Abstract
The EU General Data Protection Regulation (GDPR) recognizes data subject’s consent as a legitimate ground of data processing. At present, consent mechanisms in OSNs are either non-existent or not GDPR compliant. While the absence of consent means a lack of control of the OSN user (data subject) on his personal data, non-compliant consent mechanisms can give them a false sense of control, encouraging them to reveal more personal data than they would have otherwise. GDPR compliance is thus the only way to obtain meaningful consents, thereby protecting user privacy. In this paper, we discuss the characteristics of valid consent as per the GDPR, analyze the present status of consent in OSNs and propose some research directions to arrive at GDPR compliant consent models acceptable to users and OSN providers (data controller). We observe that evaluating privacy risks of consents to data processing activities can be an effective way to help users in their decision to give or refuse consents and hence is an important research direction.
This work is supported by ANR project SEQUOIA ANR-14-CE28-0030-01.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Article 29 Data Protection Working Party. Guidelines on Consent under Regulation 2016/679 (2018)
De, S.J., Imine, A.: To reveal or not to reveal - balancing user-centric social benefit and privacy in online social networks. In: Proceedings of the 33rd Annual ACM Symposium on Applied Computing (ACM SAC 2018). ACM (2018)
De, S.J., Métayer, D.L.: Privacy risk analysis to enable informed privacy settings. In: 2018 IEEE European Symposium on Security and Privacy Workshops, Euro S&P Workshops 2018, London, UK, 23–27 April 2018, pp. 95–102 (2018)
European Commission: General Data Protection Regulation (2016)
Fruchter, N., Specter, M., Yuan, B.: Facebook/Cambridge Analytica: Privacy Lessons and a Way Forward (2018). https://internetpolicy.mit.edu/blog-2018-fb-cambridgeanalytica/
Hull, G., Lipford, H.R., Latulipe, C.: Contextual gaps: privacy issues on Facebook. Ethics Inf. Technol. 13(4), 289–302 (2011)
New York Times: Mark Zuckerberg Testimony: Senators Question Facebook’s Commitment to Privacy (2018). https://www.nytimes.com/2018/04/10/us/politics/mark-zuckerberg-testimony.html
Solove, D.J.: Introduction: privacy self-management and the consent dilemma. Harv. Law Rev. 126, 1880 (2012)
Squicciarini, A.C., Xu, H., Zhang, X.: CoPE: enabling collaborative privacy management in online social networks. J. Am. Soc. Inf. Sci. Technol. 62(3), 521–534 (2011)
Sweeney, J.: GDPR and the Major Social Networks: What You Need to Know (2018). https://blog.makemereach.com/gdpr-facebook-twitter-snapchat-linkedin-what-you-need-to-know
Venkatadri, G., et al.: Privacy risks with Facebook’s PII-based targeting: auditing a data Broker’s advertising interface. In: IEEE Symposium on Security and Privacy (SP), pp. 221–239 (2018)
Zheleva, E., Getoor, L.: To join or not to join: the illusion of privacy in social networks with mixed public and private user profiles. In: Proceedings of the 18th International Conference on World Wide Web, pp. 531–540. ACM (2009)
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Joyee De, S., Imine, A. (2019). On Consent in Online Social Networks: Privacy Impacts and Research Directions (Short Paper). In: Zemmari, A., Mosbah, M., Cuppens-Boulahia, N., Cuppens, F. (eds) Risks and Security of Internet and Systems. CRiSIS 2018. Lecture Notes in Computer Science(), vol 11391. Springer, Cham. https://doi.org/10.1007/978-3-030-12143-3_11
Download citation
DOI: https://doi.org/10.1007/978-3-030-12143-3_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-12142-6
Online ISBN: 978-3-030-12143-3
eBook Packages: Computer ScienceComputer Science (R0)