Skip to main content
SpringerLink
Log in
Book cover

International Conference on e-Democracy

e-Democracy 2017: E-Democracy – Privacy-Preserving, Secure, Intelligent E-Government Services pp 64–78Cite as

Default OSN Privacy Settings: Privacy Risks

  • Conference paper
  • First Online:

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 792))

Abstract

Empirical privacy evaluation in OSNs may provide a better under standing of the effectiveness and the efficiency of the default privacy controls and those customized by the users. Proper user perception of the privacy risk could restrict possible privacy violation issues by enabling user participation in actively managing privacy. In this paper we assess the current state of play of OSN privacy risks. To this end, a new data classification model is first proposed. Based on this, a method for assessing the privacy risks associated with data assets is proposed, which is applied to the case where the default privacy controls are assumed. Recommendations on how the resulting risks can be mitigated are given, which reduce the risk.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    Article 9 (1), (2): http://ec.europa.eu/justice/data-protection/reform/files/regulation_oj_en.pdf.

References

  1. Koops, B.: The trouble with European data protection law. Int. Data Priv. Law 4(4), 250–261 (2014)

    Article  Google Scholar 

  2. Featherman, M., Pavlou, P.: Predicting e-services adoption: a perceived risk facets perspective. Int. J. Hum. Comput. Stud. 59(4), 451–474 (2003)

    Article  Google Scholar 

  3. ISO 31000:2009 Risk management - Principles and guidelines, ISO (2009)

    Google Scholar 

  4. Betterley, R.S.: Cyber/Privacy Insurance Market Survey –2014: “Maybe Next Year” Turns Into “I Need It Now”. International Risk Management Institute, Inc. (IRMI) (2014)

    Google Scholar 

  5. Most popular activities of Facebook users worldwide as of 1st quarter 2016. The Statista Portal (2016). http://www.statista.com/statistics/420714/top-facebook-activities-worldwide/. Accessed 7 July 2017

  6. Schneier, B.: A taxonomy of social networking data. IEEE Secur. Priv. 8(4), 88 (2010)

    Article  Google Scholar 

  7. Beye, M., Jeckmans, A., Erkin, Z., Hartel, P., Lagendijk, R., Tang, Q.: Privacy in online social networks. In: Abraham, A. (ed.) Computational Social Networks: Security and Privacy. Springer, London (2012). https://doi.org/10.1007/978-3-642-27901-0_1

    Google Scholar 

  8. Ho, A., Maiga, A., Aimeur, E.: Privacy protection issues in social networking sites. In: ACS/IEEE International Conference on Computer Systems and Applications (AICCSA), Los Alamitos (2009)

    Google Scholar 

  9. Richthammer, C., Netter, M., Riesner, M., Sänger, J., Pernul, G.: Taxonomy of social network data types. EURASIP J. Inf. Secur. 11, 1–17 (2014)

    Google Scholar 

  10. Årnes, A., Skorstad, J., Michelsen, L.: Social Network Services and Privacy. Datatilsynet, Oslo (2011)

    Google Scholar 

  11. Racz, N., Weippl, E., Seufert, A.: A frame of reference for research of integrated governance, risk and compliance (GRC). In: De Decker, B., Schaumüller-Bichl, I. (eds.) CMS 2010. LNCS, vol. 6109, pp. 106–117. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13241-4_11

    Chapter  Google Scholar 

  12. Liu, K., Terzi, E.: A framework for computing the privacy scores of users in online social networks. ACM Trans. Knowl. Discov. Data 5(1), 1–30 (2010)

    Article  Google Scholar 

  13. Cutillo, L., Molva, R., Onen, M.: Analysis of privacy in online social networks from the graph theory perspective. In: 2011 IEEE Global Telecommunications Conference (GLOBECOM 2011), Kathmandu, Nepal (2011)

    Google Scholar 

  14. Symeonids, I., Beato, F., Tsormpatzoudi, P., Preneel, B.: Collateral damage of Facebook apps: an enhanced privacy scoring model. In: IACR Cryptology ePrint Archive, IACR (2015)

    Google Scholar 

  15. Becker, J., Chen, H.: Measuring privacy risk in online social networks (2009). http://web.cs.ucdavis.edu/~hchen/paper/w2sp2009.pdf. Accessed 11 July 2017

