F ACEBOOK VS . P RIVACY A DVOCATES : A R OAD M AP F OR P EACE Joseph - - PowerPoint PPT Presentation
F ACEBOOK VS . P RIVACY A DVOCATES : A R OAD M AP F OR P EACE Joseph Bonneau jcb82@cl.cam.ac.uk Computer Laboratory Facebook Palo Alto, CA, USA July 14, 2009 Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 1 / 27 The
Joseph Bonneau jcb82@cl.cam.ac.uk
Computer Laboratory
Facebook Palo Alto, CA, USA July 14, 2009
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 1 / 27
SNS Industry
Operators Developers Advertisers Tech Futurists
Privacy Advocates
Non-Profit Groups Advocates Academics
Media Government Social Reactionaries Users?
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 2 / 27
SNS Industry
Operators Developers Advertisers Tech Futurists
Privacy Advocates
Non-Profit Groups Advocates Academics
Media Government Social Reactionaries Users?
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 2 / 27
SNS Industry
Operators Developers Advertisers Tech Futurists
Privacy Advocates
Non-Profit Groups Advocates Academics
Media Government Social Reactionaries Users?
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 2 / 27
SNS Industry
Operators Developers Advertisers Tech Futurists
Privacy Advocates
Non-Profit Groups Advocates Academics
Media Government Social Reactionaries Users?
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 2 / 27
SNS Industry
Operators Developers Advertisers Tech Futurists
Privacy Advocates
Non-Profit Groups Advocates Academics
Media Government Social Reactionaries Users?
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 2 / 27
SNS Industry
Operators Developers Advertisers Tech Futurists
Privacy Advocates
Non-Profit Groups Advocates Academics
Media Government Social Reactionaries Users?
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 2 / 27
Privacy in Graphs
Sampled Graphs Inference Control Crawling Prevention
Economic Factors Usability Next-Gen Designs
Untrusted Server App Sandboxing
Hacking Facebook
Photo Serving FQL tricks App problems
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 3 / 27
Privacy in Graphs
Sampled Graphs Inference Control Crawling Prevention
Economic Factors Usability Next-Gen Designs
Untrusted Server App Sandboxing
Hacking Facebook
Photo Serving FQL tricks App problems
0% 20% 40% 60% 80% 100% Applications/Games Blogging Privacy Controls Profile Personalisation Signup is Free Discover New People Share Videos/Music Communicate with Friends Friends Are Already Members Photo Sharing Number/Sample of Users proportion of sites featuring this promotional argument general purpose (N=29) non general purpose (N=16)
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 3 / 27
Privacy in Graphs
Sampled Graphs Inference Control Crawling Prevention
Economic Factors Usability Next-Gen Designs
Untrusted Server App Sandboxing
Hacking Facebook
Photo Serving FQL tricks App problems
Viewing Privacy Suite: Joe's Safe Settings
Author: Joseph Bonneau Created: May 29, 2009 My settings share your photos with friends only, hide your email address from search engines, and... (more) Reviewed By: Jonathan Anderson Rating: ★★★★ I love it!!! Keeps my data out of stranger's hands, and Joe does a great job keeping it updated... (more) Reviewed By: Luke Church Rating: ★★★☆ I liked this suite, but it hid too much of my info from my university network, so I modified it into my own Used By:
people in the University of Cambridge network people in the London network people overall Adopt This Suite Preview Details 24 234 457 1802
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 3 / 27
Privacy in Graphs
Sampled Graphs Inference Control Crawling Prevention
Economic Factors Usability Next-Gen Designs
Untrusted Server App Sandboxing
Hacking Facebook
Photo Serving FQL tricks App problems
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 3 / 27
Privacy in Graphs
Sampled Graphs Inference Control Crawling Prevention
Economic Factors Usability Next-Gen Designs
Untrusted Server App Sandboxing
Hacking Facebook
Photo Serving FQL tricks App problems
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 3 / 27
I often complain about Facebook...
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 4 / 27
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 5 / 27
Recognise common ground
ie, ignore all the non-issues
Compromise on the small points Work together on the big picture
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 6 / 27
Accidental
information shared unintentionally bullying/harassment
Malicious
hacks deception crawlers/aggregators
Structural
advertisers developers Facebook & affiliates
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 7 / 27
Sexual predators Bullying/Harassment Social/moral decline Censorship of hate speech (not yet)
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 8 / 27
Spam Detection Fine-grained privacy control Refusal to share “anonymised” data
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 9 / 27
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 10 / 27
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 11 / 27
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 12 / 27
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 13 / 27
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 14 / 27
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 15 / 27
Don’t allow friends to view my memberships on other websites through Facebook Connect?
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 16 / 27
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 17 / 27
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 18 / 27
Enumerate specific guarantees
Email address sharing Data removal
Narrower language
Lessen legal requirements for users to provide real data Clarify “Programmatic Interaction”
Remove democratic process
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 19 / 27
OpenID ‘Download my data’ button Open Social RSS export
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 20 / 27
(hopefully, things we can work on together)
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 21 / 27
Opt Out of Targeted Ads? Reference counting to data Subject Access Request
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 22 / 27
Automatic inference of context? Automatic inference of intentions? Sharable privacy? Graphical end-user programming interface?
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 23 / 27
Ensuring new features “at least as private” as previous Enable “auto opt-out” of new features Make clear changes in data visibility with new features Privacy review process
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 24 / 27
Protection against crawling Less-useful public views Theoretical grounding for query limits
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 25 / 27
Facebook has much to gain by working with its critics
Steady stream of ideas Credibility
Researchers can gain as well
Using Facebook as a research platform?
Users will gain too
In ways that is good for Facebook...
Self-regulation is better for everybody
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 26 / 27
Joseph Bonneau (University of Cambridge) Facebook Talk July 14, 2009 27 / 27