Proceedings of the 2nd International Conference on Information Systems Security and Privacy 2016
DOI: 10.5220/0005806705360541
|View full text |Cite
|
Sign up to set email alerts
|

Collateral Damage of Online Social Network Applications

Abstract: Abstract:Third party application providers in Online Social Networks can collect personal data of users through their friends without the user's awareness. In some cases, one or more application providers may own several applications and thus the same provider may collect an excessive amount of personal data, which creates a serious privacy risk. Previous research has developed methods to quantify privacy risks in Online Social Networks. However, most of the existing work does not focus on the issues of person… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1

Citation Types

0
4
0

Year Published

2016
2016
2020
2020

Publication Types

Select...
3
1
1

Relationship

3
2

Authors

Journals

citations
Cited by 5 publications
(4 citation statements)
references
References 19 publications
0
4
0
Order By: Relevance
“…With respect to the obligations of the data controller and processor to transparency, app providers can become data controllers and processors of a user's personal data, without the user becoming aware of such data transfer (i.e., collateral information collection). It should be noted that a Facebook user and their friends have insufficient information on both the amount of data that will be collected and the purposes their data will be used for by an app and its provider [101]. In other words, data collection and processing go far beyond the user's and their friends' legitimate expectations, and interferes with the principle of transparency as per Article 5 GDPR.…”
Section: Is Collateral Information Collection a Risk For The Protection Of The Personal Data?mentioning
confidence: 99%
See 1 more Smart Citation
“…With respect to the obligations of the data controller and processor to transparency, app providers can become data controllers and processors of a user's personal data, without the user becoming aware of such data transfer (i.e., collateral information collection). It should be noted that a Facebook user and their friends have insufficient information on both the amount of data that will be collected and the purposes their data will be used for by an app and its provider [101]. In other words, data collection and processing go far beyond the user's and their friends' legitimate expectations, and interferes with the principle of transparency as per Article 5 GDPR.…”
Section: Is Collateral Information Collection a Risk For The Protection Of The Personal Data?mentioning
confidence: 99%
“…Facebook API and friend permissions Initially, the API v1.x of Facebook (April 2010-April 2015 provided a set of permissions to the apps, i.e., friends xxx , such as friends birthday and friends location [39,101]. These permissions gave the apps the right to access and collect personal data of users via their friends, such as their birthdays and locations.…”
Section: Introductionmentioning
confidence: 99%
“…Facebook or Google+, and (iv) not allow users to opt out from the KSS service. A misbehaving KSS may also attempt not to comply with the Privacy policy that it advertises [28]. Thus, privacy policies and consent compliance should be guaranteed.…”
Section: Privacy Threatsmentioning
confidence: 99%
“…Later, Facebook has replaced this with a single permission to conform with US Federal Trade Commission (FTC) regulations on data collection [3]. Conformity notwithstanding, apps are still able to collect up to fourteen profile attributes via friends [20]. Of course, users have app-related privacy controls at their disposal; however, they are scattered at multiple locations, such as the user's personal profile (visibility levels per attribute) or the apps menu (attributes friends can bring with them to apps).…”
Section: Introductionmentioning
confidence: 99%