Face/Off: Preventing Privacy Leakage From Photos in Social Networks

The capabilities of modern devices, coupled with the almost ubiquitous availability of Internet connectivity, have resulted in photos being shared online at an unprecedented scale. This is further amplified by the popularity of social networks and the immediacy they offer in content sharing. Existing access control mechanisms are too coarse-grained to handle cases of conflicting interests between the users associated with a photo; stories of embarrassing or inappropriate photos being widely accessible have become quite common. In this paper, we propose to rethink access control when applied to photos, in a way that allows us to effectively prevent unwanted individuals from recognizing users in a photo. The core concept behind our approach is to change the granularity of access control from the level of the photo to that of a user's personally identifiable information (PII). In this work, we consider the face as the PII. When another user attempts to access a photo, the system determines which faces the user does not have the permission to view, and presents the photo with the restricted faces blurred out. Our system takes advantage of the existing face recognition functionality of social networks, and can interoperate with the current photo-level access control mechanisms. We implement a proof-of-concept application for Facebook, and demonstrate that the performance overhead of our approach is minimal. We also conduct a user study to evaluate the privacy offered by our approach, and find that it effectively prevents users from identifying their contacts in 87.35% of the restricted photos. Finally, our study reveals the misconceptions about the privacy offered by existing mechanisms, and demonstrates that users are positive towards the adoption of an intuitive, straightforward access control mechanism that allows them to manage the visibility of their face in published photos.

[1]  Guillermo Sapiro,et al.  Image inpainting , 2000, SIGGRAPH.

[2]  Patrick Pérez,et al.  Region filling and object removal by exemplar-based image inpainting , 2004, IEEE Transactions on Image Processing.

[3]  Heather Richter Lipford,et al.  Strategies and struggles with privacy in an online social networking community , 2008, BCS HCI.

[4]  Trevor Darrell,et al.  Autotagging Facebook: Social network context improves photo annotation , 2008, 2008 IEEE Computer Society Conference on Computer Vision and Pattern Recognition Workshops.

[5]  Balachander Krishnamurthy,et al.  Characterizing privacy in online social networks , 2008, WOSN '08.

[6]  Stefan Katzenbeisser,et al.  Privacy-Preserving Face Recognition , 2009, Privacy Enhancing Technologies.

[7]  Anna Cinzia Squicciarini,et al.  WWW 2009 MADRID! Track: Security and Privacy / Session: Web Privacy Collective Privacy Management in Social Networks , 2022 .

[8]  Ahmad-Reza Sadeghi,et al.  Efficient Privacy-Preserving Face Recognition , 2009, ICISC.

[9]  Heather Richter Lipford,et al.  Moving beyond untagging: photo privacy in a tagged world , 2010, CHI.

[10]  David M. Nicol,et al.  unFriendly: Multi-party Privacy Risks in Social Networks , 2010, Privacy Enhancing Technologies.

[11]  Richard Chbeir,et al.  The image protector - A flexible security rule specification toolkit , 2011, Proceedings of the International Conference on Security and Cryptography.

[12]  Andrew W. Fitzgibbon,et al.  Real-time human pose recognition in parts from single depth images , 2011, CVPR 2011.

[13]  A. Perrig,et al.  Exploiting Privacy Policy Conflicts in Online Social Networks (CMU-CyLab-12-005) , 2011 .

[14]  Krishna P. Gummadi,et al.  Analyzing facebook privacy settings: user expectations vs. reality , 2011, IMC '11.

[15]  Gail-Joon Ahn,et al.  Detecting and resolving privacy conflicts for collaborative data sharing in online social networks , 2011, ACSAC '11.

[16]  Jorge Lobo,et al.  Fine-grained integration of access control policies , 2011, Comput. Secur..

[17]  Smitha Sundareswaran,et al.  A3P: adaptive policy prediction for shared images over popular content sharing sites , 2011, HT '11.

[18]  P. Cochat,et al.  Et al , 2008, Archives de pediatrie : organe officiel de la Societe francaise de pediatrie.

[19]  Angelos D. Keromytis,et al.  All your face are belong to us: breaking Facebook's social authentication , 2012, ACSAC '12.

[20]  Gail-Joon Ahn,et al.  Enabling Collaborative data sharing in Google+ , 2012, 2012 IEEE Global Communications Conference (GLOBECOM).

[21]  Refik Molva,et al.  Privacy preserving picture sharing: enforcing usage control in distributed on-line social networks , 2012, SNS '12.

[22]  Blase Ur,et al.  Tag, you can see it!: using tags for access control in photo sharing , 2012, CHI.

[23]  Michele M. Strano,et al.  Covering Your Face on Facebook , 2012, J. Media Psychol. Theor. Methods Appl..

[24]  Alfred Kobsa,et al.  Dimensionality of information disclosure behavior , 2013, Int. J. Hum. Comput. Stud..

[25]  Richard Chbeir,et al.  A Flexible Image-Based Access Control Model for Social Networks , 2013, Security and Privacy Preserving in Social Networks.

[26]  Erik Learned-Miller,et al.  Labeled Faces in the Wild : Updates and New Reporting Procedures , 2014 .

[27]  Angelos D. Keromytis,et al.  Faces in the Distorting Mirror: Revisiting Photo-based Social Authentication , 2014, CCS.

[28]  Ming Yang,et al.  DeepFace: Closing the Gap to Human-Level Performance in Face Verification , 2014, 2014 IEEE Conference on Computer Vision and Pattern Recognition.

[29]  B. Henne A Study on the Unawareness of Shared Photos in Social Network Services , 2014 .

[30]  Yin Wang,et al.  Automatic objects removal for scene completion , 2014, 2014 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[31]  C. Kruegel,et al.  Portrait of a Privacy Invasion Detecting Relationships Through Large-scale Photo Analysis , 2015 .

[32]  Christopher Krügel,et al.  Portrait of a Privacy Invasion , 2015, Proc. Priv. Enhancing Technol..