A Critical Look at Decentralized Personal Data Architectures

While the Internet was conceived as a decentralized network, the most widely used web applications today tend toward centralization. Control increasingly rests with centralized service providers who, as a consequence, have also amassed unprecedented amounts of data about the behaviors and personalities of individuals. Developers, regulators, and consumer advocates have looked to alternative decentralized architectures as the natural response to threats posed by these centralized services. The result has been a great variety of solutions that include personal data stores (PDS), infomediaries, Vendor Relationship Management (VRM) systems, and federated and distributed social networks. And yet, for all these eorts, decentralized personal data architectures have seen little adoption. This position paper attempts to account for these failures, challenging the accepted wisdom in the web community on the feasibility and desirability of these approaches. We start with a historical discussion of the development of various categories of decentralized personal data architectures. Then we survey the main ideas to illustrate the common themes among these eorts. We tease apart the design characteristics of these systems from the social values that they (are intended to) promote. We use this understanding to point out numerous drawbacks of the decentralization paradigm, some inherent and others incidental. We end with recommendations for designers of these systems for working towards goals that are achievable, but perhaps more limited in scope and ambition.

[1]  Y. Peles Economies of Scale in Advertising Beer and Cigarettes , 1971 .

[2]  J Hagel,et al.  The coming battle for customer information. , 1997, Harvard business review.

[3]  J. Hagel,et al.  Net Worth: Shaping Markets When Customers Make the Rules , 1999 .

[4]  P. Schwartz Privacy and Democracy in Cyberspace , 2000 .

[5]  Lawrence Lessig,et al.  Code and Other Laws of Cyberspace , 1999 .

[6]  Mark S. Ackerman,et al.  The Intellectual Challenge of CSCW: The Gap Between Social Requirements and Technical Feasibility , 2000, Hum. Comput. Interact..

[7]  Jason Catlett Panel on infomediaries and negotiated privacy techniques , 2000, CFP '00.

[8]  Alexander Dix Infomediaries and negotiated privacy techniques , 2000, CFP '00.

[9]  Mark Cenite Code and Other Laws of Cyberspace , 2000 .

[10]  C. Shapiro Setting Compatibility Standards: Cooperation or Collusion? , 2000 .

[11]  Beth Givens Infomediaries and negotiated privacy: resources , 2000, CFP '00.

[12]  R. Dreyfuss,et al.  Expanding the boundaries of intellectual property : innovation policy for the knowledge society , 2001 .

[13]  Yuxin Chen,et al.  Referral Infomediaries and Retail Competition , 2001 .

[14]  I. Ayres,et al.  Marketing Privacy: A Solution for the Blight of Telemarketing (and Spam and Junk Mail) , 2002 .

[15]  Ian Clarke,et al.  Protecting Free Expression Online with Freenet , 2002, IEEE Internet Comput..

[16]  Ralph A. Winter,et al.  Review of Marketing Science Working Papers , 2002 .

[17]  T. Daley When speed matters , 2003 .

[18]  Paul M. Schwartz,et al.  Property, Privacy, and Personal Data , 2004 .

[19]  H. Nissenbaum Privacy as contextual integrity , 2004 .

[20]  E. Goldman A Coasean Analysis of Marketing , 2006 .

[21]  J. Zittrain The Future of the Internet , 2008 .

[22]  A. Mitchell,et al.  Reinventing direct marketing — with VRM inside , 2008 .

[23]  Saikat Guha,et al.  NOYB: privacy in online social networks , 2008, WOSN '08.

[24]  Nikita Borisov,et al.  FlyByNight: mitigating the privacy risks of social networking , 2008, WPES '08.

[25]  Refik Molva,et al.  Safebook: A privacy-preserving online social network leveraging on real-life trust , 2009, IEEE Communications Magazine.

[26]  Alec Wolman,et al.  Lockr: better privacy for social networks , 2009, CoNEXT '09.

[27]  Ramón Cáceres,et al.  Privacy, cost, and availability tradeoffs in decentralized OSNs , 2009, WOSN '09.

[28]  Sonja Buchegger,et al.  PeerSoN: P2P social networking: early experiences and insights , 2009, SNS '09.

[29]  Bobby Bhattacharjee,et al.  Persona: an online social network with user-defined privacy , 2009, SIGCOMM '09.

[30]  Qi Xie,et al.  FaceCloak: An Architecture for User Privacy on Social Networking Sites , 2009, 2009 International Conference on Computational Science and Engineering.

[31]  Helen Nissenbaum,et al.  Privacy in Context - Technology, Policy, and the Integrity of Social Life , 2009 .

[32]  Helen Nissenbaum,et al.  Adnostic: Privacy Preserving Targeted Advertising , 2010, NDSS.

[33]  Deborah Estrin,et al.  Personal data vaults: a locus of control for personal data streams , 2010, CoNEXT.

[34]  Scott R. Peppet Unraveling Privacy: The Personal Prospectus & the Threat of a Full Disclosure Future , 2010 .

[35]  Deborah Estrin,et al.  Self-Surveillance Privacy , 2010 .

[36]  Erdong Chen,et al.  Facebook immune system , 2011, SNS '11.

[37]  Gang Wang,et al.  Privacy, availability and economics in the Polaris mobile social network , 2011, HotMobile '11.

[38]  Markulf Kohlweiss,et al.  Scramble! Your Social Network Data , 2011, PETS.

[39]  Mahesh Balakrishnan,et al.  Contrail: Enabling Decentralized Social Networks on Smartphones , 2011, Middleware.

[40]  Ramón Cáceres,et al.  Vis-à-Vis: Privacy-preserving online social networking via Virtual Individual Servers , 2011, 2011 Third International Conference on Communication Systems and Networks (COMSNETS 2011).

[41]  M. Wendy Hennequin,et al.  The Future of the Internet and How to Stop It , 2011 .

[42]  A. Marciano Ronald Coase, “The Problem of Social Cost” and The Coase Theorem: An anniversary celebration , 2011 .

[43]  Liviu Iftode,et al.  Social Butterfly: Social Caches for Distributed Social Networks , 2011, 2011 IEEE Third Int'l Conference on Privacy, Security, Risk and Trust and 2011 IEEE Third Int'l Conference on Social Computing.

[44]  Michael Backes,et al.  A Security API for Distributed Social Networks , 2011, NDSS.

[45]  Giancarlo Ruffo,et al.  LotusNet: Tunable privacy for distributed online social network services , 2012, Comput. Commun..

[46]  Woodrow Hartzog,et al.  The Case for Online Obscurity , 2012 .

[47]  T. Rob The personal cloud , 2013 .