This chapter is concerned with the identification of the privacy threats to provide a feedback to the users so that they can make an informed decision based on their desired level of privacy. To achieve this goal, Solove's taxonomy of privacy violations is refined to incorporate the modern challenges to the privacy posed by the evolution of social networks. This work emphasizes on the fact that the privacy protection should be a joint effort of social network owners and users, and provides a classification of mitigation strategies according to the party responsible for taking these countermeasures. In addition, it highlights the key research issues to guide the research in the field of privacy preservation. This chapter can serve as a first step to comprehend the privacy requirements of online users and educate the users about their choices and actions in social media.
TopIntroduction
The ubiquitous presence of social networks in the people’s lives has led to unprecedented privacy issues as evident by the reported privacy scandals (Sanders & Patterson, 2019). The users are unwittingly relying on the social networking site for their personal information, relationships, participation in society, and even for broadcasting pithy news messages to others. This will enable the attackers to steal sensitive information, spread and amplify disinformation, inciting violence, and lowering levels of trust in media and democratic institution. Thus, the researchers and privacy practitioners should move beyond adoption and focus on the privacy implications of the user engagement with the social networking sites as the owners of these networks only strive for an active user base and consider the user engagement as the only metric of success.
The privacy risks posed by social networking sites range from the interfering and exploiting social interactions to the more sophisticated data collection, processing, distribution and privacy invasion by the owners of networking sites, third-party applications and the attackers as shown in Figure 1. Solove (Solove, 2006) has argued that privacy violations involve a variety of harmful and problematic activities. This chapter refines the Solove’s taxonomy (Solove, 2006) of information privacy violation to incorporate the challenges posed by social networking sites and provides taxonomy of countermeasures for privacy protection. Together, they serve as a useful checklist for a user to determine the priorities for the selection of privacy control. This taxonomy can also be used by the researchers to answer two important questions:
Figure 1. Activities that invade privacy
This chapter mainly focuses on studying the privacy threats on Facebook, though it can easily be generalized to the other social networks. It is organized as follows: Section II describes the importance of privacy in the social networks along with the potential attacks. Section III adapts the Solove’s taxonomy (Solove, 2006) of the privacy violation in the social network’s context along with a detailed description of each threat. Next, Section IV provides a taxonomy of the different approaches to mitigate the privacy risks on the social networks. Section V summarizes the findings and provides the relationship between the threat actors and the privacy threats discussed in the previous sections. Section VI outlines the future research directions for the service providers in the field of social networks and Section VII concludes this study.
TopBackground
Before discussing the privacy threats in the social networks, we will describe the importance of privacy in social networks along with the technological aspects of privacy and data protection. These two aspects serve as a basic concept to understand the implications of social network use and motivate the users to protect their privacy in the social networking sites.