Skip to main content

Interdependent Privacy: Let Me Share Your Data

  • Conference paper
Financial Cryptography and Data Security (FC 2013)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7859))

Included in the following conference series:

Abstract

Users share massive amounts of personal information and opinion with each other and different service providers every day. In such an interconnected setting, the privacy of individual users is bound to be affected by the decisions of others, giving rise to the phenomenon which we term as interdependent privacy. In this paper we define online privacy interdependence, show its existence through a study of Facebook application permissions, and model its impact through an Interdependent Privacy Game (IPG). We show that the arising negative externalities can steer the system into equilibria which are inefficient for both users and platform vendor. We also discuss how the underlying incentive misalignment, the absence of risk signals and low user awareness contribute to unfavorable outcomes.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. The 3 Facebook permissions you should never agree too, http://facecrooks.com/Internet-Safety-Privacy/the-3-facebook-app-permissions-you-should-never-agree-to.html (last accessed: October 2012)

  2. Clarke, R.: Introduction to dataveillance and information privacy, and definitions of terms (1997) (revised in 1999, 2005, 2006), http://www.rogerclarke.com/DV/Intro.html (last accessed: June 2012)

  3. Mankiw, N.: Principles of Economics. Available Titles CourseMate Series, vol. 1. South-Western Cengage Learning (2008)

    Google Scholar 

  4. Facebook Help Center – App Basics, https://www.facebook.com/help/178140838985151/ (last accessed: October 2012)

  5. Chia, P.H., Yamamoto, Y., Asokan, N.: Is this app safe? A large scale study on application permissions and risk signals. In: Proceedings of the 21st International Conference on World Wide Web, WWW 2012. ACM, New York (2012)

    Google Scholar 

  6. Facebook Permissions Reference, https://developers.facebook.com/docs/authentication/permissions (last accessed: June 2012)

  7. King, J., Lampinen, A., Smolen, A.: Privacy: Is there an app for that? In: Proc. of the 7th Symposium on Usable Privacy and Security, SOUPS 2011, pp. 12:1–12:20. ACM (2011)

    Google Scholar 

  8. David, E., Jon, K.: Networks, Crowds, and Markets: Reasoning About a Highly Connected World. Cambridge University Press, New York (2010)

    Google Scholar 

  9. Chia, P.H., Heiner, A.P., Asokan, N.: Use of ratings from personalized communities for trustworthy application installation. In: Aura, T., Järvinen, K., Nyberg, K. (eds.) NordSec 2010. LNCS, vol. 7127, pp. 71–88. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  10. Johnson, M., Egelman, S., Bellovin, S.M.: Facebook and privacy: it’s complicated. In: Proceedings of the Eighth Symposium on Usable Privacy and Security, SOUPS 2012, pp. 9:1–9:15. ACM, New York (2012)

    Google Scholar 

  11. Bonneau, J., Preibusch, S.: The privacy jungle: On the market for data protection in social networks. In: The Eighth Workshop on the Economics of Information Security, WEIS 2009 (2009)

    Google Scholar 

  12. Liu, Y., Gummadi, K.P., Krishnamurthy, B., Mislove, A.: Analyzing facebook privacy settings: user expectations vs. reality. In: Proceedings of the 2011 ACM SIGCOMM Conference on Internet Measurement Conference, IMC 2011, pp. 61–70. ACM, New York (2011)

    Chapter  Google Scholar 

  13. Dey, R., Jelveh, Z., Ross, K.: Facebook users have become much more private: A large-scale study. In: 2012 IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOM Workshops), pp. 346–352 (March 2012)

    Google Scholar 

  14. Felt, A.P., Greenwood, K., Wagner, D.: The effectiveness of application permissions. In: Proc. of the 2nd USENIX Conf. on Web Application Development, WebApps 2011. USENIX Association (2011)

    Google Scholar 

  15. Barrera, D., van Oorschot, P.C., Somayaji, A.: A Methodology for Empirical Analysis of Permission-Based Security Models and its Application to Android Categories and Subject Descriptors. In: Proc. of the 17th ACM Conf. on Computer and Communications Security, CCS 2010, pp. 73–84. ACM (2010)

    Google Scholar 

  16. Tam, J., Reeder, R.W., Schechter, S.: I’m Allowing What? Disclosing the authority applications demand of users as a condition of installation. Technical report, Microsoft Research, MSR-TR-2010-54 (2010)

    Google Scholar 

  17. Wang, N., Xu, H., Grossklags, J.: Third-party apps on facebook: privacy and the illusion of control. In: Proceedings of the 5th ACM Symposium on Computer Human Interaction for Management of Information Technology, CHIMIT 2011, pp. 4:1–4:10. ACM, New York (2011)

    Google Scholar 

  18. Zheleva, E., Getoor, L.: To join or not to join: the illusion of privacy in social networks with mixed public and private user profiles. In: Proceedings of the 18th International Conference on World Wide Web, WWW 2009, Madrid, Spain, April 20-24, pp. 531–540. ACM (2009)

    Google Scholar 

  19. Jernigan, C., Mistree, B.F.: Gaydar: Facebook friendships expose sexual orientation. First Monday 14(10) (October 2009)

    Google Scholar 

  20. Hu, H., Ahn, G.J., Jorgensen, J.: Detecting and resolving privacy conflicts for collaborative data sharing in online social networks. In: Proceedings of the 27th Annual Computer Security Applications Conference, ACSAC 2011, pp. 103–112. ACM, New York (2011)

    Google Scholar 

  21. Preibusch, S., Bonneau, J.: The password game: negative externalities from weak password practices. In: Alpcan, T., Buttyán, L., Baras, J.S. (eds.) GameSec 2010. LNCS, vol. 6442, pp. 192–207. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  22. Johari, R., Kumar, S.: Congestible services and network effects. In: Proceedings of the 11th ACM Conference on Electronic Commerce, EC 2010, pp. 93–94. ACM, New York (2010)

    Google Scholar 

  23. Goeree, J.K., Holt, C.A.: Ten little treasures of game theory and ten intuitive contradictions. Virginia Economics Online Papers 333, University of Virginia, Department of Economics (February 2000)

    Google Scholar 

  24. Center for the Advancement of Steady State Economy – Negative Externalities Are the Norm, http://steadystate.org/negative-externalities/ (last accessed: October 2012)

  25. Besmer, A., Lipford, H.R., Shehab, M., Cheek, G.: Social applications: exploring a more secure framework. In: Proceedings of the 5th Symposium on Usable Privacy and Security, SOUPS 2009, pp. 2:1–2:10. ACM, New York (2009)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Biczók, G., Chia, P.H. (2013). Interdependent Privacy: Let Me Share Your Data. In: Sadeghi, AR. (eds) Financial Cryptography and Data Security. FC 2013. Lecture Notes in Computer Science, vol 7859. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-39884-1_29

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-39884-1_29

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-39883-4

  • Online ISBN: 978-3-642-39884-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics