An Approach to Personalized Privacy Policy Recommendations on Online Social Networks

Ammar Abuelgasim, Anne Kayem

Abstract

Most Online Social Networks (OSNs) implement privacy policies that enable users to protect their sensitive information against privacy violations. However, observations indicate that users find these privacy policies cumbersome and difficult to configure. Consequently, various approaches have been proposed to assist users with privacy policy configuration. These approaches are however, limited to either protecting only profile attributes, or only protecting user-generated content. This is problematic, because both profile attributes and user-generated content can contain sensitive information. Therefore, protecting one without the other, can still result in privacy violations. A further drawback of existing approaches is that most require considerable user input which is time consuming and inefficient in terms of privacy policy configuration. In order to address these problems, we propose an automated privacy policy recommender system. The system relies on the expertise of existing OSN users, in addition to the target user's privacy policy history to provide him/her with personalized privacy policy suggestions for profile attributes, as well as user-generated content. Results from our prototype implementation indicate that the proposed recommender system provides accurate privacy policy suggestions, with minimum user input.

References

  1. Acquisti, A., Carrara, E., Stutzman, F., Callas, J., Schimmer, K., Nadjm, M., Gorge, M., Ellison, N., King, P., Gross, R., and Golder, S. (2007). Security Issues and Recommendations for Online Social Networks. Technical Report 1, European Network and Information Security Agency.
  2. Alsalibi, B. and Zakaria, N. (2013). CFPRS : Collaborative Filtering Privacy Recommender System for Online Social Networks. Journal of Engineering Research and Applications, 3(5):1850-1858.
  3. Ang, C. and Zaphiris, P. (2009). Simulating social networks of online communities: Simulation as a method for sociability design. In Human-Computer Interaction, volume 5727 of Lecture Notes in Computer Science, pages 443-456. Springer Berlin Heidelberg.
  4. Bakshy, E., Eckles, D., Yan, R., and Rosenn, I. (2012). Social influence in social advertising: Evidence from field experiments. In Proceedings of the 13th ACM Conference on Electronic Commerce, EC 7812, pages 146-161, New York, NY, USA. ACM.
  5. Facebook Inc. (09-2015). https://newsroom.fb.com/company-info/.
  6. Fang, L. and LeFevre, K. (2010). Privacy wizards for social networking sites. In Proceedings of the 19th International Conference on World Wide Web, WWW 7810, pages 351-360, New York, NY, USA. ACM.
  7. Fire, M., Goldschmidt, R., and Elovici, Y. (2014). Online social networks: Threats and solutions. Communications Surveys Tutorials, IEEE, 16(4):2019-2036.
  8. Gao, H., Hu, J., Huang, T., Wang, J., and Chen, Y. (2011). Security issues in online social networks. Internet Computing, IEEE, 15(4):56-63.
  9. Ghazinour, K., Matwin, S., and Sokolova, M. (2013a). Monitoring and recommending privacy settings in social networks. In Proceedings of the Joint EDBT/ICDT 2013 Workshops, EDBT 7813, pages 164- 168, New York, NY, USA. ACM.
  10. Ghazinour, K., Matwin, S., and Sokolova, M. (2013b). YourPrivacyProtector: A Recommender System for Privacy Settings in Social Networks. International Journal of Security, 2(4):11-25.
  11. Gross, R. and Acquisti, A. (2005). Information revelation and privacy in online social networks. In Proceedings of the 2005 ACM Workshop on Privacy in the Electronic Society, WPES 7805, pages 71-80, New York, NY, USA. ACM.
  12. Gross, R., Stutzman, F., and Acquisti, A. (2013). Silent Listeners: The Evolution of Privacy and Disclosure on Facebook. Journal of Privacy and Confidentiality , 4(2):7-41.
