate that on Facebook, young SNS users are ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

WWW '10: Proceedings of the 19th international conference on World wide web

April 2010

1407 pages

ISBN:9781605587998

DOI:10.1145/1772690

General Chairs:
Michael Rappa
North Carolina State University, USA
,
Paul Jones
University of North Carolina at Chapel Hill, USA
,
Program Chairs:
Juliana Freire
University of Utah, USA
,
Soumen Chakrabarti
Indian Institute of Technology, India

Copyright © 2010 International World Wide Web Conference Committee (IW3C2).

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 26 April 2010

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

WWW '10

WWW '10: The 19th International World Wide Web Conference

April 26 - 30, 2010

North Carolina, Raleigh, USA

Acceptance Rates

Overall Acceptance Rate 1,899 of 8,196 submissions, 23%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

278
Total Citations
View Citations
3,728
Total Downloads

Downloads (Last 12 months)46
Downloads (Last 6 weeks)1

Reflects downloads up to 15 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Xu MDennis LMustafa MDastani MSichman JAlechina NDignum V(2024)Safeguard Privacy for Minimal Data Collection with Trustworthy Autonomous AgentsProceedings of the 23rd International Conference on Autonomous Agents and Multiagent Systems10.5555/3635637.3663060(1966-1974)Online publication date: 6-May-2024
https://dl.acm.org/doi/10.5555/3635637.3663060
Marky KStöver APrange SBleck KGerber PZimmermann VMüller FAlt FMühlhäuser M(2024)Decide Yourself or Delegate - User Preferences Regarding the Autonomy of Personal Privacy Assistants in Private IoT-Equipped EnvironmentsProceedings of the 2024 CHI Conference on Human Factors in Computing Systems10.1145/3613904.3642591(1-20)Online publication date: 11-May-2024
https://dl.acm.org/doi/10.1145/3613904.3642591
Ul Ghani MShe KRauf MAlajmi MGhadi YAlgarni A(2024)Securing synthetic faces: A GAN-blockchain approach to privacy-enhanced facial recognitionJournal of King Saud University - Computer and Information Sciences10.1016/j.jksuci.2024.10203636:4(102036)Online publication date: Apr-2024
https://doi.org/10.1016/j.jksuci.2024.102036
Shah AVarshney SMehrotra M(2024)Threats on online social network platforms: classification, detection, and prevention techniquesMultimedia Tools and Applications10.1007/s11042-024-19724-5Online publication date: 2-Jul-2024
https://doi.org/10.1007/s11042-024-19724-5
Borovits NKumara ITamburri DVan Den Heuvel W(2024)Privacy Engineering in the Data Mesh: Towards a Decentralized Data Privacy Governance FrameworkService-Oriented Computing – ICSOC 2023 Workshops10.1007/978-981-97-0989-2_21(265-276)Online publication date: 16-Mar-2024
https://doi.org/10.1007/978-981-97-0989-2_21
Mondal MPunuru ACheng TVargas KGundry CDriggs NSchill NCarlson NBedwell JLorenc JGhosh ILi YFulda NPage X(2023)A Tale of Two Cultures: Comparing Interpersonal Information Disclosure Norms on TwitterProceedings of the ACM on Human-Computer Interaction10.1145/36100457:CSCW2(1-40)Online publication date: 4-Oct-2023
https://doi.org/10.1145/3610045
Ayci GSensoy MÖzgür AYolum P(2023)Uncertainty-Aware Personal Assistant for Making Personalized Privacy DecisionsACM Transactions on Internet Technology10.1145/356182023:1(1-24)Online publication date: 23-Mar-2023
https://dl.acm.org/doi/10.1145/3561820
Sloane MSolano-Kamaiko IYuan JDasgupta AStoyanovich J(2023)Introducing contextual transparency for automated decision systemsNature Machine Intelligence10.1038/s42256-023-00623-75:3(187-195)Online publication date: 13-Mar-2023
https://doi.org/10.1038/s42256-023-00623-7
Kqiku LReinhardt D(2023)Lengthy early morning instant messages reveal more than you think: Analysing interpersonal relationships using mobile communication metadataPervasive and Mobile Computing10.1016/j.pmcj.2023.10178191(101781)Online publication date: Apr-2023
https://doi.org/10.1016/j.pmcj.2023.101781
Wickramasinghe C(2023)Best-Practice-Based Framework for User-Centric Privacy-Preserving Solutions in Smart Home EnvironmentsMobile and Ubiquitous Systems: Computing, Networking and Services10.1007/978-3-031-34776-4_6(101-120)Online publication date: 27-Jun-2023
https://doi.org/10.1007/978-3-031-34776-4_6
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

ePub

View this article in ePub.

Media

Figures

Other

Tables

View Table of Contents