Ricard L. Fogues

Open Challenges in Relationship-Based Privacy Mechanisms for Social Network Services

Social networking services (SNSs) such as Facebook and Twitter have experienced explosive growth during the few past years. Millions of users have created their profiles on these services because they experience great benefits in terms of friendship. SNSs can help people to maintain their friendships, organize their social lives, start new friendships, and meet others who share their hobbies and interests. However, all these benefits can be eclipsed by the privacy hazards that affect people in SNSs. People expose intimate information about their lives on SNSs, and this information affects the way others think about them. It is crucial that users be able to control how their information is distributed through the SNSs and decide who can access it. This article presents a list of privacy threats that can affect SNS users and what requirements privacy mechanisms should fulfill to prevent this threats. Then the article reviews current approaches and analyzes to what extent they cover the requirements.

BFF: A tool for eliciting tie strength and user communities in social networking services

The use of social networking services (SNSs) such as Facebook has explosively grown in the last few years. Users see these SNSs as useful tools to find friends and interact with them. Moreover, SNSs allow their users to share photos, videos, and express their thoughts and feelings. However, users are usually concerned about their privacy when using SNSs. This is because the public image of a subject can be affected by photos or comments posted on a social network. In this way, recent studies demonstrate that users are demanding better mechanisms to protect their privacy. An appropriate approximation to solve this could be a privacy assistant software agent that automatically suggests a privacy policy for any item to be shared on a SNS. The first step for developing such an agent is to be able to elicit meaningful information that can lead to accurate privacy policy predictions. In particular, the information needed is user communities and the strength of users’ relationships, which, as suggested by recent empirical evidence, are the most important factors that drive disclosure in SNSs. Given the number of friends that users can have and the number of communities they may be involved on, it is infeasible that users are able to provide this information without the whole eliciting process becoming confusing and time consuming. In this work, we present a tool called Best Friend Forever (BFF) that automatically classifies the friends of a user in communities and assigns a value to the strength of the relationship ties to each one. We also present an experimental evaluation involving 38 subjects that showed that BFF can significantly alleviate the burden of eliciting communities and relationship strength.

Sharing Policies in Multiuser Privacy Scenarios: Incorporating Context, Preferences, and Arguments in Decision Making

Social network services (SNSs) enable users to conveniently share personal information. Often, the information shared concerns other people, especially other members of the SNS. In such situations, two or more people can have conflicting privacy preferences; thus, an appropriate sharing policy may not be apparent. We identify such situations as multiuser privacy scenarios. Current approaches propose finding a sharing policy through preference aggregation. However, studies suggest that users feel more confident in their decisions regarding sharing when they know the reasons behind each other’s preferences. The goals of this paper are (1) understanding how people decide the appropriate sharing policy in multiuser scenarios where arguments are employed, and (2) developing a computational model to predict an appropriate sharing policy for a given scenario. We report on a study that involved a survey of 988 Amazon Mechanical Turk (MTurk) users about a variety of multiuser scenarios and the optimal sharing policy for each scenario. Our evaluation of the participants’ responses reveals that contextual factors, user preferences, and arguments influence the optimal sharing policy in a multiuser scenario. We develop and evaluate an inference model that predicts the optimal sharing policy given the three types of features. We analyze the predictions of our inference model to uncover potential scenario types that lead to incorrect predictions, and to enhance our understanding of when multiuser scenarios are more or less prone to dispute.

Tie and tag: A study of tie strength and tags for photo sharing

Tie strength and tags have been separately suggested as possible attributes for photo access controls in Social Network Services. However, an evaluation is missing about the benefits/drawbacks of adding one or both of these attributes to the ones already used in access controls for Social Network Services (groups and individuals). In this paper, we describe an experiment with 48 participants using access controls that include tie strength and tags (separately and simultaneously) together with attributes for groups and individuals. We analyze the results using several quantitative and qualitative metrics. We find that users consider these two new attributes useful in defining their sharing policies, and they prefer to employ access controls that consider tags and tie strength jointly. Specifically, users believe that tie strength improves policy understandability and that tags help them define sharing policies faster. However, we also observe that when users employ these two attributes they tend to make more mistakes in terms of the resulting sharing policy. We hypothesize that this could be caused by the lack of experience using tie strength and tags in access controls.

Exploring the viability of tie strength and tags in access controls for photo sharing

Social Network Sites (SNSs) such as Facebook and Google+ allow users to store and share large collections of photos. SNSs offer access controls that protect those photos from unwanted audiences. However, due to the lack of usability of these access controls, people struggle to configure them. First, we collected sharing policies for photos in a study with 34 Facebook users. Then, we define three metrics that enable researchers to evaluate the ease of use and complexity of access controls for photo sharing, and, employing the data collected in the study, we evaluate 15 access controls, each one with a different combination of attributes. The results obtained show that an access control that takes into account groups, tags, and the tie strength of relationships can be managed more easily than current approaches, reducing the burden of configuring the privacy settings for photos on SNSs.

SoSharP: Recommending Sharing Policies in Multiuser Privacy Scenarios

Users often share information about others; sometimes this inadvertently violates others’ privacy. Thus, here the authors propose SoSharP, an agent-based approach to help users maintain their own and others’ privacy by guiding a selection of sharing policies in multiuser scenarios. SoSharP learns incrementally and asks for users’ input only when required, reducing users’ effort.