skip to main content
10.1145/2801948.2801998acmotherconferencesArticle/Chapter ViewAbstractPublication PagespciConference Proceedingsconference-collections
research-article

Designing a seamless privacy policy for social networks

Published: 01 October 2015 Publication History

Abstract

High-quality privacy policies can form the basis for verifiable automated access decisions in Online Social Networks (OSNs). The aim of the privacy policies is to provide direction and support for data privacy in accordance with user requirements and relevant laws and regulations; unfortunately, most of the times, OSN users seem not to fully comprehend the policies, and to face difficulties in applying privacy rules. As a result, unintentional exposure of users' data to unknown audiences is a usual phenomenon, as the users struggle to balance the sharing and the protection of their Personal Identifiable Information (PII). In this paper, we first map the privacy policies of Facebook, Google Plus, Twitter and LinkedIn onto the phases of the PII lifecycle, then we highlight the omissions found and subsequently we propose a new model privacy policy that is based on the PII lifecycle and aims to make the users understand and track all the PII phases during their engagement in OSNs.

References

[1]
R. Gross, A. Acquisti, "Information revelation and privacy in online social networks", in Proceedings of WPES, 2005.
[2]
A. Acquisti and J. Grossklags, "Privacy and rationality in individual decision making", IEEE Security and Privacy, Vol. 3, no. 1, pp. 26--33, 2005.
[3]
C. Scott, "User Vote on Facebook Privacy Policies Hasn't Stemmed Criticism", http://www.pcworld.com/businesscenter/article/257101/user-vote-on-facebook-privacy-policies-hasnt-stemmed-criticism.html, Accessed March 2014.
[4]
C. Dwyer, S. R. Hiltz, and K. Passerini, "Trust and privacy concern within social networking sites: A comparison of facebook and myspace", in Proceedings of the Thirteenth Americas Conference on Information Systems (AMCIS 2007), 2007. Paper 339.
[5]
K. Strater and H. R. Lipford, "Strategies and struggles with privacy in an online social networking community", in Proceedings of the 22nd British HCI Group Annual Conference on People and Computers: Culture, Creativity, Interaction - Volume 1, BCS-HCI '08, pp. 111--119, Swinton, UK, UK, 2008. British Computer Society.
[6]
G. P. Cheek, M. Shehab, "Policy-by-example for online social networks", in Proceedings of SACMATO'12, pp. 23--32, 2012.
[7]
A. Masoumzadeh, J. Joshi, "Privacy settings in social networking systems: What you cannot control", in Proceedings of ASIA CCS'13, pp. 149--154, 2013.
[8]
R. W. Proctor, M. A. Ali, and K.-P. L. Vu, "Examining usability of web privacy policies", Int. J. Hum. Comput. Interaction, pp. 307--328, 2008.
[9]
K.-P. L. Vu, V. Chambers, F. P. Garcia, B. Creekmur, J. Sulaitis, D. Nelson, R. Pierce, and R.W. Proctor, "How users read and comprehend privacy policies", in Proceedings of the 2007 conference on Human interface: Part II, 2007.
[10]
G. R. Milne, M. J. Culnan, and H. Greene, "A longitudinal assessment of online privacy notice readability", Journal of Public Policy & Marketing, Vol. 25, pp. 238--249, 2006.
[11]
C.-M. Karat, J. Karat, C. Brodie, and J. Feng. Evaluating interfaces for privacy policy rule authoring. In Proceedings of the SIGCHI conference on Human Factors in computing systems, CHI '06, 2006.
[12]
A. M. Mcdonald, R. W. Reeder, P. G. Kelley, and L. F. Cranor. A comparative study of online privacy policies and formats. In Proceedings of the 9th International Symposium on Privacy Enhancing Technologies, PETS '09, pages 37--55, Berlin, Heidelberg, 2009. Springer-Verlag.
[13]
R. W. Reeder, P. G. Kelley, A. M. McDonald, and L. F. Cranor. A user study of the expandable grid applied to p3p privacy policy visualization. In Proceedings of the 7th ACM workshop on Privacy in the electronic society, WPES '08, pages 45--54, New York, NY, USA, 2008. ACM
[14]
S. Egelman, A. Felt, and D. Wagner. Choice architecture and smartphone privacy: There's a price for that. In R. Böhme, editor, The Economics of Information Security and Privacy, pages 211--236. Springer Berlin Heidelberg, 2013.
[15]
A. Acquisti. Nudging privacy. IEEE Security & Privacy, 7(6):0082--85, 2009
[16]
R. Balebako, P. G. Leon, H. Almuhimedi, P. G. Kelley, J. Mugan, A. Acquisti, L. F. Cranor, and N. Sadeh. Nudging users towards privacy on mobile devices. In CHI 2011 Workshop Article, 2011.
[17]
F. H. Cate. The limits of notice and choice. IEEE Security & Privacy, 8(2):59--62, 2010
[18]
A. Michota, S. Katsikas, "The Compliance of the Facebook Data Use Policy with the principles of the ISO 29100:2011", in Proceedings of NTMS2014 -- 6th International Conference on New Technologies, Mobility & Security, Dubai, 2014, IEEE.
[19]
A. Michota, S. Katsikas, "The Compliance of the LinkedIn Privacy Policy with the principles of the ISO 29100:2011", in Proceedings of 15th International Conference on Web Information System Engineering (WISE 2014), Thessaloniki, 2014, Springer.
[20]
ISO/IEC 29100, Information technology -- Security techniques-- Privacy framework, Technical report, ISO JTC 1/SC 27.

Cited By

View all

Index Terms

  1. Designing a seamless privacy policy for social networks

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Other conferences
    PCI '15: Proceedings of the 19th Panhellenic Conference on Informatics
    October 2015
    438 pages
    ISBN:9781450335515
    DOI:10.1145/2801948
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 01 October 2015

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. online social networks
    2. privacy data lifecycle
    3. privacy policy

    Qualifiers

    • Research-article

    Conference

    PCI '15

    Acceptance Rates

    PCI '15 Paper Acceptance Rate 64 of 148 submissions, 43%;
    Overall Acceptance Rate 190 of 390 submissions, 49%

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)9
    • Downloads (Last 6 weeks)0
    Reflects downloads up to 17 Jan 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2023)Comprehensive Data Life Cycle Security in Cloud Computing: Current Mastery and Major ChallengesNew Technologies, Artificial Intelligence and Smart Data10.1007/978-3-031-47366-1_15(195-206)Online publication date: 21-Nov-2023
    • (2021)DaLiF: a data lifecycle framework for data-driven governmentsJournal of Big Data10.1186/s40537-021-00481-38:1Online publication date: 14-Jun-2021
    • (2021)BibliographyPrivacy, Regulations, and Cybersecurity10.1002/9781119660156.biblio(359-375)Online publication date: 15-Feb-2021
    • (2018)An Audit Framework for Data Lifecycles in a Big Data context2018 International Conference on Selected Topics in Mobile and Wireless Networking (MoWNeT)10.1109/MoWNet.2018.8428883(1-5)Online publication date: Jun-2018
    • (2018)Data Lifecycle: From Big Data to SmartData2018 IEEE 5th International Congress on Information Science and Technology (CiSt)10.1109/CIST.2018.8596547(80-87)Online publication date: Oct-2018
    • (2017)Data lifecycles analysis: Towards intelligent cycle2017 Intelligent Systems and Computer Vision (ISCV)10.1109/ISACV.2017.8054938(1-8)Online publication date: Apr-2017

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Media

    Figures

    Other

    Tables

    Share

    Share

    Share this Publication link

    Share on social media