Skip to main content
SpringerLink
Log in

Privacy policies for shared content in social network sites

  • Special Issue Paper
  • Published:
The VLDB Journal Aims and scope Submit manuscript

Abstract

Social networking is one of the major technological phenomena of the Web 2.0, with hundreds of millions of subscribed users. Social networks enable a form of self-expression for users and help them to socialize and share content with other users. In spite of the fact that content sharing represents one of the prominent features of existing Social network sites, they do not provide any mechanisms for collective management of privacy settings for shared content. In this paper, using game theory, we model the problem of collective enforcement of privacy policies on shared data. In particular, we propose a solution that offers automated ways to share images based on an extended notion of content ownership. Building upon the Clarke-Tax mechanism, we describe a simple mechanism that promotes truthfulness and that rewards users who promote co-ownership. Our approach enables social network users to compose friendship based policies based on distances from an agreed upon central user selected using several social networks metrics. We integrate our design with inference techniques that free the users from the burden of manually selecting privacy preferences for each picture. To the best of our knowledge, this is the first time such a privacy protection mechanism for social networking has been proposed. We also extend our mechanism so as to support collective enforcement across multiple social network sites. In the paper, we also show a proof-of-concept application, which we implemented in the context of Facebook, one of today’s most popular social networks. Through our implementation, we show the feasibility of such approach and show that it can be implemented with a minimal increase in overhead to end-users. We complete our analysis by conducting a user study to investigate users’ understanding of co-ownership, usefulness and understanding of our approach. Users responded favorably to the approach, indicating a general understanding of co-ownership and the auction, and found the approach to be both useful and fair.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Acquisti A., Grossklags J.: Privacy and rationality in individual decision making. IEEE Secur. Priv. mag. 3(1), 26–33 (2005)

    Article  Google Scholar 

  2. Acquisti, A., Gross, R.: Imagined communities: Awareness, information sharing, and privacy on the facebook. In: Proceeding of Privacy Enhancing Technologies, pp 36–58. Springer (2006)

  3. Bartal, Y., Gonen, R., Nisan, N.: Incentive compatible multi unit combinatorial auctions. In: Proceedings of the 9th Conference on Theoretical Aspects of Rationality and Knowledge, ACM. pp. 72–87 (2003)

  4. Beaver, D.: 10 billion photos. http://www.facebook.com/note.php?note_id=30695603919, October (2008)

  5. Bonneau J., Preibusch, S.: The privacy jungle: On the market for data protection in social networks. In the eighth workshop on the economics of information security (WEIS 2009) (2009)

  6. Borgatti S.P., Everett M.G.: A graph-theoretic perspective on centrality. Soc. Networks 28(4), 466–484 (2006)

    Article  Google Scholar 

  7. Carminati, B., Ferrari, E.: Privacy-aware collective access control in web-based social networks. In DBSec, pp. 81–96 (2008)

  8. Carminati, B., Ferrari, E., and Perego, A.: Rule-based access control for social networks. In OTM Workshops (2), pp. 1734–1744 (2006)

  9. Chen L., Den X., Fang Q., Tian F.: Condorcet winners for public goods. Ann. Oper. Res. 137, 229–242 (2005)

    Article  MATH  MathSciNet  Google Scholar 

  10. Clarke E.H.: Multipart pricing of public goods. Public Choice 11, 17–33 (1971)

    Article  Google Scholar 

  11. Clarke, E.H.: Multipart Pricing of Public Goods: an example. In public price for public products, urban inst (1972)

  12. Cormen T.H., Leiserson C.E., Rivest R.L.: Clifford Stein Introduction to Algorithms (3rd ed). MIT Press, Cambridge (2009)

    Google Scholar 

  13. Cox, I.J., Kilian, J., Leighton, T., Shamoon, T.: Secure spread spectrum watermarking for images, audio and video. In: Proceedings of International Conference on Image Processing, IEEE. pp. 243–246 (1996)

  14. Davis, M., Smith, M., Canny, J., Good, N., King, S., Janakiraman, R.: Towards context-aware face recognition. In: Proceedings of the 13th Annual ACM International Conference on Multimedia, ACM, pp. 483–486 (2005)

  15. Enterprise, C. F., Josang, A., Pope, S.: Auscert conference 2005. In in Asia Pacific information technology security conference, AusCERT2005, Austrailia, pp. 77–89 (2005)

  16. Ephrati, E., Rosenschein, J.-S.: The Clarke-tax as a consensus mechanism among automated agents. In national conference on artificial intelligence, pp. 173–178 (1991)

  17. Ephrati, E., Rosenschein, J.-S.: Voting and multi-agent consensus (1991)

  18. Ephrati E., Rosenschein J.S.: Deriving consensus in multi-agent systems. J. Artif. Intell. 87, 21–74 (1996)

    Article  MathSciNet  Google Scholar 

  19. Facebook. Facebook web site. http://www.facebook.com/

  20. Felt A.: Defacing Facebook: A security case study. Technical report. University of Virginia, Charlottesville (2007)

    Google Scholar 

  21. Felt, A., Evans, D.: Privacy protection for social networking platforms. In: Proceedings of Web 2.0 Security and Privacy 2008 (in conjunction with 2008 IEEE Symposium on Security and Privacy) (2008)

  22. Gates, C.: Access control requirements for Web 2.0 Security and Privacy. In IEEE Web 2.0 privacy and security workshop (2007)

  23. Geambasu, R., Balazinska, M., Gribble, S.-D., Levy, H.-M.: Homeviews: peer-to-peer middleware for personal data sharing applications. In SIGMOD conference, pp. 235–246 (2007)

  24. Gibbard A.: Manipulation of voting schemes: a general result. Econometrica 41(4), 587–601 (1973)

    Article  MATH  MathSciNet  Google Scholar 

  25. Gollu, K. K., Saroiu, S., Wolman, A.: A social networking-based access control scheme for personal Content. In Proceedings of the 21st ACM Symposium on Operating Systems Principles (SOSP ’07)- Work-in-Progress Session (2007)

  26. Google open social api available at: http://code.google.com/apis/opensocial/

  27. Greenberg J., Mackay R., Tideamn N.: Some limitations of the Groves-Ledyard Optimal mechanism. Public Choice 29(2), 129–137 (2005) Springer

    Article  Google Scholar 

  28. Gross, R., and Acquisti, A.: Information revelation and privacy in online social networks. In workshop on privacy in the electronic society (2005)

  29. Grossklags, J., Christin, N., Chuang, J.: Secure or insure? a game-theoretic analysis of information security games. In World Wide Web Conference pages 209–218 (2008)

  30. Herlocker J.: Evaluating collaborative filtering recommender systems. ACM Tran. Inf. Syst. 22(1), 5–53 (2004)

    Article  Google Scholar 

  31. Groves T.: Incentives in teams. Econometrica 41, 617–631 (1973)

    Article  MATH  MathSciNet  Google Scholar 

  32. Hart, M., Johnson, R., and Stent, A.: More content - less control: access control in the Web 2.0. In IEEE Web 2.0 privacy and security workshop (2007)

  33. Hobgen, G.: Security issues and recommendations for online social networks. ENISA. Pos. Paper N. 1 (2007)

  34. Jameson, A.: More than the sum of its members: challenges for group recommender systems. In Working Conference on Advanced Visual interfaces, ACM, (2004)

  35. Jiang, J., Conrath, D.: Semantic similarity based on corpus statistics and lexical taxonomy. In: Proceedings of ROCLING X Sep (1997)

  36. Josang, A., Zomai, M. A., Suriadi, S.: Usability and privacy in identity management architectures. In: ACSW ’07: Proceedings of the Fifth Australasian Symposium on ACSW Frontiers, pp. 143–152, Darlinghurst, Australia, Australia, (2007). Australian Computer Society, Inc

  37. Krishna V.: Auction Theory. 1st edn. Academic Press, Elsevier (2002)

    Google Scholar 

  38. Linden, G., Smith, B., York, J.: Amazon.com recommendations: item-to-item collaborative filtering. IEEE internet computing, pp. 76–80, January/February (2003)

  39. Lenhart, A., Madden, M.: Teens, privacy & online social networks. Pew internet & American life project, 18 April (2007)

  40. Lowensohon, J.: Facebook’s auto-tagging features could be tip of tagging icerberg. CNET News. http://news.cnet.com/8301-17939_109-10004835-2.html. August (2008)

  41. Maliki, T. E., Seigneur, J.-M.: A survey of user-centric identity management technologies. In SECUREWARE ’07: Proceedings of The International Conference on Emerging Security Information, Systems, and Technologies, IEEE Computer Society, Washington, DC, USA, pp. 12–17 (2007)

  42. Mannan, M., van Oorschot, P.-C.: Privacy-enhanced sharing of personal content on the Web. In WWW, ACM, pp. 487–496 (2008)

  43. Mas-Colell A., Whinston M.D.: Micro-Economic Theory Chapter 23. Oxford University Press, Oxford (1998)

    Google Scholar 

  44. Mathes, A.: Folksonomies: cooperative classification and communication through shared metadata. http://www.adammathes.com/academic/computer-mediated-communication/folksonomies.html (2004)

  45. Miller G.A.: Wordnet: a lexical database for english. Commun. ACM 38(11), 39–41 (1995)

    Article  Google Scholar 

  46. Naaman, M., Yeh, R.B., Garcia-Molina, H., Paepcke, A.: Leveraging context to resolve identity in photo albums. In: Proceedings of the 5th ACM/IEEE-CS Joint Conference on Digital libraries, pp. 178–187, ACM Press (2005)

  47. Ellison, C.L.N.B., Steinfield, C.: Benefits of Facebook “Friends”: social capital and college students’ use of online social network. J Comput Mediat Commun-Electron (2007)

  48. McCarthy, J., Anagnost, T.: MusicFX: An arbiter of group preferences for computer supported collective workouts. In: Proceedings of the 1998 Conference on Computer-Supported Cooperative Work, pp. 363–372, (1998)

  49. McCarthy, K., Salam, M., Coyle, L., McGinty, L., Smyth, B., Nixon, P.: group recommender systems: a critiquing-based approach. IUI 2006: international conference on intelligent user interfaces, pp. 267–269. ACM Press (2006)

  50. McCarthy, K., Salam, M., McGinty, L., Smyth, B.: CATS: A synchronous approach to collective group recommendation. In: Proceedings of the Nineteenth International Florida Artificial Intelligence Research Society Conference, Melbourne Beach, FL (2006)

  51. Minr, S., Magnusson, B.: A model for semi-(a)synchronous collaborative editing. In: Proceedings of the Third Conference on European Conference on Computer-Supported Cooperative Work, pp. 13–17 (1993)

  52. Norberg, P.-A., Horne, D.-R., Horne, D.-A.: The privacy paradox: personal information disclosure intentions versus behaviors. J. Cons. Aff (2007)

  53. O’Connor, M., Cosley, D., Konstan, J., Riedl, J.: PolyLens: A recommender system for groups of users. In: Proceedings of the Seventh European Conference on Computer-Supported Cooperative Work, Kluwer, Dordrecht (2001)

  54. Newman M.-E.-J.: Scientific collaboration networks. ii. shortest paths, weighted networks, and centrality. Physical Review E 64(1), 016132+ (2001)

    Article  Google Scholar 

  55. Pirro’, G., Seco, N.: Design, implementation and evaluation of a new semantic similarity metric combining features and intrinsic information content. In: Proceedings of On the Move to Meaningful Internet Systems (2008)

  56. Ray P.: Independence of irrelevant alternatives. Econometrica 41, 987–991 (1973)

    Article  MATH  MathSciNet  Google Scholar 

  57. Resnick, P., Iacovou, N., Suchak, M., Bergstrom, P., and Riedl, GroupLens, J.: an open architecture for collaborative filtering of netnews. In ACM conference on computer supported cooperative work. ACM, Chapel Hill, NC, pp. 175–186 (1998)

  58. Manuel Romero Salcedo: Dominique Decouchant, structured cooperative authoring for the World Wide Web, computer supported cooperative Work 6(2–3):157–174 (1997)

  59. Rosenblum D.: What anyone can know: the privacy risks of social networking sites. IEEE Secur. Pri. 5(3), 40–49 (2007)

    Article  MathSciNet  Google Scholar 

  60. Satterthwaite M.A.: Strategy-proofness and Arrow’s conditions: existence and correspondence theorems for voting procedures and social welfare functions. J. Econ. Theory 10, 187–217 (1975)

    Article  MATH  MathSciNet  Google Scholar 

  61. Spiekermann, S., Grossklags, J., Berendt, B.: E-privacy in 2nd generation E-commerce: privacy preferences versus actual behavior. In EC ’01: Proceedings of the 3rd ACM conference on Electronic Commerce. ACM. pp. 38–47 (2001)

  62. Stone, Z., Zickler, T., Darrell, T.: Autotagging facebook: social network context improves photo annotation, computer vision and pattern recognition workshops, pp. 1–8 (2008)

  63. Sun, C., Ellis, C.: Operational transformation in real-time group editors: Issues, algorithms, and achievements. In conference on CSCW, ACM, pp. 59–68, Seattle (1998)

  64. Varian, H.R. (2002) System Reliability and Free Riding. In Economics of Information Security. Kluwer Academic Publishers, pages 1–15

  65. Vickrey, W.: Counterspeculation, auctions and competitive sealed tenders. J. Financ., p. 8–37 (1961)

  66. Vidot, N., Cart, N.M., Ferrić4, J., Suleiman, M.: Copies convergence in a distributed real-time collective environment. In: Proceedings of the 2000 ACM Conference on Computer Supported Cooperative Work, ACM, pp. 171–180 (2000)

  67. Wang, C., fung Leung, H.: A secure and private Clarke-tax voting protocol without trusted authorities. In: Proceedings of 6th International conference on Electronic Commerce, ACM, pp. 556–565, New York, NY, USA (2004)

  68. Watson, J. (2008) Strategy, an introduction to game theory. Second Edition, Norton Publisher

  69. Wu, X., Zhang, L., Yu, Y.: Exploring social annotations for the semantic Web. In World Wide Web conference, ACM, pp. 417–426 (2006)

  70. Yao M.Z., Rice R., Wallis E.K.: Predicting user concerns about online privacy. Am. Soc. Inf. Sci. Technol. 58(5), 710–722 (2007)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. College of Information Sciences and Technology, Pennsylvania State University, University Park, PA, USA

    Anna C. Squicciarini

  2. Department of Software and Information Systems, University of North Carolina, Charlotte, NC, USA

    Mohamed Shehab

  3. Department of Psychology, Pennsylvania State University, University Park, PA, USA

    Joshua Wede

Authors
  1. Anna C. Squicciarini
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mohamed Shehab
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Joshua Wede
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Anna C. Squicciarini.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Squicciarini, A.C., Shehab, M. & Wede, J. Privacy policies for shared content in social network sites. The VLDB Journal 19, 777–796 (2010). https://doi.org/10.1007/s00778-010-0193-7

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00778-010-0193-7

Keywords

Search

Navigation