group 4 discussion leading
TRANSCRIPT
Social Media and Privacy
洪宣 庞晓燕 文静
CONTENT
Part 1 Concept of PrivacyPart 2 Cases of Privacy DisclosurePart 3 Privacy Protection
Concept
of Privacy
Privacy• In general, it refers to the right to be free from secret surveillance and
to determine whether, when, how, and to whom, one's personal or organizational information is to be revealed. • Specifically, privacy may be divided into four categories (1) Physical:
restriction on others to experience a person or situation through one or more of the human senses; (2) Informational: restriction on searching for or revealing facts that are unknown or unknowable to others; (3) Decisional: restriction on interfering in decisions that are exclusive to an entity; (4) Dispositional: restriction on attempts to know an individual's state of mind.
http://www.businessdictionary.com/definition/privacy.html
•Web 2.0• Participatory information sharing• Social networking sites (SNSs)• Give personal information out• A growing attention to the issue of privacy
Questions:
1. What is social media privacy?
2. How did data breaches happen?
Social Media PrivacyBasic Information: Name, telephone number, Email address, home address…
Social Networking activity data: browsing behavior, location, what time using which services…
Analyzed data based on existed information: occupation, hobbies, attributes, emotional tendency…
Exploiting Social Media Information for relational user Attribute Inference
— Institute of Automation, the Chinese of Academy Science
Cases ofPrivacy
Disclosure
1. Hacker Attack —historical mega breaches
65 million2013
167 million2012
News on May 2016
user IDs, email addresses, password
¥$150
$2300
Black market
2. Third-party WebsitesMeeting users’ need among different platformsGames 、 News 、 MusicGiven certain permissions, they can even see information that our friends share with us.
In 2014, Gigya conducted a survey which polled 4,000 respondents in the United States and Britain on their thoughts about data privacy
Convenience : 60% users will still log into other websites, even though they fear those companies aren't being careful with their data
2. Third-party Websites
3. Cyber Manhunt
tracking down and exploring one’s private information via internet media
sometimes gained notoriety to the target after blame and shame
4. Users In 2013, A survey interviewed 802 teens that examines teens' privacy management on social media sites92% post their real name to the profile they use most often.84% post their interests, such as movies, music, or books they like82% post their birth date62% post their relationship status24% post videos of themselves
5. Social Networking Sites
Max Schrems wrote term paper on Facebook‘s lack of awareness of European privacy law in 2011Under European “right to access”, he made a request for Facebook’s records on him and received a CD containing over 1,200 pages of dataSensitive personal data: friends he no longer followed, deleted information
Max Schrems
collecting data without valid permission
6. Recommending ads, is that simple?
On Facebook or other social media apps, an advertiser can only send ads to a user if that user has some connection to the brand in question. A connection can include group membership or a "like" of that brand's corporate page.
• An Arkansas lawyer and political blogger, Matt Campbell, has sued Facebook for allegedly using data from private messages to target ads.
• The core of their complaint concerns the access advertisers have the messages. • “Contrary to its representations, 'private' Facebook messages are systematically
intercepted by the Company in an effort to learn the contents of the users' communications... This practice...enables Facebook to mine user data and profit from those data by sharing them with advertisers.”
•
•
Imagining that your conversations with your friends actually have other unknown “audience”, kind of scary?
Hacker News revealed back in Oct. 2012 that a shared link within a private message between Facebook users also counts toward the total. Facebook admitted this to the Wall Street Journal in that publication's follow-up story.
7. They are tracking your locations?• “people around you” in Wechat(附近的人)• Three - point positioning method(三点定位法) a popular saying in the social media a panic concerning safety arises and spread
微信=危信?
• 记下自己和对方的距离,之后两次变换位置,重新测量自己和对方的距离,最后以三次测量地点为圆心 / 三个距离为半径画三个圈,三圆重合的位置就是对方所在的位置。• It is proved that this method is not as accurate as they say.
• 实际上“最精确也只能在 100 米范围内画一个圈”• But we still need to be cautious
about sharing our locations, it might be used by strangers.
8. No location sharing, but you know where I live?• A student took 40 mins to deduce actress's address from pictures
8. No location sharing, but I know where you live?• A student from Tsinghua University said he took four simple steps to deduce
the famous actress (WANG Luodan)'s address through the pictures posted on her Weibo.• Step 1: Get information• The student selected two pictures which contain some clues on her Weibo
• From the photographs, there are at least three square parterres we could see. Then the student used GoogleEarth to intercept the bird's-eye view of Beijing and compared it with the selected pictures of WANG's Weibo.
Step 2: Select the districtThe student used other information on Weibo to narrow his selected regions, like...
• Step 3: Search • As excluding several possible regions, the student intercepted a
bird's-eye view in GoogleEarth and zoomed in a part of picture. He soon found that the picture was extremely similar to WANG's picture selected in step1.
• Step 4: Field testThe student went to the place he deduced in step 3 and finally verified his conclusion.
So a simple picture is more than that.Be careful about the detectivein your daily life, like you Suitors or your Suspicious girlfriend.
9. "People You May Know", but I don't want to be known E1: friends recommending on QQ• QQ’s “recommending friends” feature do not simply show your QQ
name. It shows your real name .• You can find that almost all people you knew are listed here.
“ 腾讯的实名好友推荐翻一遍后,感觉就是自己以前在读年级所有学生的通讯录“
E2: Washington woman found husband's other wife on Facebook• An American named Alan L. O'Neill married a woman in 2001, moved
out in 2009, changed his name and remarried without divorcing her. • The first wife first noticed O'Neill had moved on to another woman
when Facebook suggested the friendship connection to wife No.2 under the "People You May Know" feature.
• Wife No.1 then called the defendant's mother.• “An hour later the defendant arrived at [Wife No.1’s] apartment, and she
asked him several times if they were divorced”, court records show. The defendant said, 'No, we are still married.'"• Neither O'Neill nor his first wife had filed for divorce, according to charging
documents. The name change came in December, and later that month he married his second wife.
From the issue mentioned above...• Obviously, Facebook helps the woman to find out that his husband has
cheated her for several years.• The Prosecutor Lindquist said, "Facebook is now a place where people
discover things about each other ."
• But on the other side, some people are concerned about their privacy of social contacts, because people can easily know what kind of people you are acquainted with.• Athima Chansanchai, a freelance journalist who writes about social
media, said Facebook over the years has played a role in both creating relationships and destroying them.
PrivacyProtectio
n
Privacy Protection•Government and legislature•Service providers•Social media users
Government and legislature
• Lawmakers should enact laws and regulations to protect social media users’ privacy. • Stipulate the responsibility of service providers.• Specify the punishment that online information criminals will face.• Provide some guidance for social media users to raise their awareness
of online security and privacy protection.• Offer necessary help when users are threatened, harassed or
defamed online
USA• 25 states of the US have enacted social media privacy laws (2012.4-
2016.7)• Regulating the use of social media by employers and educational
institutions
USA• United States Congress• Introduce Social Networking Online Protection Act
Australia•Office of the Australian Information Commissioner
Australia• Office of the Children’s eSafety Commissioner
Australia• ThinkUKnow
Australia• StaySmartOnline
Service providers• When designing social networking sites and apps, personal data protection should be
proactive and preventative in nature, and it should cover the entire cycle of personal data flow from collection to erasure.
• Personal information Collection Statement should be declared clearly before users confirm signing up for accounts. Users have the right to know under what circumstances will their personal data be collected, accessed or shared and for what purposes. The purposes must be lawful and directly related to a function or activity of the data users.
• Service providers should remind the users to pay high attention to information storage, privacy settings and online security. For example, when the users turn on the geolocation function of the apps, providers should inform users of the potential risks.
Social media users• Read the Privacy Statement before signing up for any SNS•Manage your privacy settings• Protect your accounts with strong, unique passwords• Think twice before you post any information• Don’t reveal personal information
Social media users• Be selective when accepting a friend• Exercise caution when clicking on links• Turn off the geolocation features in social networking apps• Don’t enable auto login• Close old accounts that you don’t use anymore
THANKS