research-article

Privacy wizards for social networking sites

Authors:
Lujun Fang

University of Michigan, Ann Arbor, MI, USA

University of Michigan, Ann Arbor, MI, USA
View Profile

,
Kristen LeFevre

University of Michigan, Ann Arbor, MI, USA

University of Michigan, Ann Arbor, MI, USA
View Profile

WWW '10: Proceedings of the 19th international conference on World wide webApril 2010Pages 351–360https://doi.org/10.1145/1772690.1772727

Published:26 April 2010Publication History

WWW '10: Proceedings of the 19th international conference on World wide web

Pages 351–360

ABSTRACT

Privacy is an enormous problem in online social networking sites. While sites such as Facebook allow users fine-grained control over who can see their profiles, it is difficult for average users to specify this kind of detailed policy.

In this paper, we propose a template for the design of a social networking privacy wizard. The intuition for the design comes from the observation that real users conceive their privacy preferences (which friends should be able to see which information) based on an implicit set of rules. Thus, with a limited amount of user input, it is usually possible to build a machine learning model that concisely describes a particular user's preferences, and then use this model to configure the user's privacy settings automatically.

As an instance of this general framework, we have built a wizard based on an active learning paradigm called uncertainty sampling. The wizard iteratively asks the user to assign privacy "labels" to selected ("informative") friends, and it uses this input to construct a classifier, which can in turn be used to automatically assign privileges to the rest of the user's (unlabeled) friends.

To evaluate our approach, we collected detailed privacy preference data from 45 real Facebook users. Our study revealed two important things. First, real users tend to conceive their privacy preferences in terms of communities, which can easily be extracted from a social network graph using existing techniques. Second, our active learning wizard, using communities as features, is able to recommend high-accuracy privacy settings using less user input than existing policy-specification tools.

References

Facebook development platform. http://developers.facebook.com/.Google Scholar
Facebook statistics. http://www.facebook.com/press/info.php?statistics.Google Scholar
The igraph software package for complex network research. InterJournal Complex Systems, 2006.Google Scholar
A. Acquisti and R. Gross. Imagined communities: Awareness, information sharing, and privacy on the facebook. In Privacy Enhancing Technologies Workshop, 2006. Google ScholarDigital Library
F. Adu-Oppong, C. Gardiner, A. Kapadia, and P. Tsang. Socialcircles: Tacking privacy in social networks. In Symposium on Usable Privacy and Security (SOUPS), 2008.Google Scholar
J. Anderson, C. Diaz, J. Bonneau, and F. Stajano. Privacy-enabling social networking over untrusted networks. In WOSN, 2009. Google ScholarDigital Library
L. Backstrom, C. Dwork, and J. Kleinberg. Wherefore art thou r3579x?: anonymized social networks, hidden patterns, and structural steganography. In WWW, 2007. Google ScholarDigital Library
J. Becker and H. Chen. Measuring privacy risk in online social networks. In Web 2.0 Security and Privacy Workshop, 2009.Google Scholar
L. Bilge, T. Strufe, D. Balzarotti, and E. Kirda. All your contacts are belong to us: Automated identity theft attacks on social networks. In WWW, 2009. Google ScholarDigital Library
G. Brown, T. Howe, M. Ihbe, A. Prakash, and K. Borders. Social networks and context-aware spam. In CSCW, 2008. Google ScholarDigital Library
B. Carminati, E. Ferrari, and A. Perego. Rule-based access control for social networks. In Workshop on Reliability in Decentralized Distributed Systems, 2006.Google ScholarDigital Library
B. Carminati, E. Ferrari, and A. Perego. Private relationships in social networks. In ICDE Workshops, 2007. Google ScholarDigital Library
Symposium on Usable Privacy and Security (SOUPS),Google Scholar
G. Danezis. Inferring privacy policies for social networking services. In AISec, 2009. Google ScholarDigital Library
C. Diaz, C. Troncoso, and A. Serjantov. On the impact of social network profiling on anonymity. In Privacy-Enhancing Technologies Workshop, 2008. Google ScholarDigital Library
A. Felt and D. Evans. Privacy protection for social networking platforms. In Web 2.0 Security and Privacy Workshop, 2008.Google Scholar
P. Fong, M. Anwar, and Z. Zhao. A privacy preservation model for facebook-style social network systems. University of Calgary Technical Report 2009-926-05, 2009.Google Scholar
S. Fortunato. Community detection in graphs. http://arxiv.org/abs/0906.0612v1 (Preprint), 2009.Google Scholar
C. Gates. Access control requirements for web 2.0 security and privacy. In Web 2.0 Security and Privacy Workshop, 2007.Google Scholar
E. Gilbert and K. Karahalios. Predicting tie strength with social media. In CHI, 2009. Google ScholarDigital Library
K. Gollu, S. Saroiu, and A. Wolman. A social networking-based access control scheme for personal content. In SOSP, 2007.Google Scholar
R. Gross and A. Acquisti. Information revelation and privacy in online social networks. In Workshop on Privacy in the Electronic Society, 2005. Google ScholarDigital Library
M. Hart, R. Johnson, and A. Stent. More content - less control: Access control in the web 2.0. In Web 2.0 Security and Privacy Workshop, 2007.Google Scholar
M. Hay, G. Miklau, D. Jensen, D. Towsley, and P. Weis. Resisting structural re-identification in anonymized social networks. In VLDB, 2008. Google ScholarDigital Library
D. Lewis and J. Catlett. Heterogeneous uncertainty sampling for supervised learning. In ICML, 1994.Google ScholarCross Ref
D. Lewis and W. Gale. A sequential algorithm for training text classifiers. In SIGIR, 1994. Google ScholarDigital Library
H. Lipford, A. Besmer, and J. Watson. Understanding privacy settings in facebook with an audience view. In Proceedings of the 1st Conference on Usability, Psychology, and Security, 2008. Google ScholarDigital Library
K. Liu and E. Terzi. A framework for computing the privacy scores of users in online social networks. In ICDM, 2009. Google ScholarDigital Library
M. Lucas and N. Borisov. flybynight: Mitigating the privacy risks of social networking. In Workshop on Privacy in the Electronic Society, 2008. Google ScholarDigital Library
E. M. Maximilien, T. Grandison, T. Sun, D. Richardson, S. Guo, and K. Liu. Privacy-as-a-service: Models, algorithms, and results on the facebook platform. In Web 2.0 Security and Privacy Workshop, 2009.Google Scholar
I. Mierswa, M. Wurst, R. Klinkenberg, M. Scholz, and T. Euler. Yale: Rapid prototyping for complex data mining tasks. In SIGKDD, 2006. Google ScholarDigital Library
A. Narayanan and V. Shmatikov. De-anonymizing social networks. In IEEE Symposium on Security and Privacy, 2009. Google ScholarDigital Library
M. Newman and M. Girvan. Finding and evaluating community structure in networks. Physical Review, 69(2), 2004.Google Scholar
R. Ravichandran, M. Benisch, P. Kelley, and N. Sadeh. Capturing social networking privacy preferences. In Symposium on Usable Privacy and Security (SOUPS), 2009. Google ScholarDigital Library
R. Reeder, L. Bauer, L. Cranor, M. Reiter, K. Bacon, K. How, and H. Strong. Expandable grides for visualizing and authoring computer security policies. In CHI, 2008. Google ScholarDigital Library
D. Rosenblum. What anyone can know: The privacy risks of social networking sites. IEEE Security and Privacy, 2007. Google ScholarDigital Library
K. Singh, S. Bhola, and W. Lee. xBook: Redesigning privacy control in social networking platforms. In USENIX Security, 2009. Google ScholarDigital Library
A. C. Squicciarini, M. Shehab, and F. Paci. Collective privacy management in social networks. In WWW, 2009. Google ScholarDigital Library
K. Strater and H. Lipford. Strategies and struggles with privacy in an online social networking community. In British Computer Society Conference on Human-Computer Interaction, 2008. Google ScholarDigital Library
E. Zheleva and L. Getoor. To join or not to join: The illusion of privacy in social networks with mixed public and private user profiles. In WWW, 2009. Google ScholarDigital Library

Index Terms

Privacy wizards for social networking sites
1. Security and privacy
  1. Database and storage security
2. Theory of computation
  1. Theory and algorithms for application domains
    1. Database theory
      1. Theory of database privacy and security

Recommendations

A privacy recommendation wizard for users of social networking sites
CCS '10: Proceedings of the 17th ACM conference on Computer and communications security

Privacy is a huge problem for users of social networking sites. While sites like Facebook allow individual users to personalize fine-grained privacy settings, this has proven quite difficult for average users. This demonstration illustrates a machine ...
Read More
Uses and gratifications of social networking sites for bridging and bonding social capital

Applying uses and gratifications theory (UGT) and social capital theory, our study examined users of four social networking sites (SNSs) (Facebook, Twitter, Instagram, and Snapchat), and their influence on online bridging and bonding social capital. ...
Read More
Privacy concerns on social networking sites

This study examines the impact of the types of posting, information types, and privacy concerns toward audience types across two types of social networking sites (SNSs), Facebook and Twitter. The findings indicate that on Facebook, young SNS users are ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
WWW '10: Proceedings of the 19th international conference on World wide web
April 2010
1407 pages
ISBN:9781605587998
DOI:10.1145/1772690
General Chairs:
Michael Rappa
North Carolina State University, USA
,
Paul Jones
University of North Carolina at Chapel Hill, USA
,
Program Chairs:
Juliana Freire
University of Utah, USA
,
Soumen Chakrabarti
Indian Institute of Technology, India
Copyright © 2010 International World Wide Web Conference Committee (IW3C2)
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 26 April 2010
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
active learning
social network privacy
usability
Qualifiers
- research-article
Conference

Acceptance Rates
Overall Acceptance Rate1,899of8,196submissions,23%
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 273
  Total Citations
  View Citations
- 3,716
  Total Downloads
- Downloads (Last 12 months)60
- Downloads (Last 6 weeks)5
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

ePub

View this article in ePub.

View ePub

Privacy wizards for social networking sites

WWW '10: Proceedings of the 19th international conference on World wide web

ABSTRACT

References

Cited By

Index Terms

Recommendations

A privacy recommendation wizard for users of social networking sites

Uses and gratifications of social networking sites for bridging and bonding social capital

Privacy concerns on social networking sites