Facebook: Where privacy concerns and social needs collide

Facebook is an integral part of today’s social landscape, but Facebook use involves compromising one’s privacy in relation to both other users and to the Facebook corporation and its affiliated businesses. This analysis explores respondents’ reasons for using Facebook together with their Facebook-related privacy concerns, and how these factors influence self-disclosures and privacy management strategies on the site. Also explored are respondents’ perceptions both of what the Facebook corporation ‘knows’ about them and with whom it shares their data. The research is based on the concepts of user-user and user-corporate privacy concerns versus the social needs of self-portrayal and belonging. Self-portrayal (inspired by Friedlander, 2011) is explored in the contexts of both strategic self-presentation and expression of the true self, and belonging is explored in the contexts of both intimacy and affiliation. These concepts have been drawn from a combination of psychological theories together with existing research on privacy concerns and social needs on social networking sites. Respondents completed an online questionnaire over a six week period from late August to early October 2014, and a focus group was held in November 2014. The questionnaire was largely quantitative but allowed for qualitative input via text boxes. There were 404 completed and valid responses, and of the demographic factors tested, gender was most strongly associated with Facebook-related privacy concerns and age was most strongly associated with reasons for using Facebook. Respondents indicated a clash between fulfilling their social needs on Facebook and their privacy concerns on the site. However, these concerns did not, for the most part, stop them using Facebook, although in certain instances respondents employed tactics to minimise their privacy concerns. This thesis argues that, when using Facebook, respondents resolved the privacy paradox to the best of their ability. It is anticipated that the findings of this thesis will contribute to the ongoing dialogue surrounding the benefits and drawbacks of social media use

DEFACING THE ‘BOOK: EXAMINING INFORMATION REVELATION, INTERNET PRIVACY CONCERNS AND PRIVACY PROTECTION IN FACEBOOK

The focus of much research on social network sites (SNSs) has been on the amount and types of information revealed, the relatively open nature of the information, and the apparent lack of controls employed by users. The aim of the present study was to expand the research in this area by identifying the factors that influence information revelation and privacy protection on Facebook, as well as to examine the strategies developed by students to protect themselves against privacy threats. A mixed-methods data collection approach was employed that included a questionnaire, semi-structured interviews and profile analyses. Findings show that students manage their Internet privacy concerns by withholding personal information and address their concerns about unwanted audiences by altering the visibility of their information from within the site. The findings provide insight into students’ motivations for information revelation on Facebook and the ways in which they negotiate privacy on the site

Assessing interpersonal privacy through the usage of Facebook features by university students.

Masters Degree. University of KwaZulu-Natal, Durban.With online social networks swiftly growing in popularity millions of users are sharing their personal information daily without being aware of where such disseminated information eventually resides. Combined with such growth is the diversity of both users and content shared, that results in an extensive amount of personal data availed in social networks. This poses a challenge to individuals in terms of knowing what content is available: when and where, as well as the subsequent flow of that information. One such social network which has impacted modern day communication and altered the nature of digital information sharing is Facebook: Used by over one billion people world-wide, Facebook users interact with friends, family and other social contacts in a public medium. This has changed the nature of privacy and consequences of information disclosures. Despite media reports highlighting the unintended consequences of information disclosures via social network sites such as Facebook, students are often thought to be unconcerned regarding the subsequent costs of these disclosures. The current study sought to explore university student’s informational disclosures influence on their interpersonal privacy through the usage of the Friendship Pages and Timeline Facebook features. Participants of this study were 333 university students who were current users of Facebook. A significant 41.7% of the respondents revealed they used both the Friendship Page and Timeline feature of Facebook. Findings further revealed that students used Facebook for several functions. These functions include; to search for friends by disclosing their personal information such as pictures, searching for events or groups, uploading and sharing their own images, which can be accessed by friends of friends, therefore causing potential privacy concerns. Results also revealed that students had a polarized attitude towards sharing their details. Furthermore, analysis revealed that students had comprehensive profiles and they shared information that represented the reality about themselves, therefore, making it easier for strangers to understand who they are. Investigations also indicated that privacy is not a primary concern for university students based on the kind of activities and interactions gained in its usage. Results from the research indicate that a significant number of students use Facebook Friendship page to find new friends with potentially risky disclosure of personal information through the use of profile pictures that are visible to everyone. Results for the Timeline feature revealed students who adjusted their timeline settings were selective of whom has access to their uploaded content based on the different type of Facebook friends they have. In addition, the study revealed that there was a strong and positive relationship between the Friendship Page and the Timeline to the extent that individuals that are accepted as friends also gain access to the content shared on each other's timeline. There was also minimal trust found between friends on the usage of Facebook content since a significant number of respondents revealed that they could not trust their friends not to share their content with other people. Despite the negative relationship, students continued to share their private information, therefore, revealing a relaxed attitude. Additionally, many respondents felt uneasy with increased viewership and sharing of their content by people not within their friendship network which illustrates a polarized attitude

Supporting lay users in privacy decisions when sharing sensitive data

The first part of the thesis focuses on assisting users in choosing their privacy settings, by using machine learning to derive the optimal set of privacy settings for the user. In contrast to other work, our approach uses context factors as well as individual factors to provide a personalized set of privacy settings. The second part consists of a set of intelligent user interfaces to assist the users throughout the complete privacy journey, from defining friend groups that allow targeted information sharing; through user interfaces for selecting information recipients, to find possible errors or unusual settings, and to refine them; up to mechanisms to gather in-situ feedback on privacy incidents, and investigating how to use these to improve a user’s privacy in the future. Our studies have shown that including tailoring the privacy settings significantly increases the correctness of the predicted privacy settings; whereas the user interfaces have been shown to significantly decrease the amount of unwanted disclosures.Insbesondere nach den jüngsten Datenschutzskandalen in sozialen Netzwerken wird der Datenschutz für Benutzer immer wichtiger. Obwohl die meisten Benutzer behaupten Wert auf Datenschutz zu legen, verhalten sie sich online allerdings völlig anders: Sie lassen die meisten Datenschutzeinstellungen der online genutzten Dienste, wie z. B. von sozialen Netzwerken oder Diensten zur Standortfreigabe, unberührt und passen sie nicht an ihre Datenschutzanforderungen an. In dieser Arbeit werde ich einen Ansatz zur Lösung dieses Problems vorstellen, der auf zwei verschiedenen Säulen basiert. Der erste Teil konzentriert sich darauf, Benutzer bei der Auswahl ihrer Datenschutzeinstellungen zu unterstützen, indem maschinelles Lernen verwendet wird, um die optimalen Datenschutzeinstellungen für den Benutzer abzuleiten. Im Gegensatz zu anderen Arbeiten verwendet unser Ansatz Kontextfaktoren sowie individuelle Faktoren, um personalisierte Datenschutzeinstellungen zu generieren. Der zweite Teil besteht aus einer Reihe intelligenter Benutzeroberflächen, die die Benutzer in verschiedene Datenschutzszenarien unterstützen. Dies beginnt bei einer Oberfläche zur Definition von Freundesgruppen, die im Anschluss genutzt werden können um einen gezielten Informationsaustausch zu ermöglichen, bspw. in sozialen Netzwerken; über Benutzeroberflächen um die Empfänger von privaten Daten auszuwählen oder mögliche Fehler oder ungewöhnliche Datenschutzeinstellungen zu finden und zu verfeinern; bis hin zu Mechanismen, um In-Situ- Feedback zu Datenschutzverletzungen zum Zeitpunkt ihrer Entstehung zu sammeln und zu untersuchen, wie diese verwendet werden können, um die Privatsphäreeinstellungen eines Benutzers anzupassen. Unsere Studien haben gezeigt, dass die Verwendung von individuellen Faktoren die Korrektheit der vorhergesagten Datenschutzeinstellungen erheblich erhöht. Es hat sich gezeigt, dass die Benutzeroberflächen die Anzahl der Fehler, insbesondere versehentliches Teilen von Daten, erheblich verringern

Responsible AI and Analytics for an Ethical and Inclusive Digitized Society

publishedVersio

Public and Private in the Blogosphere

The public/private distinction is one of the most influential concepts of the modern era, both in terms of social theory and everyday life. For many, public and private have been treated as completely separate. The assumption that public and private are a dichotomous pair has influenced numerous aspects of social life, ranging from the gendered division of labor to the development of the suburb. However, the division between the public and private realms has proven to be permeable; the public and private realms have bled over into one another, and can no longer be treated as dichotomous. Information and communication technologies have been pivotal in these shifting conceptions of publicity and privacy. Based on a study of personal bloggers — individuals who write about their everyday lives on the Internet — this study finds that public and private are best understood in terms of the relationship among information, audience, and control over access to information. Bloggers conceptualize publicity and privacy relative to the information they make available online, and actively work to balance the benefits of writing online with the risks of granting readers access to that content. They manage this tension through a variety of techniques ranging from use of software controls (commonly used on some blogging platforms) to maintaining multiple blog documents. Through this process, bloggers continuously create and destroy both content and audiences. The end result is a vision of public and private that consists of “public” as synonymous with “widely accessible” and “private” as synonymous with “limited access”

Privacy-Aware and Reliable Complex Event Processing in the Internet of Things - Trust-Based and Flexible Execution of Event Processing Operators in Dynamic Distributed Environments

