research-article

Finding "hidden" connections on linkedIn an argument for more pragmatic social network privacy

Author:

Jessica StaddonAuthors Info & Claims

AISec '09: Proceedings of the 2nd ACM workshop on Security and artificial intelligence

Pages 11 - 14

https://doi.org/10.1145/1654988.1654992

Published: 09 November 2009 Publication History

Abstract

Social networking services well know that some users are unwilling to freely share the information they store with the service (e.g. profile information). To address this, ser vices typically provide various privacy "knobs" that the user may adjust to limit access by content type or user identity. However, the main purpose of social networks, community building, is largely at odds with this, hence it is unsurprising that privacy breaches in social networks are increasingly discovered. We argue that this tension between social networking goals and privacy suggests that research efforts should be focused more on efficient methods for detecting privacy breaches in social networks and on building user awareness of privacy risks and the trade-off between privacy and utility. We support our argument with a simple method for discovering LinkedIn contacts ostensibly hidden by privacy settings. This method appears discoverable with a straightforward analysis of the LinkedIn system and its features (indeed, LinkedIn is likely aware of this method), however Linkedin's privacy instructions suggest to users that implementing a privacy setting will prevent such discovery.

References

[1]

L. Backstrom, C. Dwork and J. Kleinberg. Wherefore art thou r3579x? Anonymized social networks, hidden patterns and structural steganogrpahy. WWW 2007.

Digital Library

[2]

J. Becker and H. Chen. Measuring privacy risk in online social networks. Web 2.0 Security & Privacy 2009.

[3]

J. He, W. Chu and Z. Liu. Inferring Privacy Information From Social Networks. IEEE International Conference on Intelligence and Security Informatics, 2006.

Digital Library

[4]

D. Crandall, D. Cosley, D. Huttenlocher, J. Kleinberg and S. Suri. Feedback effects between similarity and social influence in online communities. KDD 2008.

Digital Library

[5]

J. Douceur. The Sybil attack. First International Workshop on Peer-to-Peer Systems, 2002.

Digital Library

[6]

C. Dwork. Differential privacy: A survey of results. Theory and Applications of Models of Computation., April, 2008.

Digital Library

[7]

C. Dwork, A. Goldberg, and M. Naor. On memory-bound functions for fighting spam. In Advances in Cryptology - CRYPTO 2003, volume 2729 of Lecture Notes in Computer Science, pages 426-444. Springer, 2003.

[8]

A. Felt and D. Evans. Privacy protection for social networking platforms. Web 2.0 Security & Privacy 2008.

[9]

L. Freeman. The Development of Social Network Analysis. Vancouver: Empirical Press, 2006.

[10]

R. Gross and A. Acquisti. Information revelation and privacy in online social networks (the Facebook case). WPES 2005.

Digital Library

[11]

L. Izquierdo and R. Hanneman. Introduction to the formal analysis of social networks using Mathematica.

[12]

T. Jagatic, N. Johnson, M. Jakobsson and F. Menczer. Social Phishing. Communications of the ACM, October, 2007.

Digital Library

[13]

G. Lebanon, M. Scannapieco, M. Fouad and E. Bertino. Beyond k-Anonymity: A Decision Theoretic Framework for Assessing Privacy Risk. Privacy in Statistical Databases 2006.

Digital Library

[14]

http://www.facebook.com.

[15]

LinkedIn. http://www.linkedin.com

[16]

http://www.linkedin.com/static?key=pop/pop more browse connections.

[17]

http://www.linkedin.com/search

[18]

Amazon's Mechanical Turk. https://www.mturk.com/mturk/welcome

[19]

M. Prabaker, J. Rao, I. Fette, P. Kelley, L. Cranor, J. Hong and N. Sadeh. Understanding and capturing people's privacy policies in a people finder application. 2007 Ubicomp Workshop on Privacy.

[20]

R. Reeder, P. Kelley, A, McDonald and L. Cranor. A user study of the expandable grid applied to P3P privacy policy visualization. WPES 2008.

Digital Library

[21]

J. Scott. Social Network Analysis: A Handbook. Sage Publications, 2000.

[22]

Socrata blog entry, October 10, 2008. Do you hide your LinkedIn connections? http://blog.socrata.com/2007/10/10/do-you-hide-your-linked-in-connections/

[23]

S. Webb, J. Caverlee and C. Pu. Social Honeypots: Making friends with a spammer near you. CEAS 2007.

[24]

J. Widman. Go phish! How to guard your privacy on Facebook. PCWorld, May 1, 2009.

[25]

E. Zheleva and L. Getoor. To join or not to join: The illusion of privacy in social networks with mixed public and private user profiles. WWW 2009

Digital Library

Cited By

Saad TKhan F(2016)Nudging Pakistani users towards privacy on social networks2016 SAI Computing Conference (SAI)10.1109/SAI.2016.7556122(1147-1154)Online publication date: Jul-2016
https://doi.org/10.1109/SAI.2016.7556122
Ruan XYue CWang H(2013)Unveiling Privacy Setting Breaches in Online Social NetworksSecurity and Privacy in Communication Networks10.1007/978-3-319-04283-1_20(323-341)Online publication date: 2013
https://doi.org/10.1007/978-3-319-04283-1_20
Yang YLutes JLi FLuo BLiu PBertino ESandhu R(2012)Stalking onlineProceedings of the second ACM conference on Data and Application Security and Privacy10.1145/2133601.2133607(37-48)Online publication date: 7-Feb-2012
https://dl.acm.org/doi/10.1145/2133601.2133607
Show More Cited By

Recommendations

Exploiting vulnerability to secure user privacy on a social networking site
KDD '11: Proceedings of the 17th ACM SIGKDD international conference on Knowledge discovery and data mining

As (one's) social network expands, a user's privacy protection goes beyond his privacy settings and becomes a social networking problem. In this research, we aim to address some critical issues related to privacy protection: Would the highest privacy ...
Factors mediating disclosure in social network sites

In this paper, we explore how privacy settings and privacy policy consumption (reading the privacy policy) affect the relationship between privacy attitudes and disclosure behaviors. We present results from a survey completed by 122 users of Facebook ...
Achieving Privacy in a Federated Identity Management System
Financial Cryptography and Data Security

Federated identity management allows a user to efficiently authenticate and use identity information from data distributed across multiple domains. The sharing of data across domains blurs security boundaries and potentially creates privacy risks. We ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

AISec '09: Proceedings of the 2nd ACM workshop on Security and artificial intelligence

November 2009

72 pages

ISBN:9781605587813

DOI:10.1145/1654988

Program Chairs:
Dirk Balfanz
Google, USA
,
Jessica Staddon
PARC, USA

Copyright © 2009 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 09 November 2009

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS '09

Sponsor:

SIGSAC

CCS '09: 16th ACM Conference on Computer and Communications Security 2009

November 9, 2009

Illinois, Chicago, USA

Acceptance Rates

Overall Acceptance Rate 94 of 231 submissions, 41%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

6
Total Citations
View Citations
849
Total Downloads

Downloads (Last 12 months)18
Downloads (Last 6 weeks)0

Reflects downloads up to 13 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Saad TKhan F(2016)Nudging Pakistani users towards privacy on social networks2016 SAI Computing Conference (SAI)10.1109/SAI.2016.7556122(1147-1154)Online publication date: Jul-2016
https://doi.org/10.1109/SAI.2016.7556122
Ruan XYue CWang H(2013)Unveiling Privacy Setting Breaches in Online Social NetworksSecurity and Privacy in Communication Networks10.1007/978-3-319-04283-1_20(323-341)Online publication date: 2013
https://doi.org/10.1007/978-3-319-04283-1_20
Yang YLutes JLi FLuo BLiu PBertino ESandhu R(2012)Stalking onlineProceedings of the second ACM conference on Data and Application Security and Privacy10.1145/2133601.2133607(37-48)Online publication date: 7-Feb-2012
https://dl.acm.org/doi/10.1145/2133601.2133607
Atrey PBattiato SEmmanuel SUlges AWorring M(2011)A secret sharing based privacy enforcement mechanism for untrusted social networking operatorsProceedings of the 3rd international ACM workshop on Multimedia in forensics and intelligence10.1145/2072521.2072525(13-18)Online publication date: 29-Nov-2011
https://dl.acm.org/doi/10.1145/2072521.2072525
Williams JClarke LWeber-Jahnke J(2010)Social networking applications in health careProceedings of the 2010 ICSE Workshop on Software Engineering in Health Care10.1145/1809085.1809091(39-49)Online publication date: 3-May-2010
https://dl.acm.org/doi/10.1145/1809085.1809091
Williams JWeber-Jahnke J(2010)Social networks for health care: Addressing regulatory gaps with privacy-by-design2010 Eighth International Conference on Privacy, Security and Trust10.1109/PST.2010.5593252(134-143)Online publication date: Aug-2010
https://doi.org/10.1109/PST.2010.5593252

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents