D IRECTIONS FOR R AISING P RIVACY A WARENESS IN SNS P LATFORMS Konstantina Vemou, Maria Karyda, Spyros Kokolakis 18th Panhellenic Conference on Informatics.

Slides:

Advertisements

Similar presentations

Recruitment Booster.

Advertisements

Utah – Business Fraud Alert notifies business owners and registered agents when a change has been made to a business’

Presenter: Nguyen Ba Anh HCMC University of Technology Information System Security Course.

Lync 2010 Multiparty Conference Training. Agenda Creating your PIN Scheduling a Conference Starting/Joining a Scheduled Conference Conducting a Web Conference.

Georgios Kontaxis, Michalis Polychronakis Angelos D. Keromytis, Evangelos P. Markatos Siddhant Ujjain (2009cs10219) Deepak Sharma (2009cs10185)

Presented by: Dan Landsberg August 12, Agenda  What is Social Media?  Social Media’s Professional Side  Benefits of Social Media  Regulatory.

Our aims ease the pain – for all our users get with the times better communication with our supporters recruit and engage people to our campaigns raise.

A Decision Support System For Civil Protection Prof. Thanasis Ziliaskopoulos University of Thessaly Hellenic Institute of Transport International Conference.

User studies. Why user studies? How do we know security and privacy solutions are really usable? Have to observe users! –you may be surprised by what.

An Overview of the REMS TA Center’s EOP ASSIST Software Application.

Company Confidential Info Exchange Workflow Examples for External Users: Action Items Company Confidential.

The Dr ü G Book: An Intro to Drupal The Dr ü G Book: An Intro to Drupal (Dr ü G: Drupal User ’ s Group - users, not developers) This is an introduction.

MANAGING YOUR ONLINE PROFILE WHAT DOES THIS MEAN AND WHY SHOULD YOU CARE? Sarah Morris UT Libraries.

Grants Online Locating and Viewing Documents Attached to a Grant of Aid Step-by-Step Guide February 2013.

CHAPTER 9 DATABASE MANAGEMENT © Prepared By: Razif Razali.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.

Presented by Chad Kafka This Month’s Topic: Wikispaces Advanced Today’s session is an introduction to what a WIKI is and how they can be used in education.

CPSC 203 Introduction to Computers T59 & T64 By Jie (Jeff) Gao.

C Copyright © 2009, Oracle. All rights reserved. Appendix C: Service-Oriented Architectures.

What is Sure BDCs? BDC stands for Batch Data Communication and is also known as Batch Input. It is a technique for mass input of data into SAP by simulating.

Lorie Stolarchuk Learning Technology Trainer 1 What has changed with the 2.7.X Upgrade to CLEW?

Copyright © 2012 Rockwell Automation, Inc. All rights reserved. Rockwell Automation Online Support Center Updated Version released August 29, 2015.

City of Los Angeles Personnel Department Mobile Application Team 02:Shreya kamani Anushree Sridhar Pattra Thongprasert Abhishek Trigunayat Travis Jones.

Smart Machines, Smart Privacy: Rules of the Road and Challenges Ahead The views expressed are those of the speaker and not necessarily those of the FTC.

E-P RAGUE AND THE P ROSPECTS OF E-G OVERNMENT : D ISCUSSION P ANELS James Melitski, PhD and Tony Carrizales, PhD E-governance Institute National Center.

April 30, 2007 openSUSE.org Build Service a short introduction Moiz Kohari VP Engineering.

 The Master Technology Teacher demonstrates knowledge of how to communicate in different formats for diverse audiences.

An Investigation of Facebook Grouping Robin Brewer Yael Mayer Lorrie Cranor Patrick Kelley facebook Home Profile Account Search.

1 SMT Format Short Story April 24, 2012 ‘Access, Control & Convenience’

WIKI, WIKI, WIKI! Using a Wiki for Collaborative Classroom Conversations Created by Betsy Hood, WGTE.

Lecture 6 Title: Web Planning, Designing, Developing for E-Marketing By: Mr Hashem Alaidaros MKT 445.

G53SEC 1 Access Control principals, objects and their operations.

The experience of a National Statistical Institute after a law change: Estonia First Regional Workshop Microdata Access in European Countries ― Cooperation.

Risk Wizard Webinar Information Sessions

Lesson 11: Configuring and Maintaining Network Security

1 Mezzanine Ware (Pty) Ltd © 2014 Installing\Uninstalling the Mezzanine Helium Android application.

Organisations and Data Management 1 Data Collection: Why organisations & individuals acquire data & supply data via websites 2Techniques used by organisations.

DalSpace A content repository for Dalhousie community members.

Preserving User Privacy from Third-party Applications in Online Social Networks Yuan Cheng, Jaehong Park and Ravi Sandhu Institute for Cyber Security University.

Facebook for Beginners One Session Class. What will you learn today? What can you do on Facebook? Creating a profile Privacy Connecting with friends Sending.

WStore User Guide Service Provider. Agenda 1.Introduction 2.Registering a resource 3.Viewing resources 4.Creating an offering 5.Managing an offering.

CPSC 203 Introduction to Computers T97 By Jie (Jeff) Gao.

Session 272 DL Tools for DL Schools Session 273 Direct Loan Tools  Introductions Misty Parkinson, U.S. Department of Education/ FSA Bob Berry, U.S.

EUDAT receives funding from the European Union's Horizon 2020 programme - DG CONNECT e-Infrastructures. Contract No B 2 DROP User.

New Paradigms for Broadband Data Building the Fact Base: The State of Broadband Adoption and Utilization Federal Communications Commission Kate Williams.

RCDL 2007, Pereslavl-Zalessky, Oct 2007 Converting Desktop into a Personal Activity Dataset Sergey Chernov, Enrico Minack, and Pavel Serdyukov.

Objectives  Legislation:  Understand that implementation of legislation will impact on procedures within an organisation.  Describe.

How to Research and Present Assessment 2. Three Websites You have to choose three websites that make use of social media to increase awareness and traffic.

Introduction to Wikis! More info:

Tech Tuesday: Facebook 101 People’s Resource Center January 26, 2016.

ELanguages workshop. Agenda Part 1: IntroductionIntroduction Part 2: Exploration of eLanguagesExploration of eLanguages Part 3: Your personal pageYour.

Getting Started Telligent or SharePoint (or Hybrid)?

Protecting your search privacy A lesson plan created & presented by Maria Bernhey (MLS) Adjunct Information Literacy Instructor

Raising Digitally Literate Citizens Curbar Primary School March 2016.

Step 1 Lead Notifications Dear Partner, New leads have been assigned to your organization based on customer preference and are available for you.

Library Elf Tech Talk presented by South Jersey Regional Library Cooperative November 15, 2006 Ralph Bingham Technology Librarian Gloucester County Library.

Blue Ridge Unified School District.  How will this help me? My Family Link  Where do I get started? Personal Profile Page  How do I manage my webpage?

Facebook privacy policy

Managing Windows Security

2016 “OPEN IN ACTION”.

Database System Concepts and Architecture

Electronic Application for ITS Integrator User Access

GLAST Release Manager Automated code compilation via the Release Manager Navid Golpayegani, GSFC/SSAI Overview The Release Manager is a program responsible.

Search Engine comparison

So you were told to make a website

eRMA User Guide (Guest)

Data Quality 2 (DQ2) & Staff Reporting Webinar

Contract Management Software 100% Cloud-Based ContraxAware provides you with a deep set of easy to use contract management features.

Presentation transcript:

D IRECTIONS FOR R AISING P RIVACY A WARENESS IN SNS P LATFORMS Konstantina Vemou, Maria Karyda, Spyros Kokolakis 18th Panhellenic Conference on Informatics Athens, 2-4 October Department of Information and Communication Systems Engineering, University of the Aegean

Introduction – Privacy Paradox Contents Privacy Awareness Goals Research Question– Method of Research Analyzing Current Awareness Practices Directions for Raising Privacy Awareness Further Research Questions

Introduction – Privacy Paradox (1/2) Privacy risks Privacy concerns Illusion of privacy Exposure to privacy risks

Introduction – Privacy Paradox (2/2) Privacy risks Privacy concerns Illusion of privacy X

Privacy Awareness Goals PROBLEM: Limited use of awareness tools and practices  Show privacy risks  Show sources of privacy risks  Propose actions the user can take to protect their privacy Several tools have been proposed (privacy mirrors, privacy wizards, personal containers, privacy signaling, etc)

Research Question – Method of Research How can embedded SNS awareness practices be improved ? Literature review Identify and analyze currently employed privacy practices Evaluate effectiveness Provide Guidance

Analyzing Current Awareness Practices (1/6) Links at the end of the sign up form and the footer of the webpage Terms of use and privacy policies Links under the sign-up button, preselected, optional Rare notifications on terms of use changes Offer clear notifications on any changes in TOS

Analyzing Current Awareness Practices (2/6) Functionality to create groups of friends/ Audience Segregation Audience management and visualization Some still offer Private (all friends) vs Public view “View As” mirroring tool Statistics, report visitors-viewed info, visualization of networks Statistics, report visitors-viewed info, visualization of networks

Analyzing Current Awareness Practices (3/6) Application permissions presented prior to installation Third-Parties Access List of installed applications in no predefined place Transitive access controls List of other parties granted access and purpose, Block transitive access controls in applications, Application center in the privacy settings, Report of accessed data by each application List of other parties granted access and purpose, Block transitive access controls in applications, Application center in the privacy settings, Report of accessed data by each application

Analyzing Current Awareness Practices (4/6) Log of profile owner activities Activity Logs No presentation of activities’ relation to privacy risks No predefined place in the user interface Organization of activity logs under privacy settings, Logs of accessed pieces of information Organization of activity logs under privacy settings, Logs of accessed pieces of information

Analyzing Current Awareness Practices (5/6) Functionality to notify via or SMS on certain activities, e.g. tags, mentions Notifications Notifications only to some changes of T.O.S.. Notifications via selected by default, Notification when a user accesses the profile Notifications via selected by default, Notification when a user accesses the profile

Analyzing Current Awareness Practices (6/6) Download files of collected data Access to recorded data Vague Description of types of collected data in the privacy policy Process to access all collected data, Process to request correction or deletion of data Process to access all collected data, Process to request correction or deletion of data

Diversity of awareness methods (no standards for embedded practices) Need for organization in the user interface (simple menu in privacy settings) Need to provide a list of entities accessing information Poor presentation for risk-risk sources combination Unexploited new technologies (e.g. privacy signaling) Directions for Raising Privacy Awareness

Further Research Analyze the actual use of privacy awareness tools Evaluate the effectiveness of privacy awareness tools Use as input to design of privacy awareness practices for SNS Analyze Evaluate Use

Questions