Online Social Networks: Privacy Threats and Defenses

Part of the Lecture Notes in Social Networks book series (LNSN)


With over 1 billion users connected through online social networks, user privacy is becoming ever more important and is widely discussed in the media and researched in academia. In this chapter we provide a brief overview of some threats to users’ privacy. We classify these threats as: users’ limitations, design flaws and limitations, implicit flows of information, and clash of incentives. We also discuss two defense mechanisms which deploy usable privacy through a visual and interactive flow of information and a rational privacy vulnerability scanner.


  1. 1.
    Acquisti, A., Grossklags, J.: Uncertainty, ambiguity and privacy. In: WEIS, 2005Google Scholar
  2. 2.
    Baddeley, A.: Working memory. Science 255(31), 556–559 (1992)CrossRefGoogle Scholar
  3. 3.
    Barret, D., Saul, M.H.: “weiner now says he sent photos”. Wall St. J. (2011)Google Scholar
  4. 4.
    Berger, P.L.: Models of Bounded Rationality, Vol. I–III. MIT Press, Cambridge, MA (1982)Google Scholar
  5. 5.
    Bilge, L., Strufe, T., Balzarotti, D., Kirda, E.: All your contacts are belong to us: automated identity theft attacks on social networks. In: WWW, pp. 551–560, 2009Google Scholar
  6. 6.
    Bonneau, J.: New facebook photo hacks., (2009). Accessed 15 July 2011
  7. 7.
    Bonneau, J., Anderson, J., Danezis, G.: Prying data out of a social network. In: ASONAM, pp. 249–254, 2009Google Scholar
  8. 8.
    Bonneau, J., Anderson, J., Stajano, F., Anderson, R.: Eight friends are enough: Social graph approximation via public listings. In: SNS, 2009Google Scholar
  9. 9.
    Boshmaf, Y., Muslukhov, I., Beznosov, K., Ripeanu, M.: The socialbot network: When bots socialize for fame and money. ACSAC, Sept 2011Google Scholar
  10. 10.
    Chaabane, A., Acs, G., Kaafar, M.: You are what you like! information leakage through users’ interests. In: Proc. Annual Network and Distributed System Security Symposium, 2012Google Scholar
  11. 11.
    Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Comm. ACM 24(2), 84–88 (1981)CrossRefGoogle Scholar
  12. 12.
    Chaum, D.: Blind signatures for untraceable payments. In: CRYPTO, pp. 199–203, 1982Google Scholar
  13. 13.
    Cooper, B.: Italian drugs fugitive jailed after posting pictures of himself with Barack Obama waxwork in London on Facebook. Mail Online February 14, 2012Google Scholar
  14. 14.
    Dey, R., Tang, C., Ross, K.W., Saxena, N.: Estimating age privacy leakage in online social networks. In: INFOCOM, pp. 2836–2840, 2012Google Scholar
  15. 15.
    Dhingra, A.: Where you did sleep last night? …thank you, i already know! iSChannel 3(1) (2008)Google Scholar
  16. 16.
    Donald, A.M., Cranor, L.F.: How technology drives vehicular privacy. J. Law Pol. Inform. Soc. 2, (2006)Google Scholar
  17. 17.
    Ebersman, D.A.: Facebook Inc., Form S-1 registration statement. United States Securites and Exchange Commission, February 1, 2012Google Scholar
  18. 18.
    Facebook bug sees Zuckerberg pictures posted online. BBC, December 7, 2011Google Scholar
  19. 19.
    Facebook Timeline: Accessed 16 May 2012
  20. 20.
    Felt, A.: Defacing Facebook: A security case study. 2007Google Scholar
  21. 21.
    Jagatic, T.N., Johnson, N.A., Jakobsson, M., Menczer, F.: Social phishing. Comm. ACM 50(10), 94–100 (2007)CrossRefGoogle Scholar
  22. 22.
    Lindamood, J., Heatherly, R., Kantarcioglu, M., Thuraisingham, B.M.: Inferring private information using social network data. In: WWW, pp. 1145–1146, 2009Google Scholar
  23. 23.
    Mackay, W.E.: Triggers and barriers to customizing software. In: CHI, pp. 153–160, 1991Google Scholar
  24. 24.
