0
Privacy Codes of Practice
   for the Social Web:
The Analysis of Existing Privacy Codes and
  Emerging Social-Centric Priv...
Introduction
Privacy Codes
1996 1973 1977 1979 1980 1986 1990 1991 1993 1995 1996 1997 1999 2002 2003 2005




           ...
Privacy Risks in
Social Network Sites
profiles mostly represent genuine identities,

profiles regularly updated by users,

d...
Private Information
    Flow Model
Web = client/server, request/response,
unidirectional




       Private information flo...
Private Information
       Flow Model
Social Web = interactive,
participatory, content-
regeneration,
multidirectional

Bl...
1. Transparency

Identity of the SP, purpose, data retention, user
participation, recipients, accountability, and
security...
2. Consent
Primary and Secondary consent

Third parties = profile information collection is
mostly invisible, no software l...
3. User Participation


 Users’ right to access, challenge its correctness,
 amend, erase, or block their private data.

 ...
4. Data Quality
collected private data should be accurate,
complete, and up-to-date

SNS users update their profile regular...
5. Security
Avoid unauthorized access, use, alteration,
erasure, or disclosure

Confidentiality (Web) - Visibility (Social ...
peo-    formation. Users should also take appropriate measures to
es. In    safeguard other users’ private information. In...
Conclusion
Future privacy codes and privacy policy
languages should address:

  Emerging social-centric privacy risks (suc...
Upcoming SlideShare
Loading in...5
×

Privacy Codes of Practice for the Social Web: The Analysis of Existing Privacy Codes and Emerging Social-Centric Privacy Risks

1,044

Published on

Privacy codes of practice developed in the 1980s in response to the concerns about the introduction of computerized databases, automated personal information processing systems, and easy transmission of personal information across national and international boundaries. The current data-practice guidelines, laws, and model-codes have been modeled based on these early codes. Starting from the early 2000, the socialization of the Web introduced a new kind of private information flow model and new privacy risks. In this paper, we analyzes the core principles of existing privacy codes with respect to emerging social-centric privacy risks. Our major contribution in this work is twofold. Legally - this evaluation is useful to enhance current privacy codes for the Social Web. Technically - this evaluation is useful to design the future social-centric privacy policy languages and their data handling specifications.

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,044
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
27
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide












  • Transcript of "Privacy Codes of Practice for the Social Web: The Analysis of Existing Privacy Codes and Emerging Social-Centric Privacy Risks"

    1. 1. Privacy Codes of Practice for the Social Web: The Analysis of Existing Privacy Codes and Emerging Social-Centric Privacy Risks Girma Nigusse & Bart De Decker
    2. 2. Introduction Privacy Codes 1996 1973 1977 1979 1980 1986 1990 1991 1993 1995 1996 1997 1999 2002 2003 2005 DPD FIPP OECD MCCPI Web 1996 1973 1977 1979 1980 1986 1990 1991 1993 1995 1996 1997 1999 2002 2003 2005 WWW ARPAnet Msg Gopher Usenet Mosaic IE Freenet Social Web 1996 1973 1977 1979 1980 1986 1990 1991 1993 1995 1996 1997 1999 2002 2003 2005 SixDegree Friendster LiveJournal MySpace Facebook
    3. 3. Privacy Risks in Social Network Sites profiles mostly represent genuine identities, profiles regularly updated by users, default profile visibility is public, users do not change default settings, crawling public profiles is easy,
    4. 4. Private Information Flow Model Web = client/server, request/response, unidirectional Private information flow model in the Web
    5. 5. Private Information Flow Model Social Web = interactive, participatory, content- regeneration, multidirectional Blogging, bookmarking, tagging, sharing, befriending etc Private information flow model in the Social Web
    6. 6. 1. Transparency Identity of the SP, purpose, data retention, user participation, recipients, accountability, and security. Befriending = exchanging profile information Third parties = direct access to user data Policy authoring = user transparency
    7. 7. 2. Consent Primary and Secondary consent Third parties = profile information collection is mostly invisible, no software license agreement, terms of use or privacy policy Social software features = boost profile information sharing, linking, aggregation without users’ explicit consent Spillovers = unauthorized disclosure
    8. 8. 3. User Participation Users’ right to access, challenge its correctness, amend, erase, or block their private data. Intuitive profile editing tools
    9. 9. 4. Data Quality collected private data should be accurate, complete, and up-to-date SNS users update their profile regularly Profile = digital dossier Fake characters (Fakesters) Denigration = pretending to be someone in order to damage others
    10. 10. 5. Security Avoid unauthorized access, use, alteration, erasure, or disclosure Confidentiality (Web) - Visibility (Social Web)
    11. 11. peo- formation. Users should also take appropriate measures to es. In safeguard other users’ private information. In Table 1, ser- bility most Gross Discussion vice providers, third-party service, and third-party applica- tion providers are generally considered as service providers. Wills rofile Table 1: The responsibilities (Resp.) and rights of users (U) , and and service providers (SP) in the Web and the Social Web. Chen , ser- Web Social Web man- Right Resp. Right Resp. y op- Codes U SP U SP U SP U SP ures. Transparency com- Consent ermi- Participation osted Data quality eover, Security t only Enforcement ioned n the s, but In the Social Web, privacy protection must consider the
    12. 12. Conclusion Future privacy codes and privacy policy languages should address: Emerging social-centric privacy risks (such as spillovers, denigration, visibility etc) The current shift in data handling responsibility and the model of interaction in the Web
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×