The Internet of Things (IoT) promises to be an enhanced platform for supporting a heterogeneous range of context-aware applications in the fields of traffic monitoring, healthcare, and home automation, to name a few. The essence of the IoT is in the inter-networking of distributed information sources and the analysis of their data to understand the interactions between the physical objects, their users, and their environment. Complex Event Processing (CEP) is a cogent paradigm to infer higher-level information from atomic event streams (e.g., sensor data in the IoT). Using functional computing modules called operators (e.g., filters, aggregates, sequencers), CEP provides for an efficient and low-latency processing environment. Privacy and mobility support for context processing is gaining immense importance in the age of the IoT. However, new mobile communication paradigms - like Device-to-Device (D2D) communication - that are inherent to the IoT, must be enhanced to support a privacy-aware and reliable execution of CEP operators on mobile devices. It is crucial to preserve the differing privacy constraints of mobile users, while allowing for flexible and collaborative processing. Distributed mobile environments are also susceptible to adversary attacks, given the lack of sufficient control over the processing environment. Lastly, ensuring reliable and accurate CEP becomes a serious challenge due to the resource-constrained and dynamic nature of the IoT. In this thesis, we design and implement a privacy-aware and reliable CEP system that supports distributed processing of context data, by flexibly adapting to the dynamic conditions of a D2D environment. To this end, the main contributions, which form the key components of the proposed system, are three-fold: 1) We develop a method to analyze the communication characteristics of the users and derive the type and strength of their relationships. By doing so, we utilize the behavioral aspects of user relationships to automatically derive differing privacy constraints of the individual users. 2) We employ the derived privacy constraints as trust relations between users to execute CEP operators on mobile devices in a privacy-aware manner. In turn, we develop a trust management model called TrustCEP that incorporates a robust trust recommendation scheme to prevent adversary attacks and allow for trust evolution. 3) Finally, to account for reliability, we propose FlexCEP, a fine-grained flexible approach for CEP operator migration, such that the CEP system adapts to the dynamic nature of the environment. By extracting intermediate operator state and by leveraging device mobility and instantaneous characteristics, FlexCEP provides a flexible CEP execution model under varying network conditions. Overall, with the help of thorough evaluations of the above three contributions, we show how the proposed distributed CEP system can satisfy the requirements established above for a privacy-aware and reliable IoT environment

Distilling Mobile Privacy Requirements from Qualitative Data

As mobile computing applications have become commonplace, it is increasingly important for them to address end-users' privacy requirements. Mobile privacy requirements depend on a number of contextual socio-cultural factors to which mobility adds another level of contextual variation. However, traditional requirements elicitation methods do not sufficiently account for contextual factors and therefore cannot be used effectively to represent and analyse the privacy requirements of mobile end users. On the other hand, methods that investigate contextual factors tend to produce data which can be difficult to use for requirements modelling. To address this problem, we have developed a Distillation approach that employs a problem analysis model to extract and refine privacy requirements for mobile applications from raw data gathered through empirical studies involving real users. Our aim was to enable the extraction of mobile privacy requirements that account for relevant contextual factors while contributing to the software design and implementation process. A key feature of the distillation approach is a problem structuring framework called privacy facets (PriF). The facets in the PriF framework support the identification of privacy requirements from different contextual perspectives namely - actors, information, information-flows and places. The PriF framework also aids in uncovering privacy determinants and threats that a system must take into account in order to support the end-user's privacy. In this work, we first show the working of distillation using qualitative data taken from an empirical study which involved social-networking practices of mobile users. As a means of validating distillation, another distinctly separate qualitative dataset from a location-tracking study is used, in both cases, the empirical studies relate to privacy issues faced by real users observed in their mobile environment

Location privacy awareness on geo-social networks enhancing awareness with feedback solutions

Users of GeoSocial Networks (GeoSNs) share their personal location information with other users online. GeoSNs use spatiotemporal histories of users and other semantic information from their tags and comments to build location-based profiles and to offer personalised services and interaction experiences. However, such location-based profiles can potentially be used to extract private information about users, that they may not wish to disclose, and can thus pose a threat to their privacy. Users are generally unaware of the extent of data they are sharing and its potential implicit content. Studies have also shown that users are concerned about their location privacy and that current solutions offered by GeoSNs, namely privacy policies and privacy settings, do not effectively address their concerns. The focus of this thesis is on addressing the problem of location privacy on GeoSNs through enhancing users’ location privacy awareness of potential risks to allow them to make informed consent about their location disclosure. Therefore, this work firstly studies the link between location information disclosure and the risks to personal privacy and evaluates the level of user awareness and their attitude to privacy implications of sharing location information in GeoSNs. Factors contributing to the location privacy problem are identified, including those stemming from the nature of the data collection procedures and the modes of using the application by the users. Systematic user studies were carried out that showed the limitation in users’ awareness of the extent of the data and information they are disclosing. Thus, to enable location privacy awareness, a data-driven approach is undertaken to assessing the threat associated with the exposure of location-related personal information. Based on that, a privacy threat model is proposed that takes into account the types of shared data, its visibility by possible adversaries and the user’s awareness of the disclosed information. In addition, privacy feedback solutions are proposed to address the gaps in user awareness by revealing the level of risk to their privacy associated with exposing different types of location-related personal information. These solutions allow users to view their geo-profiles collected and inferred based on their location-sharing actions on GeoSNs and notify them about who of the other users can see their information. User-based experiments were used to evaluate the effectiveness of the proposed solutions using surveys, interviews, and prototypes along with realistic users’ data. Results demonstrate clearly the significance of the proposed solutions on enhancing user awareness. Employing the methods proposed in this thesis will thus enable users to effectively manage their privacy and make informed decisions about their location disclosure on GeoSNs