Skip to main content
SpringerLink
Log in

A Method for Analysing Traceability between Privacy Policies and Privacy Controls of Online Social Networks

  • Conference paper
Privacy Technologies and Policy (APF 2012)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8319))

Included in the following conference series:

Abstract

Privacy management in online social networks (OSNs) is a major concern. However, the complexity of privacy policies and the plethora of privacy controls make it very difficult to assess whether the controls adequately implement the intended policies. This paper proposes a method to assess the degree of traceability between privacy policies and privacy controls in OSNs. The resulting analysis enables one to pinpoint key privacy management gaps that must be plugged. The method can be utilised by privacy watchdogs, user rights groups as well as OSNs themselves to assess the effectiveness of privacy measures.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 49.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. http://www.pewinternet.org/Commentary/2012/March/Pew-Internet-Social-Networking-full-detail.aspx (last accessed December 4, 2012): Pew internet: Social networking

  2. http://www.businessinsider.com/facebook-now-has-900-million-monthly-users-2012-4 , Facebook now has 901 million monthly users (2012) (last accessed: December 4, 2012)

  3. http://epic.org , Electronic privacy information center (last accessed: December 4, 2012)

  4. http://www.ftc.gov/reports/privacy3/ , Privacy online: A report to congress (1998) (last accessed: December 12, 20102)

  5. http://eur-lex.europa.eu/LexUriServ/LexUriServ Eu data directive 95/46/ec (2011) (last accessed: December 4, 2012):

  6. http://www.bbc.co.uk/news/technology-17205754 Google privacy changes ’breach eu law, (last accessed: December 4, 2012)

  7. http://blog.facebook.com/ Facebook - new privacy controls (2011) (last accessed: December 12, 2012)

  8. Bonneau, J., Preibusch, S.: The privacy jungle: on the market for data protection in social networks. In: Economics of Information Security and Privacy. Springer, US (2010)

    Google Scholar 

  9. Brandtzaeg, P.B., Lüders, M.: Privacy 2.0: Personal and consumer protection in new media reality. Tech. Rep. SINTEF A12979 (November 2009)

    Google Scholar 

  10. Singh, R., Sumeeth, M., Miller, J.: A user-centric evaluation of the readability of privacy policies in popular web sites. Information Systems Frontiers (2010)

    Google Scholar 

  11. Majeski, M., Johnson, M., Bellovin, S.M.: The failure of online social network privacy settings. Technical Report CUCS-010-11 (February 2011)

    Google Scholar 

  12. http://www.techspot.com/news/48654-facebook-sued-for-15-billion-over-alleged-privacy//-violations.html

  13. Anthonysamy, P., Greenwood, P., Rashid, A.: Can privacy policies be traced to privacy controls on social networking sites?: A qualitative study. IEEE Computer (2012) (accepted and to appear)

    Google Scholar 

  14. Young, J.: Commitment analysis to operationalize software requirements from privacy policies. Requirements Engineering (2011)

    Google Scholar 

  15. Young, J., Anton, A.: A method for identifying software requirements based on policy commitments. In: 2010 18th IEEE International Requirements Engineering Conference (RE), September 27-October 1 (2010)

    Google Scholar 

  16. Antón, A.I., Earp, J.B., Carter, R.A.: Precluding incongruous behavior by aligning software requirements with security and privacy policies. Information & Software Technology (2003)

    Google Scholar 

  17. Breaux, T., Antón, A.: Analyzing regulatory rules for privacy and security requirements. IEEE Trans. Softw. Eng. (January 2008)

    Google Scholar 

  18. Squicciarini, A.C., Bhargav-Spantzel, A., Czeskis, A., Bertino, E.: Traceable and automatic compliance of privacy policies in federated digital identity management. In: Danezis, G., Golle, P. (eds.) PET 2006. LNCS, vol. 4258, pp. 78–98. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  19. Cleland-Huang, J., Czauderna, A., Gibiec, M., Emenecker, J.: A machine learning approach for tracing regulatory codes to product specific requirements. In: ICSE (2010)

    Google Scholar 

  20. Antoniol, G., Canfora, G., de Lucia, A., Casazza, G.: Information retrieval models for recovering traceability links between code and documentation. In: Proceedings of the International Conference on Software Maintenance (ICSM 2000). IEEE Computer Society, Washington, DC (2000)

    Google Scholar 

  21. Marks, D., Yardley, L.: Research Methods for Clinical and Health Psychology, 3rd edn. Sage Publications, Inc. (2004)

    Google Scholar 

  22. Antón, A.I., Earp, J.B.: A requirements taxonomy for reducing web site privacy vulnerabilities. Requirements Engineering (2004)

    Google Scholar 

  23. Schneier, B.: A taxonomy of social networking data. IEEE Security Privacy (July-August 2010)

    Google Scholar 

  24. Moisil, G.: Lectures on the logic of fuzzy reasoning. Scientific Editions, Bucareat (1975)

    Google Scholar 

  25. http://en.wikipedia.org/wiki/List_of_social_networking_websites , List of social networks (2011) (last accessed: December 4, 12)

  26. http://www.ico.gov.uk/for_organisations/privacy_and_electronic_communications/the_guide/cookies.aspx , New eu cookie law (e-privacy directive) (last accessed: December 4, 2012)

Download references

Author information

Authors and Affiliations

  1. School of Computing and Communications, InfoLab 21, Lancaster University, Lancaster, LA1 4WA, UK

    Pauline Anthonysamy, Phil Greenwood & Awais Rashid

Authors
  1. Pauline Anthonysamy
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Phil Greenwood
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Awais Rashid
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dept. of Electrical Engineering-ESAT, KU Leuven and iMinds, Kasteelpark Arenberg 10 Bus 2452, 3001, Leuven-Heverlee, Belgium

    Bart Preneel

  2. Information Security & Data Protection Unit, ENISA, 1 Vasilissis Sofias, Marousi, 15124, Athens, Greece

    Demosthenes Ikonomou

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Anthonysamy, P., Greenwood, P., Rashid, A. (2014). A Method for Analysing Traceability between Privacy Policies and Privacy Controls of Online Social Networks. In: Preneel, B., Ikonomou, D. (eds) Privacy Technologies and Policy. APF 2012. Lecture Notes in Computer Science, vol 8319. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-54069-1_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-54069-1_12

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-54068-4

  • Online ISBN: 978-3-642-54069-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation