Analyzing facebook privacy settings: user expectations vs. reality

The sharing of personal data has emerged as a popular activity over online social networking sites like Facebook. As a result, the issue of online social network privacy has received significant attention in both the research literature and the mainstream media. Our overarching goal is to improve defaults and provide better tools for managing privacy, but we are limited by the fact that the full extent of the privacy problem remains unknown; there is little quantification of the incidence of incorrect privacy settings or the difficulty users face when managing their privacy. In this paper, we focus on measuring the disparity between the desired and actual privacy settings, quantifying the magnitude of the problem of managing privacy. We deploy a survey, implemented as a Facebook application, to 200 Facebook users recruited via Amazon Mechanical Turk. We find that 36% of content remains shared with the default privacy settings. We also find that, overall, privacy settings match users' expectations only 37% of the time, and when incorrect, almost always expose content to more users than expected. Finally, we explore how our results have potential to assist users in selecting appropriate privacy settings by examining the user-created friend lists. We find that these have significant correlation with the social network, suggesting that information from the social network may be helpful in implementing new tools for managing privacy.

[1]  Krishna P. Gummadi,et al.  You are who you know: inferring user profiles in online social networks , 2010, WSDM '10.

[2]  Mary Beth Rosson,et al.  journal homepage: www.elsevier.com/locate/ecra Privacy as information access and illusory control: The case of the Facebook News Feed privacy outcry , 2022 .

[3]  Balachander Krishnamurthy,et al.  On the leakage of personally identifiable information via online social networks , 2009, CCRV.

[4]  Philip W. L. Fong,et al.  A Privacy Preservation Model for Facebook-Style Social Network Systems , 2009, ESORICS.

[5]  Claudio Castellano,et al.  Defining and identifying communities in networks. , 2003, Proceedings of the National Academy of Sciences of the United States of America.

[6]  Heather Richter Lipford,et al.  Strategies and struggles with privacy in an online social networking community , 2008, BCS HCI.

[7]  M E J Newman,et al.  Fast algorithm for detecting community structure in networks. , 2003, Physical review. E, Statistical, nonlinear, and soft matter physics.

[8]  David G. Rand,et al.  The online laboratory: conducting experiments in a real labor market , 2010, ArXiv.

[9]  Duncan J. Watts,et al.  Financial incentives and the "performance of crowds" , 2009, HCOMP '09.

[10]  Shyhtsun Felix Wu,et al.  All Friends Are Not Created Equal: An Interaction Intensity Based Approach to Privacy in Online Social Networks , 2009, 2009 International Conference on Computational Science and Engineering.

[11]  M E J Newman,et al.  Modularity and community structure in networks. , 2006, Proceedings of the National Academy of Sciences of the United States of America.

[12]  Steven M. Bellovin,et al.  The Failure of Online Social Network Privacy Settings , 2011 .

[13]  Santo Fortunato,et al.  Community detection in graphs , 2009, ArXiv.

[14]  Kristen LeFevre,et al.  Privacy wizards for social networking sites , 2010, WWW '10.

[15]  Cliff Lampe,et al.  Changes in use and perception of facebook , 2008, CSCW.

[16]  Ben Y. Zhao,et al.  User interactions in social networks and their implications , 2009, EuroSys '09.

[17]  Mor Naaman,et al.  Over-exposed?: privacy patterns and considerations in online and mobile photo sharing , 2007, CHI.

[18]  Bobby Bhattacharjee,et al.  Persona: an online social network with user-defined privacy , 2009, SIGCOMM '09.

[19]  Jacob Kramer-Duffield,et al.  Friends only: examining a privacy-enhancing behavior in facebook , 2010, CHI.

[20]  Balachander Krishnamurthy,et al.  Characterizing privacy in online social networks , 2008, WOSN '08.

[21]  Jean-Loup Guillaume,et al.  Fast unfolding of community hierarchies in large networks , 2008, ArXiv.

[22]  Alessandro Acquisti,et al.  Imagined Communities: Awareness, Information Sharing, and Privacy on the Facebook , 2006, Privacy Enhancing Technologies.

[23]  Heather Richter Lipford,et al.  Moving beyond untagging: photo privacy in a tagged world , 2010, CHI.

[24]  Siddharth Suri,et al.  Conducting behavioral research on Amazon’s Mechanical Turk , 2010, Behavior research methods.

[25]  Heather Richter Lipford,et al.  Understanding Privacy Settings in Facebook with an Audience View , 2008, UPSEC.

[26]  Panagiotis G. Ipeirotis,et al.  Running Experiments on Amazon Mechanical Turk , 2010, Judgment and Decision Making.

[27]  Balachander Krishnamurthy,et al.  I know what you will do next summer , 2010, CCRV.

[28]  Alessandro Acquisti,et al.  Information revelation and privacy in online social networks , 2005, WPES '05.

[29]  Nicholas Christakis,et al.  The Taste for Privacy: An Analysis of College Student Privacy Settings in an Online Social Network , 2008, J. Comput. Mediat. Commun..