C4PS - Helping Facebookers Manage Their Privacy Settings

  • Thomas Paul
  • Martin Stopczynski
  • Daniel Puscher
  • Melanie Volkamer
  • Thorsten Strufe
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7710)

Abstract

The ever increasing popularity of Online Social Networks has left a wealth of personal data on the web, accessible for broad and automatic retrieval. Protection from undesired recipients and harvesting by crawlers is implemented by access control, manually configured by the user in his privacy settings. Privacy unfriendly default settings and the user unfriendly privacy setting interfaces cause an unnoticed over-sharing. We propose C4PS - Colors for Privacy Settings, a concept for future privacy setting interfaces. We developed a mockup for privacy settings in Facebook as a proof of concept, applying color coding for different privacy visibilities, providing easy access to the privacy settings, and generally following common, well known practices. We evaluated this mockup in a lab study and show in the results that the new approach increases the usability significantly. Based on the results we provide a Firefox plug-in implementing C4PS for the new Facebook interface.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Acquisti, A., Gross, R.: Imagined Communities: Awareness, Information Sharing, and Privacy on the Facebook. In: Danezis, G., Golle, P. (eds.) PET 2006. LNCS, vol. 4258, pp. 36–58. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  2. 2.
    Antón, A.I., Earp, J.B., Young, J.D.: How Internet Users’ Privacy Concerns Have Evolved since 2002. IEEE Security & Privacy Magazine 8(1), 21–27 (2010)CrossRefGoogle Scholar
  3. 3.
    Balfanz, D., et al.: In Search of Usable Security. IEEE Security & Privacy (2004)Google Scholar
  4. 4.
    Becker, J., Chen, H.: Measuring privacy risk in online social networksGoogle Scholar
  5. 5.
    Bilge, L., Strufe, T., Balzarotti, D., Kirda, E.: All Your Contacts Are Belong to Us: Automated Identity Theft Attacks on Social Networks. In: WWW (2009)Google Scholar
  6. 6.
    Boshmar, Y., et al.: The Socialbot Network: When Bots Socialize for Fame and Money. In: ACSAC (2011)Google Scholar
  7. 7.
    Boyd, D., Hargittai, E.: Facebook privacy settings: Who cares? First Monday (Online)Google Scholar
  8. 8.
    Brooke, J.: SUS - A quick and dirty usability scale. Usability evaluation in industry (1996)Google Scholar
  9. 9.
    Buchegger, S., et al.: PeerSoN: P2P Social Networking - Early Experiences and Insights. In: SNS (2009)Google Scholar
  10. 10.
    Castelluccia, C., Kafaar, D.: Owner-Centric Networking: Toward a Data Pollution-Free Internet. In: SAINT (2010)Google Scholar
  11. 11.
    Cutillo, L.-A., Molva, R., Strufe, T.: Safebook: a privacy preserving online social network leveraging on real-life trust. IEEE Communications Magazine (2009)Google Scholar
  12. 12.
    Egelman, S., Oates, A., Krishnamurthi, S.: Oops, i did it again: mitigating repeated access control errors on facebook. In: CHI 2011 (2011)Google Scholar
  13. 13.
    Fang, L., Kim, H., LeFevre, K., Tami, A.: A Privacy Recommendation Wizard for Users of Social Networking Sites. In: CCS (2010)Google Scholar
  14. 14.
    Guha, S., Tang, K., Francis, P.: NOYB: Privacy in Online Social Networks. In: WOSP (2008)Google Scholar
  15. 15.
    Jagatic, T.N., Johnson, N.A., Jakobsson, M., Menczer, F.: Social Phishing. Commun. ACM (2007)Google Scholar
  16. 16.
    Jahid, S., Nilizadeh, S., Mittal, P., Borisov, N., Kapadia, A.: DECENT: A Decentralized Architecture for Enforcing Privacy in Online Social NetworksGoogle Scholar
  17. 17.
    Kagal, L., Abelson, H.: Access Control is an Inadequate Framework for Privacy Protection. In: W3C Privacy (2010)Google Scholar
  18. 18.
    King, J., Lampinen, A., Smolen, A.: Privacy: Is There An App for That? In: Symposium on Usable Privacy and Security, SOUPS (2011)Google Scholar
  19. 19.
    Krishnamurthy, B., Naryshkin, K.: Privacy leakage vs. Protection measures: the growing disconnect. In: W2SP (May 2011)Google Scholar
  20. 20.
    Krug, S.: Don’t Make Me Think: A Common Sense Approach to the Web, 2nd edn. New Riders Publishing (2005)Google Scholar
  21. 21.
    Lindamood, J., et al.: Inferring Private Information Using Social Network Data. In: WWW (2009)Google Scholar
  22. 22.
    Lipford, H.R., Besmer, A., Watson, J.: Understanding Privacy Settings in Facebook with an Audience View. In: UPSEC (2008)Google Scholar
  23. 23.
    Madejski, M., Johnson, M., Bellovin, S.: The Failure of Online Social Network Privacy Settings. Tech. rep., Columbia University (2011)Google Scholar
  24. 24.
    Mazzia, A., LeFevre, K., Adar, E.: The pviz comprehension tool for social network privacy settings. Tech. rep., University of Michigan (2011)Google Scholar
  25. 25.
    Strufe, T.: Profile Popularity in a Business-oriented Online Social Network. In: EuroSys/SNS (2010)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Thomas Paul
    • 1
  • Martin Stopczynski
    • 1
  • Daniel Puscher
    • 1
  • Melanie Volkamer
    • 1
  • Thorsten Strufe
    • 1
  1. 1.CASEDTechnische Universität DarmstadtGermany

Personalised recommendations