    Mahmood, S.: New privacy threats for Facebook and Twitter users. In: IEEE 3PGCIC, 2012Google Scholar
  25. 25.
    Mahmood, S.: Online social networks: The overt and covert communication channels for terrorists and beyond. In: IEEE HST, 2012Google Scholar
  26. 26.
    Mahmood, S., Desmedt, Y.: Poster: preliminary analysis of Google+’s privacy. In: ACM Conference on Computer and Communications Security, pp. 809–812, 2011Google Scholar
  27. 27.
    Mahmood, S., Desmedt, Y.: Online social networks, a criminals multipurpose toolbox (poster abstract). In: Balzarotti, D., Stolfo, S.J., Cova, M. (eds.) Research in Attacks, Intrusions, and Defenses, vol. 7462 of Lecture Notes in Computer Science, pp. 374–375. Springer, New York (2012)CrossRefGoogle Scholar
  28. 28.
    Mahmood, S., Desmedt, Y.: Two new economic models for privacy. In: ACM SIGMETRICS/Performance Workshops, PER, 2012Google Scholar
  29. 29.
    Mahmood, S., Desmedt, Y.: Usable privacy by visual and interactive control of information flow. In: Twentieth International Security Protocols Workshop, 2012Google Scholar
  30. 30.
    Mahmood, S., Desmedt, Y.: Your Facebook deactivated friend or a cloaked spy. In: IEEE PerCom Workshops, pp. 367–373, 2012Google Scholar
  31. 31.
    MailOnline: Zuckerberg defends Facebook…by saying Microsoft, Google and Yahoo! are even worse at ignoring user privacy. Daily Mail, November 8, 2011Google Scholar
  32. 32.
    Henderson, M., de Zwart, M., Lindsay, D., Phillips, M.: Will u friend me? Legal risks of social networking sites. Monash University, 2011Google Scholar
  33. 33.
    Monkovic, T.: Eagles employee fired for Facebook post. New York Times, March 10, 2009Google Scholar
  34. 34.
    Obama advises caution in use of Facebook. Associated Press, September 8, 2009Google Scholar
  35. 35.
    Parent, W.: Privacy, morality and the law. Philos. Publ. Aff. 12, 269–288 (1983)Google Scholar
  36. 36.
    Polakis, I., Kontaxis, G., Antonatos, S., Gessiou, E., Petsas, T., Markatos, E.P.: Using social networks to harvest email addresses. In: WPES, pp. 11–20, 2010Google Scholar
  37. 37.
    Privacy: Stanford Encyclopedia of Philosophy, 2002Google Scholar
  38. 38.
    Samaha, J.: Criminal Justice. Thomson Wadsworth, Belmont, CA (2006)Google Scholar
  39. 39.
    Spiekermann, S., Grossklags, J., Berendt, B.: E-privacy in 2nd generation e-commerce: privacy preferences versus actual behavior. In: ACM Conference on Electronic Commerce, pp. 38–47, 2001Google Scholar
  40. 40.
    Stelzner, M.: Social media marketing industry report. SocialMediaMarketingReport2011.pdf, 2011
  41. 41.
  42. 42.
    Warren, S.D., Brandeis, L.D.: The right to privacy. Harv. Law Rev. 4(5), 193–220 (1890)CrossRefGoogle Scholar
  43. 43.
    Wasserman, S., Faust, K.: Social Network Analysis. Cambridge University Press, Cambridge (1994)Google Scholar
  44. 44.
    Weeks, N.: Greek police detain 24 in athens immigrant clash after murder., 2011
  45. 45.
    Westin, A., Blom-Cooper, L.: Privacy and Freedom. Bodley Head, London (1970)Google Scholar
  46. 46.
    Xu, W., Zhou, X., Li, L.: Inferring privacy information via social relations. In: International Conference on Data Engineering, 2008Google Scholar
  47. 47.
    Yan, J., Liu, N., Wang, G., Zhang, W., Jiang, Y., Chen, Z.: How much can behavioral targeting help online advertising? In: WWW, pp. 261–270, 2009Google Scholar
  48. 48.
    Yardi, S., Romero, D.M., Schoenebeck, G., Boyd, D.: Detecting spam in a Twitter network. First Monday 15(1) (2010)Google Scholar

Copyright information

© Springer-Verlag Wien 2013

Authors and Affiliations

  1. 1.Department of Computer ScienceUniversity College LondonLondonUK

Personalised recommendations