Embed Size (px)
Citation preview
Privacy Seminar - Social Networks
Robert Kleinpenning & Judith van Stegeren
5th June 2015
Defining social networks
What is a social network anyway?
Defining social networks
What is a social network anyway?
Defining social networks
What is a social network anyway?
Defining social networks
What is a social network anyway?
Issues surrounding social networks
I “Sharing is caring”
I “If it’s free, you’re the product.”
I Many different ‘adversaries’.
I ...and many others.
Issues surrounding social networks
Metadata & manipulation
Issues surrounding social networks
Metadata & manipulation
Issues surrounding social networks
Some social networks provide privacy controls.But are these effective?
Issues surrounding social networks
Some data brokers anonymize the data before sharing it withthird parties. Is this enough?
Issues surrounding social networks
Some social networks have a business model based on sellinguser data. Is this legal?
Legal aspects: NL
Recap of privacy legislation in The Netherlands
I Wet Bescherming Persoonsgegevens (WPB)
I implementation of Data Protection Directive (95/46/EG)
I College Bescherming Persoonsgegevens (CBP)
Legal aspects: NL
Contents of Dutch privacy law
I Specification of purpose
I collected for the fulfillment of the purpose
I only relevant data
I ground for processing (consent, contract, public task, ...)
I report to CBP
Legal aspects: EU
Recap of privacy legislation in The European Union
I European Convention on Human Rights (ECHR)
I Charter of Fundamental Rights of the European Union
I Data Protection Directive (95/46/EG)
I ePrivacy Directive (2002/58/EC)
I Cookie Directive (2009/136/EC)
Legal aspects: EU
Article 8 from Charter of Fundamental Rights of theEuropean Union
I “Everyone has the right to the protection of personal dataconcerning him or her.”
I “Such data must be processed fairly for specified purposesand on the basis of the consent of the person concerned orsome other legitimate basis laid down by law. Everyone hasthe right of access to data which has been collectedconcerning him or her, and the right to have it rectified.”
Legal aspects: EU
Definitions from the Data Protection Directive
I Article 2a: personal data“Any information relating to an identified or identifiablenatural person (one who can be identified, directly orindirectly, in particular by reference to an identificationnumber or to one or more factors specific to his physical,physiological, mental, economic, cultural or social identity)”
I Article 2b: processing“Any operation or set of operations which is performed uponpersonal data, whether or not by automatic means, such ascollection, recording, organization, storage, adaptation oralteration, retrieval, consultation, use, disclosure bytransmission, dissemination or otherwise making available,alignment or combination, blocking, erasure or destruction.”
Legal aspects: EU
European Court of JusticeI Lindqvist case
I processing without reporting to DPAI transborder flowI processing sensitive personal data without consent
I Advice of European Court is binding
Legal aspects: EU
I Article 29 working party
I Representatives of member state Data Protection Authorities
I Opinion on Social Networks (2009)
I Influential on European and national level
Legal aspects: EU
Highlights from Opinion on Social Networks
I Sometimes the user is also data controller
I SNS should provide clear information regarding purpose ofdata collection, prior to processing.
I SNS should provide privacy-friendly settings by default.
I SNS must set maximum periods to retain data on inactiveusers. Abandoned accounts must be deleted.
I Users should, in general, be allowed to adopt a pseudonym.
I The Data Protection Directive generally applies to theprocessing of personal data by SNS, even when theirheadquarters are outside of the EEA.
Legal aspects: EU
Legal aspects: EU
Highlights from Opinion on Social Networks
I Sometimes the user is also data controller
I SNS should provide clear information regarding purpose ofdata collection, prior to processing.
I SNS should provide privacy-friendly settings by default.
I SNS must set maximum periods to retain data on inactiveusers. Abandoned accounts must be deleted.
I Users should, in general, be allowed to adopt a pseudonym.
I The Data Protection Directive generally applies to theprocessing of personal data by SNS, even when theirheadquarters are outside of the EEA.
Legal aspects: EU
Transborder flow of personal data
I Distinction: EU and non-EU
I EU and EEA: Data Protection Directive implementations
I Non-EU: guarantee adequacy of data protection
Legal aspects: EU
Safe Harbor Principles
I USA: no adequate protection
I Department of Commerce made Safe Harbor list
I Facebook promises to adhere to the rules of the Europeancountries.
Legal aspects: EU
Does Facebook follow the European/Dutch legislation?
I Investigations into Safe Harbor Framework
I Investigations into compliance with WBP
Break
Privacy Enhancing Technologies
I Diaspora*
I ShadowCrypt
I Multi-Party Privacy
Diaspora*
I servers not owned by a single companyI but by multiple ordinary peopleI this changes applicability of certain laws
I no (big) data mining
I remain data owner
Diaspora*
I allow users to post to their other social networks (crossposting)
I you can just select a random pod, and sign up
I it has basic features of social networks
I aspects
I deleted = deleted
I no tampering with the ”stream”
I no business model
Diaspora*
Diaspora*
I a pod can be difficult to setup
I facebook makes it difficult to give your pod access.
I slow development
I lacks features
I has bugs
Diaspora*your friends are probably not there
Diaspora*
I no big data mining
I decentralized
I no business model
ShadowCrypt
I https://github.com/sunblaze-ucb/shadowcrypt
I browser plugin
I prototype
ShadowCrypt
ShadowCrypt
ShadowCrypt
ShadowCrypt
ShadowCrypt
I symmetric key encryptionI manually share key with friends
I using export string
I uses a Shadow DOM
Shadow DOM
I upcoming w3c standard
I a second DOM outside the normal DOM
I original DOM and javascript cannot access the Shadow DOM
I ShadowCrypt stops keystroke event propagation
I supports multiple keys for the same domain for decryption
I users can only select 1 key for encryption
Multi-Party Privacy
I different modes of sharing
I ”My facebook is completely closed off!”
I audiancesI privacy conflicts
I friendshipI wallposts and tagging
I group membershipI fan pagesI event attendance
Example case
Alice uploads a picture of (Alice and) Bob on her owntimeline and Eve tags BobBoth the audiances of Alice and Bob can now see the image
I Bob doesn’t want this
I What are his options?
Formalizing Privacy Conflicts
Formalizing Privacy Conflicts
I Privacy conflicts
Formalizing Privacy Conflicts
I Mutual privacy policy
Formalizing Privacy Conflicts
Unreleased prototypehides
I posts
I names
I friendships
Questions?
