Analyzing and Optimizing Access Control Choice Architectures in Online Social Networks (original) (raw)
Related papers
Analyzing Facebook Privacy Settings: User Expectations vs. Reality
The sharing of personal data has emerged as a popular activity over online social networking sites like Facebook. As a result, the issue of online social network privacy has received significant attention in both the research literature and the mainstream media. Our overarching goal is to improve defaults and provide better tools for managing privacy, but we are limited by the fact that the full extent of the privacy problem remains unknown; there is little quantification of the incidence of incorrect privacy settings or the difficulty users face when managing their privacy.
Computers in Human Behavior, 2019
Privacy research has debated whether privacy decision-making is determined by users' stable preferences (i.e., individual traits), privacy calculus (i.e., cost-benefit analysis), or "responses on the spot" that vary across contexts. This study focuses on two factors-default setting as a contextual factor and regulatory focus as an individual difference factor-and examines the degree to which these factors affect social media users' decision-making when using privacy preference settings in a fictitious social networking site. The results, based on two experimental studies (study 1, n = 414; study 2, n = 213), show that default settings significantly affect users' privacy preferences, such that users choose the defaults or alternatives proximal to them. Study 2 shows that regulatory focus also affects privacy decisions, such that users with a strong promotion focus select options favoring a higher social networking utility, perceiving lesser cognitive efforts and more confidence in decisions. Finally, we find a significant interaction effect between default setting and regulatory focus on perceived effort and confidence, suggesting that the default effect is contingent on users' goal orientations (operationalized as regulatory focus). We discuss the implications for research and practice.
The Failure of Online Social Network Privacy Settings
posterous.com
Increasingly, people are sharing sensitive personal information via online social networks (OSN). While such networks do permit users to control what they share with whom, access control policies are notoriously difficult to configure correctly; this raises the question of whether OSN users' privacy settings match their sharing intentions. We present the results of an empirical evaluation that measures privacy attitudes and intentions and compares these against the privacy settings on Facebook. Our results indicate a serious mismatch: every one of the 65 participants in our study confirmed that at least one of the identified violations was in fact a sharing violation. In other words, OSN users' privacy settings are incorrect. Furthermore, a majority of users cannot or will not fix such errors. We conclude that the current approach to privacy settings is fundamentally flawed and cannot be fixed; a fundamentally different approach is needed. We present recommendations to ameliorate the current problems, as well as provide suggestions for future research. * This work was supported by NSF Grant CNS-0905403. † Work done while at Columbia University.
A Study of Privacy Setting Errors in an Online Social Network
cs.columbia.edu
Access control policies are notoriously difficult to configure correctly, even people who are professionally trained system administrators experience difficulty with the task. With the increasing popularity of online social networks (OSN) users of all levels are sharing an unprecedented amount of personal information on the Internet. Most OSNs give users the ability to specify what they share with whom, but the difficulty of the task raises the question of whether users' privacy settings match their sharing intentions. We present the results of a study that measures sharing intentions to identify potential violations in users' real Facebook privacy settings. Our results indicate a serious mismatch between intentions and reality: every one of the 65 participants in our study had at least one confirmed sharing violation. In other words, OSN users' are unable to correctly manage their privacy settings. Furthermore, a majority of users cannot or will not fix such errors.
Mining Privacy Settings to Find Optimal Privacy-Utility Tradeoffs for Social Network Services
2012 International Conference on Privacy, Security, Risk and Trust and 2012 International Confernece on Social Computing, 2012
Privacy has been a big concern for users of social network services (SNS). On recent criticism about privacy protection, most SNS now provide fine privacy controls, allowing users to set visibility levels for almost every profile item. However, this also creates a number of difficulties for users. First, SNS providers often set most items by default to the highest visibility to improve the utility of social network, which may conflict with users' intention. It is often formidable for a user to fine-tune tens of privacy settings towards the user desired settings. Second, tuning privacy settings involves an intricate tradeoff between privacy and utility. When you turn off the visibility of one item to protect your privacy, the social utility of that item is turned off as well. It is challenging for users to make a tradeoff between privacy and utility for each privacy setting. We propose a framework for users to conveniently tune the privacy settings towards the user desired privacy level and social utilities. It mines the privacy settings of a large number of users in a SNS, e.g., Facebook, to generate latent trait models for the level of privacy concern and the level of utility preference. A tradeoff algorithm is developed for helping users find the optimal privacy settings for a specified level of privacy concern and a personalized utility preference. We crawl a large number of Facebook accounts and derive the privacy settings with a novel method. These privacy setting data are used to validate and showcase the proposed approach.
Modelling the intended use of Facebook privacy settings
South African Journal of Information Management, 2020
Background: The ineffective use of Facebook privacy settings has become commonplace. This has made it possible for corporates not only to harvest personal information but also to persuade or influence user behaviour in a manner that does not always protect Facebook users. Objectives: The objective of this article was to develop a research model that could be used to evaluate the influence of subjective norms, information security awareness and the process of threat appraisal on the intention to use Facebook privacy settings. Method: In this article, the authors made use of a qualitative approach. Literature pertaining to subjective norms, information security awareness and threat appraisal was thematically analysed using Atlas.ti. Through a process of inductive reasoning, three propositions were developed. Results: This study found that it is likely that an individual’s intention to use Facebook privacy settings will be influenced by subjective norms, information security awareness and the process of threat appraisal. To evaluate the behavioural influence of these selected constructs and relationships, a research model was developed based on both the theory of planned behaviour and protection motivation theory. Conclusion: In this article, it is argued that the ineffective use of Facebook privacy settings may be because of the behavioural influence of subjective norms. This is compounded by the fact that most users are unaware of privacy threats. This makes these users vulnerable to Facebook-based privacy threats because the process of threat appraisal is conducted with incomplete, inaccurate or missing information.
Exploiting Privacy-Policy and -Management Features on Social Networks: A User's Perspective
—A social network is a type of media that allows users to engage social interaction in the cyber world. Nowadays, this network becomes a backbone of the digital communication world as it transformed the way of information being shared across the different communities. Exploiting this network, people can easily share huge volume of information (e.g., text, audio and video) without paying any charge that runs to gain overwhelming popularity of it. Nevertheless, it is an important issue for the users to select the privacy options for their information, resulting in the decision making on who can access the information and how the information should be used. This decision can be made via privacy management features within the social networks' applications. However, the lack of study to explain the perceived use of privacy policies and management features, among social networks' users, has conjured up the significant concerns about how social network users felt about the use of these features in social networks. To address this issue, in this paper, an empirical study has been conducted to seek for users' feedbacks on the use of existing privacy policies and management features of social networks. These feedback assist in improving further the social network users' privacy features.
Privacy Settings on Facebook: Their Roles and Importance
This explorative study aims to gain insight about which privacy settings and features on the interfaces are commonly used by Facebook users. User data was collected using an online survey. Based on the survey data, a set of the commonly used privacy strategies on Facebook were identified. We found that these strategies were mainly used to manage three types of privacy concerns: 1) personal profile visibility, 2) personal networking boundary, and 3) personal privacy awareness. A point-biserial correlation analysis revealed that only networking privacy strategies were significantly correlated with the feeling of control users felt in mitigating hackers, blackmailers, stalkers as well as compromising relations and job positions. Hence, when the goal of the sites is to empower users for protecting their privacy, it is important to understand how users make decisions with the help of these privacy settings and features on user interfaces. Implications of these findings as well as suggestions for future research are discussed.
Privacy protection strategies on Facebook: The Internet privacy paradox revisited
2013
County. Her research focuses primarily on the uses and impact of information and communication technologies (ICTs) on the lives and practices of individuals, communities and organizations Anabel Quan-Haase is an Associate Professor in the Faculty of Information and Media Studies and the Department of Sociology at the University of Western Ontario. Her research examines how digital technologies have affected social networks and identifies what factors affect network structure, creation and maintenance over time in physical and digital spaces.