Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
PrivacyinSocialNetworks
CarlosOrdonezDavidMatusevich
OutlineI. Overview
– WhatisaSocialnetwork?– Prominentsocialnetworks– WhatisPrivacy?
II. PrivacyIssues– Social;Legal– Differenceswithdatasecurity– Commercialadvantage
III. Controllingprivacy– WhatDataisCollected– ManagingPrivacySettings
IV. StrategiesforSafeSharing:– Protectingyouronline“brand”I. SafeOnlineSocializing
I- Overview
WhatisaSocialNetwork?
• ASocialNetworkSiteisaWeb-basedservicethatallowsindividualsto“constructapublicorsemi-publicprofilewithinaboundedsystem;articulatealistofotheruserswithwhomtheyshareaconnection;andviewandtraversetheirlistofconnectionsandthosemadebyotherswithinthesystem”,thereforeincreasingtheirsocialcapital.
• Wewillnotconsiderotherkindsofsocialnetworksthatdon’trelyonasocialnetworkprovider.
SocialNetworkDataStorage
• USA/CanadaandEurope– Local– External
• Atmultiplesites• Transferredandshared
DisseminationofinformationShapeoffriendsgraph
• Star• Tree• Interconnectedcircles• Cliques
SocialNetwork
• ASocialnetworkisacentralplacethatcombines– Entertainment– Socialinteractions– Communicationfacilities
• Socialnetworkoperators(users)buildprofilesthatcanbeseenbyotherusers.Theusermanagestheamountofinformationotherscansee.
• Personaldataisnowconsideredthenew“oil”,andcompaniesareeagertocashinonthisnewresource.
SocialNetworkElements
• Aboundedsetofusers• Publicorsemipublicpersonalprofiles• Definitionofasetofpeoplerelatedtoaperson(friends,relatives)
• Freedomtotraverselistsofconnections(theirownandothers)
• SocialNetworkCapital:Theexpectedcollectiveoreconomicbenefitsderivedfromthepreferentialtreatmentandcooperationbetweenindividualsandgroups
SocialNetworksvs.InternetCommunities
• InternetCommunities:Similartosocialnetworksbuttherearenoexplicitinteractionsbetweenusersandnoconnections.
• YouTube,Amazon,eBayarecommunities,butsincethereisnosetofconnections,theycannotbeconsiderednetworks.
• Astimegoesby,thelinesbetweencommunitiesandnetworksarebecomingmoreblurred.
TheSocialAspect
• Socialnetworksareusedtoconnectwithpeoplemetofflineoronline
• Toalesserextentinvestigatepeople(asaprimitivebackgroundcheck)
• Colleagues,classmatesandfriendsingeneral,mayshareconnectionsonline,butnotnecessarilyoffline
MotivationsforJoiningaSocialNetwork
Peoplejoinsocialnetworksto:• Createandsharecontentaboutthemselves• Toconnectwithothers(eitheroldacquaintancesornew)
• Tomeetpeoplewithsimilarinterests• FinancialMotivations
Inordertoachievethesegoals,theremustbeameasureofvoluntarydisclosureamongmultipleusers
Rank Name Activeuseraccounts
SiteCountryoforigin
1 Facebook 1billion[1] UnitedStates
2 TencentQQ 712million[3] China
3 Qzone 400+million[5] China
4 SinaWeibo 300+million[7] China
5 Google+ 235million[8] UnitedStates
6 Twitter 200+million[10] UnitedStates
7 VK 190+million[11] Russia
8 LinkedIn 160million[12] UnitedStates
9 Renren 160+million[13] China
10 Skype 145+million[14] Estonia
TopTenSocialNetworksbyUsers
Socialnetsbecomingmorecommon
• SocialnetworksareanincreasinglyubiquitouspartofAmericans'dailylives;
• Recentdatashowsthat65%ofInternet-usingU.S.adultsmaintainaprofileonanSNS
• Thisfigureisincreasedto81%whenconsideringteens
Facebookphenomenon
• Morethan1Billionactiveusers.• 50%percentofuserslogindaily.• Theaverageuserhas130friends,• Averageuserisamemberof12groups,andspendsmorethan55minutesperdayonthesite
Facebookinmoredetail
• 2.5billionphotosuploadedeachmonth,withmorethan
• 3.5billionpiecesofcontentsharedeachweek• Therearecurrentlymorethan70translationsofthesiteavailable
• 70%ofFacebookuserscomingfromoutsideoftheUnitedStates(Facebook,2010).
PrivacyOverview:PrivacyDefinition
• Privacy istheabilityofanindividualorgrouptosecludethemselvesorinformationaboutthemselvesandtherebyrevealthemselvesselectively.
• Westin1967:“theclaimofindividuals,groups,orinstitutionstodetermineforthemselveswhen,howandtowhatextentinformationaboutthemiscommunicatedtoothers’’
• Altman1975:selectivecontrolofaccesstotheself
ThereisNOprivacyanymore!• InessencetheEuropeanCommunityconsidersprivacyaHuman
Right,notsomethingthatisgrantedbythegovernment.• Article8ofthe EuropeanConventiononHumanRights providesa
righttorespectforone's"privateandfamilylife,hishomeandhis correspondence",subjecttocertainrestrictionsthatare"inaccordancewithlaw"and"necessaryinademocraticsociety".
• Thisviewisnotuniversallyaccepted.In1999SunMicrosystemsCEOScottMcNealycalledprivacya“redherring”.“Youhavezeroprivacy,getoverit!”,hesaid.
• GoogleCEOEricSchmidtsaidthat“Ifyouhavesomethingthatyoudon'twantanyonetoknow,maybeyoushouldn'tbedoingitinthefirstplace”,whenaskedifusersshouldbesharingtheirinformationwithGoogle.
Principlesgoverningthe EuropeanCommunity(OECD)recommendationsforprotectionofpersonaldata
1. Notice—datasubjectsshouldbegivennoticewhentheirdataisbeingcollected;
2. Purpose—datashouldonlybeusedforthepurposestatedandnotforanyotherpurposes;
3. Consent—datashouldnotbedisclosedwithoutthedatasubject’sconsent;
4. Security—collecteddatashouldbekeptsecurefromanypotentialabuses;
5. Disclosure—datasubjectsshouldbeinformedastowhoiscollectingtheirdata;
6. Access—datasubjectsshouldbeallowedtoaccesstheirdataandmakecorrectionstoanyinaccuratedata;and
7. Accountability—datasubjectsshouldhaveamethodavailabletothemtoholddatacollectorsaccountableforfollowingtheaboveprinciples
Onlinevs.offlineprivacy
• Wearewearyofpeoplethatmightapproachusinourdailylife,butwereactdifferenttostrangerswemeetonline.
• Thisbehaviorisseenonpeoplefromallages,fromchildrentoadults.
• Thereisarealdisconnectbetweenonlineandofflinenotionsofprivacy.
Hardware
• Socialnetworkscanbeaccessedbyalargenumberofdifferentdevices.
• Laptopanddesktopcomputersgiveaccesstobetter“views”ofthenetworksite,butlimitthespontaneityofsharing.
• Cellphonesandtabletsprovideeasyaccesstothesocialnetworksandenablequicksharingofphotosandgeo-location.
PrivacyInvasionExperiment
Informationprivacy
• Informationprivacy,or dataprivacy(ordataprotection),istherelationshipbetweencollectionanddisseminationof data,technology,thepublic expectationofprivacy,andthe legal andpolitical issuessurroundingthem.
Privacytypes
• Socialprivacy:howpeopleprotectthemselvesfromotherusers
• Institutionalprivacy:howthecompanythatrunsthesocialnetworkusespeople’sdata
• Concern:theheightenedvisibilitythatistheresultofhavingalargenumberoffriends,includingpeopleindifferentages→socialsurveillanceandsocialcontrol
Privacyissuesofsocialnetworkingsites
• Socialnetworks keeptrackofallinteractionsusedontheirsitesandsavethemforlateruse.
• Issuesinclude:– Cyber-stalking,– locationdisclosure,– socialprofiling,– dataleakageandinformationintegration,– 3rdpartypersonalinformationdisclosure,– government useofsocialnetworkwebsitesininvestigationswithoutthesafeguardofa searchwarrant.
Impact
• Theprivacyimpactofsocialnetworksshouldnotbeunderestimated.
• Manyusersdonotseemtorealizethattheirfreeuseofsocialnetworkshasanindirectbutsteepeffectthroughtheexposureoftheirownpersonaldata.
• Inaddition,manyusersdonotrealizewhichimpacttheyhaveontheprivacyoftheirfriendsandfamilieswhentheypublishinformationaboutthem.
UnboundedaudienceMarwickandBoyd(2011)
“WemayunderstandthattheTwitterorFacebookaudienceispotentiallylimitless,but
weoftenactasifitwerebounded”
PrivacyAwareness
• Privacyissuesoftenonlybecomeapparentwhenitisalreadytoolate.
• Itispracticallyimpossibletopredict(all)negativeconsequencesoftheuseofpersonaldata.
• Evenifonecanforeseeafew,theyareveryabstract,distantanduncertain.
Example:ConsequencesforCollegeApplications
• Collegescurrentlyusesocialmediasitestorecruitnewstudents.
• OfthoseadmissionofficersthatvisitedapplicantsSNS,35%discoveredsomethingnegativeabouttheapplicant.
(Kaplan’sCollegeAdmissionsSurvey)
Example:ConsequencesintheJobHunting
• 93%ofrecruitersreviewacandidate’sonlinepresenceaspartofthescreeningprocess.
• 42%havereconsideredcandidatesbasedontheironlinepresence(bothnegativelyandpositively)
• Evenspellingandgrammaticalerrorsinfluencerecruitersnegatively(61%)
• Posts/Tweetsaboutvolunteeringandcharitydonationsinfluencerecruiterspositively(65%)
(Jobvite SocialRecruitingSurvey,2013)
Meanstoachieveprivacy
• Withdrawalfromsocietyactivities• Withphysicalorpsychologicalmeans,insolitudeorinasmallgroupofpeople
• Anonymity:theDarkWeb;disablecookies;IPhiding.
• Live“off-line”
LessprivacyintheFuture
• Evenifanindividualmightknowintellectuallythattheusagemighthavenegativeconsequences,thisisnotgoingtochangebehaviorthatmuch.
• Oursearch-history,location-data,browsing-habits,reading-behaviorandmuchmore,iscollectedand/orusedtoadegreewecanbarelyimagine.
• Technology,nowadays,allowsforunprecedentedformsofdata-matching,de-anonimizationanddatamining,allcontributingtoextensive‘digitaldossiers’.
II- PrivacyIssues
TheEconomicsofPrivacy
• Companiescandeterminewhataddsyouseeonline,whatproductstorecommendyou,evenwhatarticlestoread,basedonyourpreviousbehavior.
• Companiesadopta“collectfirst,askquestionslater”policy.
• Somearesellingconsumer-specificdataforpurposesthatfallrightontheboundariesoftheFairCreditReportingActandotherlaws.
TheEconomicsofPrivacy
• CampaignGrid(Republicans)andPrecisionNetwork(Democrats)havepoliticalinformationon150millionAmericanInternetusers,orroughly80percentofthenation'sregisteredvoters.
Maincausesofprivacyissues
• Datapublicallyavailable• Blurredornopersonalboundaries• Userhaslimitedcontroloverinformationdisseminationortransfer
• Foralongperiodoftime;forever?• Hardtoremoveaderogatorypostorcomment• Netetiquettedifferentfromfacetofaceetiquette• Newcasesnotconsideredbyexistinglaw
InformationLeakageandLinkage
• Informationleakage happenswheneverasystemthatisdesignedtobeclosedtoan eavesdropper revealssomeinformationtounauthorizedpartiesnonetheless.
• Informationlinkage isjoiningtogetheroftwodatasetstoproduceonesingledataset.Inshortitispossibletouseinformationleakedfromsocialnetworkstosniffoutinformationprivatetotheuser,suchasemailaddresses,IDnumbers,etc.
• LinkagecannothappenwithoutLeakage.Somemeasureofleakageisunavoidable.
Identityinsocialnetworks
• True• Partiallyconcealed• Anonymous• 2nd life;alterego
AppsandInformationLeakage
• Appswithinsocialnetworks(games,messengers,utilities,musicapps,etc.)areanimportantsourceofleakage.
• Peoplewillshareaddressbooks,phonenumbers,creditcardnumbers,etc.withapplicationsthathavelittleornosecurityandmayevenbemalicious.
• Thisbehaviouristhesameinphoneapps.
TheInternetdoesnotforget.
• ‘RighttobeForgotten’:Therightofindividualstohavetheirdatanolongerprocessedanddeletedwhentheyarenolongerneededforlegitimatepurposes.
• The‘righttobeforgotten’clearlytakesaproprietaryapproachtoprivacyprotection.Itsscope,therefore,stronglydependsonaclearandconsistentdefinitionof‘personaldata’.
CompromisedPrivacy:Findinguseridentity
• GenericSearches(Google,Yahoo,etc.)• Fromuserpublicprofile• Matchingdataacrosssites• Exploitphotosandvideotagsandgeo-tags.
SecurityThreatsofunsecuredaccess
• Hackers• Identitythieves• Governmentglobalknowledge
SecureList.comKapersky.com
Cookies
• CookiesareawayofstoringpersistentclientdatasothatasitecanmaintaininformationonauseracrossHTTPconnections(textfiles).
• Informationstoredrangesfrom– ShoppingCarts,– Forms,AddressesandPersonalinformation(usernamesandpasswords),
– Logininformation
• Mainculpritofinformationleakage.
Issuesbeyondsecurity
• Baduserbehavior(badlanguage,cyberbullying,anonymousthreats)
• Inabilitytocontrolsocialspheres• Blurredboundariesbetweenacquaintances,friends,relatives
• Theuserisresponsibleformanagingwhatisdisclosed,notanorganization
Furtherprivacyissuesevenwhenuserwillinglyagreestodisclosure
• Opendiscussionofpersonalinformationamongcontacts,
• Thepostingandtaggingofphotographsthatidentifyotherusers,
• Disclosureofdemographicdata,• Postingpersonalinformationonprofilepagesthatimplicatesotherusers
Whocandisclosedata?
• Personhimself/herself• Afriendorrelative• A3rd party
Socialaspects
SocialNetworksarearecentphenomenonandassuchtherearenoexisting,clearsocialconventionsabouttheiruse.Example:ignore“friend”requests.
Otherusersconsiderthenumberoffriendsasastatussymbol,effectivelycausingtheboundariesbetweenprivatelifeandprofessionallifetobecomeincreasinglyblurred.
SocialContextCollapse
• Socialnetworkcollapseistheflatteningoutofmultipledistinctaudiencesinone'ssocialnetwork.
• Peoplefromdifferentcontextsbecomepartofasingulargroupofmessagerecipients.Userscanquicklydiffuseinformationacrosstheirentirenetworkandfacilitateinteractionacrossdiversegroupsofindividualswhowouldotherwisebeunlikelytocommunicate.
LegalCausePrivacyPoliciesandUsersRights
• Writteninvaguelegalese• Peopledonotreadthem• Networkexternalities,lock-inandthelackofvalidalternativesoftenforcepeopleintoconsenting.
LegalIssuesRegulation
• Low:3rd worldcountries• Medium:US• High:Europe
Legalissuesboundaryblurred
• Personal• Business• Government
Personal
CommercialLegal
Commercialadvantage
• Targetedadvertising• Userprofiling
350 525775
1100
1700
2700
4400
0500
100015002000250030003500400045005000
2006 2007 2008 2009 2010 2011 2012
Spen
dinginM
illionsofD
ollars
Year
USSpendingsinOnlineTargetedAdvertising
Jansen, Bernard, et al. "To what degree can log data profile a web searcher?. "Proceedings of the American Society for Information Science and Technology46.1 (2009): 1-19.
Commercialadvantage:Facebook
• Sellingtargetedadvertising• Virtualcurrency(Facebookcredits)• Facebookappsandgamescollectinformationaboutyourhabitsandaboutyourfriends,withoutyourknowledgeorconsent.
TheSituationinUSA
Thereiscurrentlynofederalonlineprivacylaw,whichmakesitessentiallyimpossibleforgovernmentagenciesliketheFederalTradeCommissiontogoafterInternetcompaniesunlesstheyviolatetheirownpublishedprivacypolicies.
TheSituationinUSA
• TherearesomerulesinplacetodealwithPrivacyinregardstochildrenundertheageof13.
• TheChildren'sOnlinePrivacyProtectionAct(orCOPPA)waspassedin1998.
• AnewsetofruleswaspublishedbytheFTC(Dec2012)clarifyingwhatisorisn’tallowed.
NewFTCRules
• Makeclearthatthe"personalinformation"thatcan'tbecollectedwithoutparentalconsentincludesgeo-locationinformation,photographs,andvideos
• Makeclearthatthirdparties(likeadvertisingnetworks)mustalsocomplywithCOPPA
• Closealoopholethatallowedkids'informationtobecollectedviaplug-inswithoutparentalnotice
• Clarifythat"persistentidentifiers"arealsoprotectedinformation,likeIPaddressesandmobiledeviceIDs
• Requirethatwebsitesaimedatkidshave"reasonableprocedures"fordataretentionanddeletion
TheSituationinUSA(Cont)
• Legislationhasbeenproposedtoinclude“DoNotTrack”optionsonwebbrowsers.
• Thislegislationisnotpoliticallyviableduetooppositionfromthebusinesscommunity.
III- ControllingPrivacy
AutomaticallyCollectedComputerData
• IPaddress• Computername• Linkingdataacrossdifferentsites• Time,date• Location• Mechanism:Cookies
Informationcollectedwithcookies
• GeographicalLocation• Detaileddate/time• Computername,id• IPaddress,MAC• Loggedinusername• Otherwebpagesvisited• Formdata
ComputerDataManuallyEntered
• Personalinformation• Comments• Photos,Video
Socialnetworks:usersanddata
• Parties– Socialnetworkoperators– Users– Applicationproviders
• Rolestomanagedata– Datacontroller– Dataprocessor– Dataprovider
Palliative:PrivacySettings
• Extensivesetsofprivacycontrolsdifferentlevelsofsociability
• Shieldcontentsharing• Potentialproblem:usersarenotabletoproperlyutilizetheprivacysettingsprovidedbySNSs• Controlsaredifficulttounderstandandmostusersjust
leavetherecommendedsettings(preferredbytheSSN)
Privacycontrol
• WhointhenetworkcanaccessinformationinyourpersonalFacebookprofile?
• CanyoufindtheminimumageforusingFacebook?
• HowcanyouchangeyourFacebooksettingstorestrictvisibilitytoyourprofile?
• HowcanyouchangeyourFacebooksettingssothatyouarealertedwhenyouaretaggedinaphoto?
Controllingaccesstodata
• Limited• Site-dependent• Difficulttounderstandlegallanguage• Impossibletoknowifotherpersondisclosesdata
• Transferrable
Dilemma
• Ineithercasebelow,theconsequenceisundesirable:– ifprivacyisprotected,thensociabilityandcontentsharingwillbecompromised,
– whereasifsociabilityandcontentsharingarepromoted,thenprivacywillsuffer.
PrivacySociability
Implications
• Increasedsocialutilityandagrowingsocialdiversityoftheuserpopulation,whichhelpuserstobereadilyavailableandvisibletoalotofpeople:“allfriendsinone-placesolution.”
• SNSprofilesmixfriends,family,co-workers,andbusinesscontacts
• Nosimpleandadequatewaytoseparatethemandkeepsomepartsoftheinformationprivate
ComparisonoftheYoungerAdultSampleandtheOlderAdultSampleinRegardtoSocialPractices
YoungAdult• UsesSNSforshortperiodsof
time,butmanytimesaday• Mainlycontactswithfriends
thattheyseeeveryday• UsesSNSforcoordinationwith
friends,flirtingandphotosharing
• Usuallysharelargeamountsofphotosandvideosfromsocialgatherings
• Infrequentstatusupdates
OlderAdult• UsesSNSforfewerlonger
sessions• Mainlycontactwithfamilyand
oldfriendsthatarenotseenoften
• Usesthemforgettingintouchwitholdfriends,nostalgia
• Sharesphotoslessoften(rarelyvideos)mainlyofvacations
• Frequentstatusupdates
ComparisonoftheYoungerAdultSampleandtheOlderAdultSampleinRegardtoPrivacy
YoungAdult• Confidentintheusageand
knowledgeofprivacycontrols
• Thinksotherpeoplearemorelikelytohaveproblemswithprivacy
• Concernedaboutprivacyinthecontextofjobhunting.NotconcernedwiththeuseofinformationbytheSNS
OlderAdult• Lessconfident.Usuallyask
forhelpfromtheyoungeradultsinthehousehold
• Manyprivacyconcerns,inparticularregardingtheyoungergenerations
• Concernedbutlessawareofprivacyissue.MaythinkthatburglarsmightuseSNStocasetheirhomes,forinstance
LowestCommonDenominatorStrategy
• Individualsforwhomamessageisnotintendedbutwouldreceivethemessagenonetheless.
• Erronthesideofcaution:Ifanyoftheseindividualswouldfindthemessageproblematic,itshouldnotbeposted.
PrivacyPreservationCosts
• Requiredfromtheuserinordertomakeuseofthesite'sprivacyfeatures:– Timerequiredtounderstandandoperatethemyriadofdifferentusersettings.
– Knowledgeoftheintricaciesoftheparticularsocialnetwork.
– Thetimeandknowledgeinvestedinonenetworkisnottransferrabletoanother.
Limitationprinciple
• Confiningdataprocessingtoapreviouslydefinedscope:mightseemtorestricttheamountofpotentialharmintheory.
• Butinanever-increasingpersonalizedweb(whereeverypieceofpersonaldatacanbeconsideredas‘useful’),thevalueofthisprinciplehasbecomequestionabletoo.
Settings
• Usersmaynotbewell-versedinprivacysettingsorunwillingtotakethetimetochangesettings.
• Distributingcontenttoone'sentirenetworkappearstocarryalowercostintermsoftime,knowledge,andskills.However,suchstrategiesmaynegativelyimpactrelationshipsonthesite,especiallyifthemajorityofpostsarerelevanttoaminorityofFriends.
• Whileindividualschoosingalowestcommondenominatorapproachmayavoidalienatingfriendswithirrelevantcontent,theymayalsomissthebenefitsderivedfrominteractionswithallmembersoftheirnetworks.
Additionalautomatedsourcesofinformation
• Recognition– face– voice
• “sway”userintotagging
Concern:StatusPublicChannels
• Statusupdatesprovidethequickestmethodthroughwhichonecandistributemessagestoawideaudience
• ItmaybemorelikelytobeusedevenwhenthemessageisonlyrelevanttoasubsetofFriends.
ControlDataTransfer
• Request‘personaldata’tobedeletedononesite
• Deletionmayimplyjusthidingdata;notshreddingit
• Meanwhiletheinformationmighthavebeencopiedand/or‘anonymized’already.
Solutionstocontroldatasharingandtransfer
• awareness-raising,• transparency,• clearerprivacynotices,• data-minimization,• strictercontrolonthepurposelimitationprinciple,‘anonymisation’,
• transparency,• encryption,
Anonymization• Majorlineofdefense.• Therightdoesnotofferany
solution.• Individualsmaybe
profiled/targetedextensivelyandtheirdatamight(in)directlybeusedforcomprehensivedata-mining,
• Theindividualcannothavea‘righttobeforgotten’withregardtothisinformation.
• AnExtremeExample:TheTorNetwork:TheDeepWeb.
AnonymizationSolutions:Catch22
• Anonymizationmeasuresprevent(potentiallyharmful)informationtobeshared
• But,inanever-increasingsocialInternet,manyfeaturesdependondisclosingpersonaldata.
Examples:PrivacyControlFeatures
• Facebook• Twitter• Snapchat• Foursquare
• Overwhelming• 5groups• Finegrained• Constantlychanging• Pre-definedoptions:Friends,Public,Custom• Learningcurve
• Theprivacysettingsarebasic• MuchsimplerthanFB.• Profilescanbepublicorprivate.• YourBio,nameandTwitterhandlealwaysvisible
• Emailaddressisprivate• Guardsagainstidentitytheft
Snapchat
Snapchat isa photomessagingapplication.Usingtheapp,userscantakephotos,recordvideos,addtextanddrawings,andsendthemtoacontrolledlistofrecipients.Thesesentphotographsandvideosareknownas"Snaps".UserssetatimelimitforhowlongrecipientscanviewtheirSnaps(asofDecember2013,therangeisfrom1to10seconds), afterwhichtheywillbehiddenfromtherecipient'sdeviceandkeptonSnapchat'sserversforever
Snapchat
• Snapchat hastwoprivacysettings,oneforwhocansendyouSnapsandanotherforwhocanseeyourStories.Bothhavetwooptions"Everyone"and"MyFriends."
• Bydefault,onlyusersyouaddtoyourfriendslistcansendyouSnaps.IfaSnapchatter youhaven'taddedasafriendtriestosendyouaSnap,you'llreceiveanotificationthattheyaddedyou,butyouwillnotreceivetheSnaptheysentunlessyouaddthemtoyourfriendslist.
• UsernamesandpersonalphonenumbersofmillionsofusershavebeenstolenandpostedonlinethroughawebsiteentitledSnapchatDB.
Foursquare
Therearecertaindatathatwillalwaysbepublic.Thisincludesyourname,yourhometown(i.e.“location”inyourprofile),yourbio,yourprofilepictureandotherpublicphotos,yourlikes,yourtips,yourlists,andyourfriends.Theonlywaytohidethisinfoistoeithernotincludeit,ortochangeitsoitdoesn’tactuallyrevealanypersonalinformationaboutyou.Ifyoudon’t,thisinformationcaneasilybefoundthroughasimpleGoogle searchforyourname,orotheronlineoutlets.
Your“OnlineBrand”
• Inbusinessterms,abrandcomprisesallofthethingsthatmakeupacompany’sidentitytocustomers,fromitscorporatelogotothenamesforitsproducts.Becauseastrongbrandissoimportanttoacompany’sreputationandsuccess,executivestakegreatpainstoprotecttheirbrand
• Withhigh-poweredsearchengineslikeGoogleandBing,findinginformationaboutapotentialjobapplicant,businesspartner,ordate,iseasierthanever.Byapplyingtheprinciplesofbusinessbrandingandonlinereputationmanagementtoyourself,youcanmakesurethatyournamelooksgoodinsearchresults.
IV- StrategiesforSafeSharingTipsandadvice
Howtoprotectyour“OnlineBrand”
• Takechargeofyour“onlinereputation”– FindoutwhatisontheInternetaboutyou
• Usesearchengines• Searchblogsandsocialnetworks
– Evaluateyouronlinereputation• Doestheinformationaboutyoureflecthowyouwantotherstoperceiveyou?
– Protectyouronlinereputation• Thinkbeforeyoushare• Treatothersasyouwouldliketobetreated• StayvigilantaboutwhattheInternetissayingaboutyou
RestoreyourOnlineReputation
• Ifyoufindinformationaboutyourselfthatdoesnotfitthereputationyouwant,actquickly.Thelongeritstayspublic,thegreaterthechancethatitwillbespreadorarchived.
• Inarespectfulway,askthepersonwhopostedittoremoveitorcorrectanerror.Ifitisacorrection,askhimorhertoincludeanotice(CORRECTIONorUPDATED)rightnexttotheoriginal(incorrect)material.
• Ifthepersondoesnotrespondorrefusestohelp,askthewebsiteadministratortoremovethedigitaldamage.
• Ifyoufeelapubliccorrectionisnecessary,presentyourcasesimplyandpolitelywithoutattackingtheperson.
(http://www.microsoft.com/security/online-privacy/reputation.aspx)
SaferOnlineSocializing
• Setyourboundaries:– Thinkcarefullyabouthowpublicyouwantyourprofileorblogtobe
– Evaluatethesocialsitebeforeyouuseit
• Beselectiveaboutfriends:– Thinktwiceaboutwhoyouacceptasafriend– Periodicallyreassesswhohasaccess– Reviewwhatyourfriendswriteaboutyou
SaferOnlineSocializing
• Thinkbeforeyoupost– Chooseausernamethatdoesn’tattractunwantedattentionorhelpsomeonefindyou
– Donotovershare– Treatothersasyouwouldliketobetreated– Thinkaboutthefutureofyourinformationontheweb
• Defendyourcomputeragainstonlinethreats– Bewaryaboutclickinglinks– Buildupyourcomputer’sdefencesandkeepthemuptodate
– Becarefulaboutinstallingadd-onapps
SaferOnlineSocializing
• ReportIssues:Noonehastherighttothreatenorupsetyou.Report:
– AnynegativeincidentstotheWebservice,includingcontentthatexploitsminors,obsceneorhatefulmaterial,inappropriatebehaviour,ortheftofyouraccount.
– Continuedharassmentorphysicalthreatstolocallawenforcement.– IdentitythefttotheU.S.FederalTradeCommission(FTC)at
ftc.gov/idtheft orcalltollfree:(877)438-4338.– ScamsorfraudtotheFTC.Gotoftc.gov/bcp/consumer.shtm andclick
FileaComplaint,orcalltollfree:(877)382-4357.(http://go.microsoft.com/?linkid=9708812)
SocialNetworksandGaming
• Socialgamingnetworksareaproofofthat:– Socialnetworksfosteredbythegamingcompanies:XboxLive,PlaystationNetwork,NintendoNetwork,etc.
– Socialnetworksmaintainedbyusers:Raptr,Playfire,Duxter,etc.
SafeGaming
• Educateyourselfandyourkidsabouttherisks:– Kidsplayalone,withothersintheroom,oronline.Theyplayagainstthegameitselforanotherperson,withateamofseveralplayers,oringameswhichmayhavehundredsofthousandsplayingatanyonetime.
– Thebadmaydownloadwiththegood:some“free”gamesrequireextensiveprofiles,thenillegallysellyourdata.
– Onlinebullying:Somegamersplaysimplytoharassandtauntotherplayers.
– Badpeoplemaybefriendkids,andthroughthesesocialgamingsitesobtainpersonalinformationthatmightleadtoharm.
Conclusions
• Privacynolongerviable• Companieshungryfordata• Weshouldbecomeawareofprivacyissues• Goal:safety+privacy,preserving“personalbrand”