  16. Ananthula, S., Abuzaghleh, O., Alla, N., Prabha, S.: Measuring privacy in online social networks. Int. J. Secur. Priv. Trust Manage. (IJSPTM) 4(2), 1–9 (2015)

    Article  Google Scholar 

  17. Wang, Y., Nepali, R.: Privacy impact assessment for online social networks. In: International Conference on Collaboration Technologies and Systems (CTS), Atlanta, Georgia, USA (2015)

    Google Scholar 

  18. Ghazinour, K., Majedi, M., Barker, K.: A model for privacy policy visualization. In: 33rd Annual IEEE International Computer Software and Applications Conference (COMPSAC 2009), Seattle, WA, USA (2009)

    Google Scholar 

  19. Birge, C.: Enhancing research into usable privacy and security. In: 27th ACM International Conference on Design of Communication, Bloomington, Indiana, USA (2009)

    Google Scholar 

  20. Becker, J., Heddier, M., Öksuz, A.: The Effect of providing visualizations in privacy policies on trust in data privacy and security. In: 47th Hawaii International Conference on System Sciences (HICSS), Waikoloa, HI, USA (2014)

    Google Scholar 

  21. Kang, J., Kim, H., Cheong, Y.G., Huh, J.H.: Visualizing privacy risks of mobile applications through a privacy meter. In: Lopez, J., Wu, Y. (eds.) ISPEC 2015. LNCS, vol. 9065, pp. 548–558. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-17533-1_37

    Chapter  Google Scholar 

  22. Michota, A.K., Katsikas, S.K.: Tagged data breaches in online social networks. In: Katsikas, S.K., Sideridis, A.B. (eds.) e-Democracy 2015. CCIS, vol. 570, pp. 95–106. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-27164-4_7

    Chapter  Google Scholar 

  23. Wüest, S.: The Risks of Social Networking. Symantec (2006)

    Google Scholar 

  24. Facebook Data Policy (2017). https://www.facebook.com/policy.php. Accessed 11 July 2017

  25. Open Web Application Security Project (OWASP) (2017). https://www.owasp.org/index.php/Main_Page. Accessed 11 July 2017

  26. Brooks, S., Garcia, M., Lefkovitz, N., Lightman, S., Nadeau, E.: An introduction to privacy engineering and risk management in federal systems. National Institute of Standards and Technology, Gaithersburg, MD, USA (2017)

    Google Scholar 

  27. Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, Brussels: European Commission (1995)

    Google Scholar 

  28. Michota, A., Katsikas, S.: The evolution of privacy-by-default in social networks. In: 18th Panhellenic Conference in Informatics (PCI 2014), Athens, Greece (2014)

    Google Scholar 

  29. Facebook. What’s the Privacy Checkup and how can I find it? (2015). Retrieved May 2015. https://www.facebook.com/help/443357099140264

  30. NIST SP 800-63-1. Electronic authentication guidelines. From National Institute of Standards and Technology (2011)

    Google Scholar 

Download references

Acknowledgement

The authors acknowledge, with special thanks, the support of the Research Center of the University of Piraeus to presenting this work.

Author information

Authors and Affiliations

  1. Systems Security Laboratory, Department of Digital Systems, School of Information and Communication Technologies, University of Piraeus, 150 Androutsou St., 18532, Piraeus, Greece

    Alexandra Michota & Sokratis Katsikas

  2. Center for Cyber and Information Security, Norwegian University of Science and Technology, P.O. Box 191, 2802, Gjøvik, Norway

    Sokratis Katsikas

Authors
  1. Alexandra Michota
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sokratis Katsikas
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sokratis Katsikas .

Editor information

Editors and Affiliations

  1. Norwegian University of Science and Technology, Gjøvik, Norway

    Sokratis K. Katsikas

  2. Data Protection Authority, Athens, Greece

    Vasilios Zorkadis

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Michota, A., Katsikas, S. (2017). Default OSN Privacy Settings: Privacy Risks. In: Katsikas, S., Zorkadis, V. (eds) E-Democracy – Privacy-Preserving, Secure, Intelligent E-Government Services. e-Democracy 2017. Communications in Computer and Information Science, vol 792. Springer, Cham. https://doi.org/10.1007/978-3-319-71117-1_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-71117-1_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-71116-4

  • Online ISBN: 978-3-319-71117-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation