Skip to main content
SpringerLink
Log in
Book cover

International Conference on Information Systems Security and Privacy

ICISSP 2016: Information Systems Security and Privacy pp 44–63Cite as

Easing the Burden of Setting Privacy Preferences: A Machine Learning Approach

  • Conference paper
  • First Online:

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 691))

Abstract

Setting appropriate privacy preferences is both a difficult and cumbersome task for users. In this paper, we propose a solution to address users’ privacy concerns by easing the burden of manually configuring appropriate privacy settings at the time of their registration into a new system or service. To achieve this, we implemented a machine learning approach that provides users personalized privacy-by-default settings. In particular, the proposed approach combines prediction and clustering techniques, for modeling and guessing the privacy profiles associated to users’ privacy preferences. This approach takes into consideration the combinations of service providers, types of personal data and usage purposes. Based on a minimal number of questions that users answer at the registration phase, it predicts their privacy preferences and sets an optimal default privacy setting. We evaluated our approach with a data set resulting from a questionnaire administered to 10,000 participants. Results show that with a limited user input of 5 answers the system is able to predict the personalised privacy settings with an accuracy of 85%.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    Individuals born after 1980, raised in a digital, media-saturated world - Prensky 2001.

References

  1. Hargittai, E., et al.: Facebook privacy settings: who cares? First Monday 15(8) (2010)

    Google Scholar 

  2. Liu, Y., Gummadi, K.P., Krishnamurthy, B., Mislove, A.: Analyzing facebook privacy settings: user expectations vs. reality. In: Proceedings of the 2011 ACM SIGCOMM Conference on Internet Measurement Conference (IMC 2011), pp. 61–70, New York, NY, USA. ACM (2011)

    Google Scholar 

  3. Deuker, A.: Addressing the privacy paradox by expanded privacy awareness – the example of context-aware services. In: Bezzi, M., Duquenoy, P., Fischer-Hübner, S., Hansen, M., Zhang, G. (eds.) Privacy and Identity 2009. IAICT, vol. 320, pp. 275–283. Springer, Heidelberg (2010). doi:10.1007/978-3-642-14282-6_23

    Chapter  Google Scholar 

  4. Basu, A., Vaidya, J., Kikuchi, H.: Efficient privacy-preserving collaborative filtering based on the weighted slope one predictor. J. Internet Serv. Inf. Secur. (JISIS) 1(4), 26–46 (2011)

    Google Scholar 

  5. Scipioni, M.P., Langheinrich, M.: Towards a new privacy-aware location sharing platform. J. Internet Serv. Inf. Secur. (JISIS) 1(4), 47–59 (2011)

    Google Scholar 

  6. Guha, S., Cheng, B., Francis, P.: Challenges in measuring online advertising systems. In: Proceedings of the 10th ACM SIGCOMM Conference on Internet Measurement (IMC 2010), pp. 81–87 (2010)

    Google Scholar 

  7. Korolova, A.: Privacy violations using micro targeted ads: a case study. In: Proceedings of the 2010 IEEE International Conference on Data Mining Workshops (ICDMW 2010), pp. 474–482 (2010)

    Google Scholar 

  8. Acquisti, A., Grossklags, J.: Privacy and rationality in individual decision making. IEEE Secur. Priv. 3(1), 26–33 (2005)

    Article  Google Scholar 

  9. Pollach, I.: What’s wrong with online privacy policies? Commun. ACM 50(9), 103–108 (2007)

    Article  Google Scholar 

  10. Jensen, C., Potts, C., Jensen, C.: Privacy practices of internet users: self-reports versus observed behavior. Int. J. Hum. Comput. Stud. 63(1–2), 203–227 (2005)

    Article  Google Scholar 

  11. Solove, D.J.: Privacy self-management and the consent paradox. Harv. Law Rev. 126, 1879–1903 (2013)

    Google Scholar 

  12. W3C. The platform for privacy preferences 1.0 (P3P1.0) specification. In: Platform for Privacy Preferences (P3P) Project (2002)

    Google Scholar 

  13. Cranor, L.F.: P3p: making privacy policies more useful. IEEE Secur. Priv. 1(6), 50–55 (2003)

    Article  Google Scholar 

  14. Cranor, L.F., Arjula, M., Guduru, P.: Use of a P3P user agent by early adopters. In: Proceedings of the 2002 ACM Workshop on Privacy in the Electronic Society (WPES 2002), pp. 1–10 (2002)

    Google Scholar 

  15. Cranor, L.F., Guduru, P., Arjula, M.: User interfaces for privacy agents. ACM Trans. Comput. Hum. Interact. 13(2), 135–178 (2006)

    Google Scholar 

  16. Pedersen, A.: P3 - problems, progress, potential. Priv. Laws Bus. Int. Newslett. 2, 20–21 (2003)

    Google Scholar 

  17. Backes, M., Karjoth, G, Bagga, W, Schunter, M.: Efficient comparison of enterprise privacy policies. In: Proceedings of the 2004 ACM Symposium on Applied Computing (SAC 2004), pp. 375–382 (2004)

    Google Scholar 

  18. Dehghantanha, A., Udzir, N.I., Mahmod, R.: Towards a pervasive formal privacy language. In: 2010 IEEE 24th International Conference on Advanced Information Networking and Applications Workshops (WAINA), pp. 1085–1091 (2010)

    Google Scholar 

  19. Bekara, K., Mustapha, Y.B., Laurent, M.: XPACML extensible privacy access control markup langua. In: 2010 Second International Conference on Communications and Networking (ComNet), pp. 1–5 (2010)

    Google Scholar 

  20. Tøndel, I.A., Nyre, Å.A.: Towards a similarity metric for comparing machine-readable privacy policies. In: Camenisch, J., Kesdogan, D. (eds.) iNetSec 2011. LNCS, vol. 7039, pp. 89–103. Springer, Heidelberg (2012). doi:10.1007/978-3-642-27585-2_8

    Chapter  Google Scholar 

  21. Yee, G.O.M.: An automatic privacy policy agreement checker for e-services. In: International Conference on Availability, Reliability and Security (ARES 2009), pp. 307–315 (2009)

    Google Scholar 

  22. Kolter, J., Pernul, G.: Generating user-understandable privacy preferences. In: International Conference on Availability, Reliability and Security (ARES 2009), pp. 299–306 (2009)

    Google Scholar 

  23. Biswas, D.: Privacy policies change management for smartphones. In: 2012 IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops), pp. 70–75 (2012)

    Google Scholar 

  24. Wishart, R., Corapi, D., Madhavapeddy, A., Sloman, M.: Privacy butler: a personal privacy rights manager for online presence. In: 2010 8th IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops), pp. 672–677 (2010)

    Google Scholar 

  25. Srivastava, A., Geethakumari, G.: A framework to customize privacy settings of online social network users. In: 2013 IEEE Recent Advances in Intelligent Computational Systems (RAICS), pp. 187–192 (2013)

    Google Scholar 

  26. Srivastava, A., Geethakumari, G.: A privacy settings recommender system for online social networks. In: Recent Advances and Innovations in Engineering (ICRAIE), pp. 1–6 (2014)

    Google Scholar 

  27. Berendt, B., Günther, O., Spiekermann, S.: Privacy in e-commerce: stated preferences vs. actual behavior. Commun. ACM 48(4), 101–106 (2005)

    Article  Google Scholar 

  28. Sadeh, N., Hong, J., Cranor, L., Fette, I., Kelley, P., Prabaker, M., Rao, J.: Understanding and capturing people’s privacy policies in a mobile social networking application. Pers. Ubiquit. Comput. 13(6), 401–412 (2009)

    Article  Google Scholar 

  29. Madejski, M., Johnson, M., Bellovin, S.M.: A study of privacy settings errors in an online social network. In: 2012 IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops), pp. 340–345 (2012)

    Google Scholar 

  30. Buffett, S., Fleming, M.W.: Applying a preference modeling structure to user privacy. In: Proceedings of the 1st International Workshop on Sustaining Privacy in Autonomous Collaborative Environments (2007)

    Google Scholar 

  31. Mugan, J., Sharma, T., Sadeh, N.: Understandable learning of privacy preferences through default personas and suggestions (2011)

    Google Scholar 

  32. Fang, L., LeFevre, K.: Privacy wizards for social networking sites. In: Proceedings of the 19th International Conference on World Wide Web, pp. 351–360. ACM (2010)

    Google Scholar 

  33. Fang, L., Kim, H., LeFevre, K., Tami, A.: A privacy recommendation wizard for users of social networking sites. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 630–632. ACM (2010)

    Google Scholar 

  34. Lin, J., Liu, B., Sadeh, N., Hong, J.I.: Modeling users? Mobile app privacy preferences: restoring usability in a sea of permission settings. In: Symposium on Usable Privacy and Security (SOUPS 2014), pp. 199–212 (2014)

    Google Scholar 

  35. Guo, S., Chen, K.: Mining privacy settings to find optimal privacy-utility tradeoffs for social network services. In: 2012 International Conference on Privacy, Security, Risk and Trust (PASSAT), and 2012 International Confernece on Social Computing (SocialCom), pp. 656–665 (2012)

    Google Scholar 

  36. Tondel, I.A., Nyre, A.A., Bernsmed, K.: Learning privacy preferences. In: 2011 Sixth International Conference on Availability, Reliability and Security (ARES), pp. 621–626 (2011)

    Google Scholar 

  37. Sacco, O., Passant, A.: A privacy preference ontology (ppo) for linked data. In: LDOW. Citeseer (2011)

    Google Scholar 

  38. Gunn, S.R., et al.: Support vector machines for classification and regression. ISIS Technical report 14 (1998)

    Google Scholar 

  39. Meyer, D., Dimitriadou, E., Hornik, K., Weingessel, A., Leisch, F., Chang, C.-C., Lin, C.-C.: Package ‘e1071’ (2015). https://cran.r-project.org/web/packages/e1071/e1071.pdf

  40. MacQueen, J., et al.: Some methods for classification and analysis of multivariate observations. In: Proceedings of the Fifth Berkeley Symposium on Mathematical Statistics and Probability, Oakland, CA, USA, vol. 1, pp. 281–297 (1967)

    Google Scholar 

  41. Ward Jr., J.H.: Hierarchical grouping to optimize an objective function. J. Am. Stat. Assoc. 58(301), 236–244 (1963)

    Article  MathSciNet  Google Scholar 

  42. Ester, M., Kriegel, H.-P., Sander, J., Xiaowei, X.: A density-based algorithm for discovering clusters in large spatial databases with noise. KDD 96, 226–231 (1996)

    Google Scholar 

  43. Qin, M., Buffett, S., Fleming, M.W.: Predicting user preferences via similarity-based clustering. In: Bergler, S. (ed.) AI 2008. LNCS (LNAI), vol. 5032, pp. 222–233. Springer, Heidelberg (2008). doi:10.1007/978-3-540-68825-9_22

    Chapter  Google Scholar 

Download references

Acknowledgments

This paper is an extension of the paper published in the ICISSP2016 conference. Authors would like to thank anonymous reviewers for their insightful comments, which, allow us to improve the overall quality of the paper.

Author information

Authors and Affiliations

  1. KDDI R&D Laboratories Inc., Saitama, Japan

    Toru Nakamura & Shinsaku Kiyomoto

  2. Chair of Mobile Business and Multilateral Security, Goethe University Frankfurt, Theodor-W.-Adorno-Platz 4, 60323, Frankfurt am Main, Germany

    Welderufael B. Tesfay & Jetzabel Serna

Authors
  1. Toru Nakamura
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shinsaku Kiyomoto
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Welderufael B. Tesfay
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jetzabel Serna
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shinsaku Kiyomoto .

Editor information

Editors and Affiliations

  1. MODESTE/ESEO, Angers, France

    Olivier Camp

  2. Plymouth University, Plymouth, United Kingdom

    Steven Furnell

  3. Consiglio Nazionale delle Ricerche, Pisa, Italy

    Paolo Mori

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Nakamura, T., Kiyomoto, S., Tesfay, W.B., Serna, J. (2017). Easing the Burden of Setting Privacy Preferences: A Machine Learning Approach. In: Camp, O., Furnell, S., Mori, P. (eds) Information Systems Security and Privacy. ICISSP 2016. Communications in Computer and Information Science, vol 691. Springer, Cham. https://doi.org/10.1007/978-3-319-54433-5_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-54433-5_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-54432-8

  • Online ISBN: 978-3-319-54433-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation