Collateral Damage of Facebook Apps: Friends, Providers, and Privacy Interdependence

Third-party apps enable a personalized experience on social networking platforms; however, they give rise to privacy interdependence issues. Apps installed by a user’s friends can collect and potentially misuse her personal data inflicting collateral damage on the user while leaving her without proper means of control. In this paper, we present a multi-faceted study on the collateral information collection of apps in social networks. We conduct a user survey and show that Facebook users are concerned about this issue and the lack of mechanisms to control it. Based on real data, we compute the likelihood of collateral information collection affecting users; we show that the probability is significant and depends on both the friendship network and the popularity of the app. We also show its significance by computing the proportion of exposed user attributes including the case of profiling, when several apps are offered by the same provider. Finally, we propose a privacy dashboard concept enabling users to control the collateral damage.

[1]  Yu Pu,et al.  Using Conjoint Analysis to Investigate the Value of Interdependent Privacy in Social App Adoption Scenarios , 2015, ICIS.

[2]  Edgar R. Weippl,et al.  Appinspect: large-scale evaluation of social networking apps , 2013, COSN '13.

[3]  Danah Boyd,et al.  Social Network Sites: Definition, History, and Scholarship , 2007, J. Comput. Mediat. Commun..

[4]  Byung-Gon Chun,et al.  TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.

[5]  Jens Grossklags,et al.  Third-party apps on Facebook: privacy and the illusion of control , 2011, CHIMIT '11.

[6]  Albert-László Barabási,et al.  Statistical mechanics of complex networks , 2001, ArXiv.

[7]  Lars Backstrom,et al.  The Anatomy of the Facebook Social Graph , 2011, ArXiv.

[8]  Pern Hui Chia,et al.  Interdependent Privacy: Let Me Share Your Data , 2013, Financial Cryptography.

[9]  Bart Preneel,et al.  Collateral Damage of Online Social Network Applications , 2016, ICISSP.

[10]  Byung-Gon Chun,et al.  TaintDroid: an information flow tracking system for real-time privacy monitoring on smartphones , 2014, Commun. ACM.

[11]  Yu Pu,et al.  An Economic Model and Simulation Results of App Adoption Decisions on Networks with Interdependent Privacy Consequences , 2014, GameSec.

[12]  Ben Y. Zhao,et al.  User interactions in social networks and their implications , 2009, EuroSys '09.

[13]  Duncan J. Watts,et al.  Collective dynamics of ‘small-world’ networks , 1998, Nature.

[14]  J. Kagel,et al.  Other Regarding Preferences: A Selective Survey of Experimental Results , 2012 .

[15]  Matthew Louis Mauriello,et al.  User Perception of Facebook App Data Access: A Comparison of Methods and Privacy Concerns , 2016, Future Internet.

[16]  O. J. Vrieze,et al.  Principles and Practice of Marketing , 1988 .

[17]  P. Erdos,et al.  On the evolution of random graphs , 1984 .

[18]  Krishna P. Gummadi,et al.  Measurement and analysis of online social networks , 2007, IMC '07.

[19]  B. Bollobás The evolution of random graphs , 1984 .

[20]  Dale O. Stahl,et al.  Other-regarding Preferences: Egalitarian Warm Glow, Empathy, and Group Size , 2006 .