Teitl: Location Privacy Awareness on Geo-Social Networks

Cardiff University

Prif Ymchwiliwr

Alrayes, Fatma

Abdelmoty, Alia

Manylion y Prosiect

Dyddiad dechrau: 01.10.2014

Dyddiad gorffen: 31.03.2016


As users rely more and more on online social networking applications for their communication activities, the processing of personal location data through such networks increasingly poses significant risks to the security and privacy of users.

Such risks stem mainly from the variety of personal identifying data held by these networks and the extended possibility of tracking and profiling users based on their location information. The processing of personal data through such networks is not always transparent to or controllable by the users.

On the other hand, the importance of security and privacy of users' data is increasingly being recognised as a challenge to online and mobile applications, as evidenced by the recent personal data leak involving millions of Facebook users.

Also, legal frameworks are emerging that include protection mechanisms to allow individuals to better control their personal data.  In particular, the  General Data Protection Regulation (EU) 670/2016 (GDPR), now in place throughout European Union (EU) countries, stipulates data protection principles and privacy requirements that need to be fulfilled by such applications. To ensure compliance with these legal requirements, privacy awareness methods need to be incorporated into the design of online social networks.

In this work we focus in particular on the processing of personal location data on online social networks.

In some types of these networks, denoted location-based social networks, users' interaction is mainly guided by their presence in geographic places, e.g. check-ins on Foursquare. Processing of location information is essential for the provision of services by these applications. On other networks, denoted location-enabled social networks, location is a complementary attribute that can be used to enhance the user experience, e.g. filtering geo-tagged tweets by place on Twitter.  Collection and processing of user location information in both cases of geo-social networks (GeoSNs) can result in user profiling and derivation of sensitive information, revealing patterns of presence at home, regularly visited places and frequent activities, and even racial or ethnic origins.

To comply with legal frameworks and data protection principles, GeoSNs need to observe the transparency of user data processing and the informed consent of their users for such data processing.

In particular, Article 5 of the GDPR stipulates that with respect to transparency, ``any processing of personal data should be lawful and fair. It should be transparent to natural persons that personal data concerning them are collected, used, consulted or otherwise processed and to what extent the personal data are or will be processed ... communication relating to the processing of those personal data be easily accessible and easy to understand ...'', whilst Article 7 indicates that processing is based on the freely given and informed consent by the user.

Previous user studies highlighted the privacy awareness gap, where users are not fully aware of risks to their personal privacy resulting from their sharing information online. In this work, we consider

the factors that contribute to privacy risks on GeoSNs and pay particular attention to users' awareness of their sharing behaviour when interacting on these networks. Configuring (and updating) personal privacy settings on GeoSNs can be cumbersome, leading to possible divergence between users' sharing choices and previously specified sharing polices. Research is emerging that studies mechanisms for providing feedback to help raise user awareness of potential inconsistencies with default preferences, which mainly relies on exposing how often they access privacy settings and encouraging them to revise their preferences actively. With the continuous accumulation of location tracks, constructing useable feedback becomes a challenge.

In particular, we consider the following questions in the context of sharing location information.

  • Does user awareness of the data they share and the possible processing or analysis that can be done over their data on GeoSNs affect their perception of personal privacy?
  • Can the users' perception of risk to personal privacy be modelled?

Setiau Data Cysylltiedig

Diweddarwyd y tro diwethaf ar 2019-22-05 am 13:50