  13. Gundecha, P., Barbier, G., and Liu, H. (2011). Exploiting vulnerability to secure user privacy on a social networking site. In Proceedings of the 17th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, KDD 7811, pages 511-519, New York, NY, USA. ACM.
  14. Guo, S. and Chen, K. (2012). Mining privacy settings to find optimal privacy-utility tradeoffs for social network services. In International Confernece on Social Computing (SocialCom), pages 656-665. IEEE.
  15. Klimek, P. and Thurner, S. (2013). Triadic closure dynamics drives scaling laws in social multiplex networks. New Journal of Physics, 15(6):063008.
  16. Liu, Y., Gummadi, K. P., Krishnamurthy, B., and Mislove, A. (2011). Analyzing facebook privacy settings: User expectations vs. reality. In Proceedings of the 2011 ACM SIGCOMM Conference on Internet Measurement Conference, IMC 7811, pages 61-70, New York, NY, USA. ACM.
  17. Macal, C. M. and North, M. J. (2011). Introductory tutorial: Agent-based modeling and simulation. In Proceedings of the 2011 Winter Simulation Conference (WSC), pages 1451-1464. IEEE.
  18. Madejski, M., Johnson, M., and Bellovin, S. (2012). A study of privacy settings errors in an online social network. In Pervasive Computing and Communications Workshops (PERCOM Workshops), 2012 IEEE International Conference on, pages 340-345. IEEE.
  19. Mitchell, T. M. (1997). Decision Tree Learning. In Tucker, C. L. B., editor, Machine Learning, chapter 3, pages 52-80. McGraw-Hill, Inc., New York, NY, USA, 1 edition.
  20. Sánchez, D. and Viejo, A. (2015). Privacy risk assessment of textual publications in social networks. In Proceedings of the International Conference on Agents and Artificial Intelligence , pages 236-241.
  21. Sebastiani, F. (2002). Machine learning in automated text categorization. ACM Comput. Surv., 34(1):1-47.
  22. Shehab, M., Cheek, G., Touati, H., Squicciarini, A. C., and Cheng, P.-C. (2010). Learning based access control in online social networks. In Proceedings of the 19th International Conference on World Wide Web, WWW 7810, pages 1179-1180, New York, NY, USA. ACM.
  23. Sinha, A., Li, Y., and Bauer, L. (2013). What you want is not what you get: Predicting Sharing Policies for Text-based Content on Facebook. In Proceedings of the 2013 ACM workshop on Artificial intelligence and security - AISec 7813, pages 13-24, New York, New York, USA. ACM Press.
  24. Squicciarini, A. C., Sundareswaran, S., Lin, D., and Wede, J. (2011). A3p: Adaptive policy prediction for shared images over popular content sharing sites. In Proceedings of the 22Nd ACM Conference on Hypertext and Hypermedia, HT 7811, pages 261-270, New York, NY, USA. ACM.
  25. Toch, E., Sadeh, N. M., and Hong, J. (2010). Generating default privacy policies for online social networks. In CHI 7810 Extended Abstracts on Human Factors in Computing Systems, CHI EA 7810, pages 4243-4248, New York, NY, USA. ACM.
  26. Twitter (09-2015). Statistics. https://about.twitter.com/company.
  27. Zimmer, M. (2010). ”but the data is already public”: On the ethics of research in facebook. Ethics and Information Technology, 12(4):313-325.
Download


Paper Citation


in Harvard Style

Abuelgasim A. and Kayem A. (2016). An Approach to Personalized Privacy Policy Recommendations on Online Social Networks . In Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-167-0, pages 126-137. DOI: 10.5220/0005689701260137


in Bibtex Style

@conference{icissp16,
author={Ammar Abuelgasim and Anne Kayem},
title={An Approach to Personalized Privacy Policy Recommendations on Online Social Networks},
booktitle={Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2016},
pages={126-137},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005689701260137},
isbn={978-989-758-167-0},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 2nd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - An Approach to Personalized Privacy Policy Recommendations on Online Social Networks
SN - 978-989-758-167-0
AU - Abuelgasim A.
AU - Kayem A.
PY - 2016
SP - 126
EP - 137
DO - 10.5220/0005689701260137