Social network data analysis to highlight privacy threats in sharing data

AbstractSocial networks are a vast source of information, and they have been increasing impact on people's daily lives. They permit us to share emotions, passions, and interactions with other people around the world. While enabling people to exhibit their lives, social networks guarantee their privacy. The definitions of privacy requirements and default policies for safeguarding people's data are the most difficult challenges that social networks have to deal with. In this work, we have collected data concerning people who have different social network profiles, aiming to analyse privacy requirements offered by social networks. In particular, we have built a tool exploiting image-recognition techniques to recognise a user from his/her picture, aiming to collect his/her personal data accessible through social networks where s/he has a profile. We have composed a dataset of 5000 users by combining data available from several social networks; we compared social network data mandatory in the registration phases, publicly accessible and those retrieved by our analysis. We aim to analyse the amount of extrapolated data for evaluating privacy threats when users share information on different social networks to help them be aware of these aspects. This work shows how users data on social networks can be retrieved easily by representing a clear privacy violation. Our research aims to improve the user's awareness concerning the spreading and managing of social networks data. To this end, we highlighted all the statistical evaluations made over the gathered data for putting in evidence the privacy issues

GDPR compliant information confidentiality preservation in Big Data processing

Nowadays, new laws and regulations, such as the European General Data Protection Regulation (GDPR), require companies to define privacy policies complying with the preferences of their users. The regulation prescribes expensive penalties for those companies causing the disclosure of sensitive data of their users, even if this occurs accidentally. Thus, it is necessary to devise methods supporting companies in the identification of privacy threats during advanced data manipulation activities. To this end, in this paper, we propose a methodology exploiting relaxed functional dependencies (RFDs) to automatically identify data that could imply the values of sensitive ones, which permits to increase the confidentiality of a dataset while reducing the number of values to be obscured. An experimental evaluation demonstrates the effectiveness of the proposed methodology in increasing compliance to the GDPR data privacy, while reducing the set of values to be partially masked, hence enhancing data usage

A decision-support framework for data anonymization with application to machine learning processes

The application of machine learning techniques to large and distributed data archives might result in the disclosure of sensitive information about the data subjects. Data often contain sensitive identifiable information, and even if these are protected, the excessive processing capabilities of current machine learning techniques might facilitate the identification of individuals, raising privacy concerns. To this end, we propose a decision-support framework for data anonymization, which relies on a novel approach that exploits data correlations, expressed in terms of relaxed functional dependencies (RFDs) to identify data anonymization strategies providing suitable trade-offs between privacy and data utility. Moreover, we investigate how to generate anonymization strategies that leverage multiple data correlations simultaneously to increase the utility of anonymized datasets. In addition, our framework provides support in the selection of the anonymization strategy to apply by enabling an understanding of the trade-offs between privacy and data utility offered by the obtained strategies. Experiments on real-life datasets show that our approach achieves promising results in terms of data utility while guaranteeing the desired privacy level, and it allows data owners to select anonymization strategies balancing their privacy and data utility requirements