ABSTRACT
For purposes of this paper, we define "Personally identifiable information" (PII) as information which can be used to distinguish or trace an individual's identity either alone or when combined with other information that is linkable to a specific individual. The popularity of Online Social Networks (OSN) has accelerated the appearance of vast amounts of personal information on the Internet. Our research shows that it is possible for third-parties to link PII, which is leaked via OSNs, with user actions both within OSN sites and else-where on non-OSN sites. We refer to this ability to link PII and combine it with other information as "leakage". We have identified multiple ways by which such leakage occurs and discuss measures to prevent it.
- James Abbatiello. Refcontrol. Firefox Add-on. https://addons.mozilla.org/en-US/firefox/addon/953.Google Scholar
- T. Berners-Lee, R. Fielding, and H. Frystyk. Hypertext Transfer Protocol - HTTP/1.0. RFC 1945, IETF, May 1996. Defines current usage of HTTP/1.0. http://www.rfc-editor.org/rfc/rfc1945.txt.Google ScholarDigital Library
- The cafes: Privacy tip #3: Block referer headers in Firefox, October 2006. http://cafe.elharo.com/privacy/privacy-tip-3-block-referer-headers-in-firefox/.Google Scholar
- Online profiling: A report to congress, July 2000. Federal Trade Commission. http://www.ftc.gov/os/2000/07/onlineprofiling.htm.Google Scholar
- Clay Johnson III. Safeguarding against and responding to the breach of personally identifiable information, May 22 2007. Office of Management and Budget Memorandum. http://www.whitehouse.gov/omb/memoranda/fy2007/m07-16.pdf.Google Scholar
- Balachander Krishnamurthy and Craig E. Wills. Characterizing privacy in online social networks. In Proceedings of the Workshop on Online Social Networks, pages 37--42, Seattle, WA USA, August 2008. ACM. Google ScholarDigital Library
- Balachander Krishnamurthy and Craig E. Wills. Privacy diffusion on the web: A longitudinal perspective. In Procs World Wide Web Conference, Madrid, Spain, April 2009. http://www.research.att.com/~bala/papers/www09.pdf. Google ScholarDigital Library
- Bradley Malin. Betrayed by my shadow: Learning data identify via trail matching. Journal of Privacy Technology, June 2005.Google Scholar
- Erika McCallister, Tim Grance, and Karen Scanfone. Guide to protecting the confidentiality of personally identifiable information (PII) (draft), January 2009. NIST Special Publication 800-122. http://csrc.nist.gov/publications/drafts/800-122/Draft-SP800-122.pdf.Google ScholarDigital Library
- Privacy guard. Facebook Application. http://apps.facebook.com/privacyguard/.Google Scholar
- Privacy protector. Facebook Application. http://apps.facebook.com/privacyprotector/.Google Scholar
- Privoxy. http://www.privoxy.org/.Google Scholar
- Proxify anonymous proxy. http://proxify.com/.Google Scholar
- Daniel Savard. LiveHTTPHeaders. Firefox Add-on. http://livehttpheaders.mozdev.org/.Google Scholar
Index Terms
- On the leakage of personally identifiable information via online social networks
Recommendations
Personally identifiable information leakage through online social networks
SAICSIT '13: Proceedings of the South African Institute for Computer Scientists and Information Technologists ConferenceInformation sharing on the Internet has become a streamlined process through services such as e-mail, blogs and recently also Online Social Networks (OSNs). The speed of posting information in one central place and the convenience of this information ...
On the leakage of personally identifiable information via online social networks
For purposes of this paper, we define "Personally identifiable information" (PII) as information which can be used to distinguish or trace an individual's identity either alone or when combined with other information that is linkable to a specific ...
Comments