Interdependent Information Disclosure and Privacy in Online Social Networks Open Access
Downloadable ContentDownload PDF
Today, Online Social Networks (OSNs) have become the mainstream social platform for communication and information sharing. Not only do users reveal their information to their friends and close acquaintances, they leave this information for all to see. Additionally, vast amount of information about individuals from other sources publicly available on the web, revealing additional sensitive information about OSN users. In this research, we address the novel problem of linking user profiles at Twitter with real-world identities at Whitepages.com (containing information such as name, address, age etc.) and demonstrate that a substantial portion of OSN users can be potentially linked to their real-world identities.Next, the highly interactive nature of interpersonal communication on OSNs impels us to think about privacy as a communal matter, with users’ private information being revealed by not only their own voluntary disclosures (self- disclosure), but also the activities of their social ties (co-disclosure). With co- disclosure increasingly identified as a new source of privacy threat inherent to the OSN context, we present a data-driven study that builds upon an innovative measurement for quantifying the extent to which others’ co-disclosure could lead to actual privacy harm. The results demonstrate the significant harms caused by co-disclosure and illustrate the differences between the identity elements revealed through self- and co-disclosure.Among the existing solutions for protecting privacy on social media, a popular doctrine is privacy self-management, which allows users to directly control the sharing of their personal information through privacy settings. While most existing research focuses on whether a user can make informed and rational decisions on privacy settings, we address a novel yet important question of whether these settings themselves are effective in practice (for privacy protection). Specifically, we conduct an observational study on the effectiveness of the most prominent privacy setting on Twitter, the protected mode. Our results show that, even after setting an account to protected, substantial private information is still continuously disclosed about most real-world account owner, mostly from the tweets posted by the owner’s connections. This finding illustrates a fundamental limit of privacy self-management: its inability to control the co-disclosure of privacy by an individual’s friends.