ABSTRACT
We performed a study of Facebook users to examine how they coped with limitations of the Facebook privacy settings interface. Students graduating and joining the workforce create significant problems for all but the most basic privacy settings on social networking websites. We therefore created realistic scenarios exploiting work/play boundaries that required users to specify access control policies that were impossible due to various limitations. We examined whether users were aware of these problems without being prompted, and once given feedback, what their coping strategies were. Overall, we found that simply alerting participants to potential errors was ineffective, but when choices were also presented, participants introduced significantly fewer errors. Based on our findings, we designed a privacy settings interface based on Venn diagrams, which we validated with a usability study. We conclude that this interface may be more effective than the current privacy settings interface.
- J. Binder, A. Howes, and A. Sutcliffe. The problem of conflicting social spheres: Effects of network structure on experienced tension in social network sites. In CHI '09: Proceedings of the 27th International Conference on Human Factors in Computing Systems, pages 965--974, New York, NY, USA, 2009. ACM. Google ScholarDigital Library
- d. boyd and E. Hargittai. Facebook privacy settings: Who cares? First Monday, 15(8), August 2010.Google Scholar
- C. A. Brodie, C.-M. Karat, and J. Karat. An empirical study of natural language parsing of privacy policy rules using the SPARCLE policy workbench. In SOUPS '06: Proceedings of the Second Symposium on Usable Privacy and Security, pages 8--19, New York, NY, USA, 2006. ACM. Google ScholarDigital Library
- Computer Research Association. CRA Conference on Grand Research Challenges in Information Security & Assurance, 2003. http://archive.cra.org/reports/trustworthy.computing.pdf.Google Scholar
- J. DiMicco, D. R. Millen, W. Geyer, C. Dugan, B. Brownholtz, and M. Muller. Motivations for social networking at work. In CSCW '08: Proceedings of the 2008 ACM Conference on Computer Supported Cooperative Work, pages 711--720, New York, NY, USA, 2008. ACM. Google ScholarDigital Library
- J. M. DiMicco and D. R. Millen. Identity Management: Multiple presentations of self in Facebook. In GROUP '07: Proceedings of the 2007 International ACM Conference on Supporting Group Work, pages 383--386, New York, NY, USA, 2007. ACM. Google ScholarDigital Library
- K. Fisler and S. Krishnamurthi. A model of triangulating environments for policy authoring. In SACMAT '10: Proceeding of the 15th ACM Symposium on Access Control Models and Technologies, pages 3--12, New York, NY, USA, 2010. ACM. Google ScholarDigital Library
- K. Fisler, S. Krishnamurthi, L. A. Meyerovich, and M. C. Tschantz. Verification and change-impact analysis of access-control policies. In ICSE '05: Proceedings of the 27th International Conference on Software Engineering, pages 196--205, New York, NY, USA, 2005. ACM. Google ScholarDigital Library
- R. Gross and A. Acquisti. Information revelation and privacy in online social networks. In WPES '05: Proceedings of the 2005 ACM Workshop on Privacy in the Electronic Society, pages 71--80, New York, NY, USA, 2005. ACM. Google ScholarDigital Library
- iStrategy Labs. Facebook demographics and statistics report, January 2010. http://www.istrategylabs.com/2010/01/facebook-demographics-and-statistics-re%port-2010--145-growth-in-1-year/.Google Scholar
- A. N. Joinson. Looking at, looking up or keeping up with people?: motives and use of facebook. In CHI '08: Proceedings of the 26th International Conference on Human Factors in Computing Systems, pages 1027--1036, New York, NY, USA, 2008. ACM. Google ScholarDigital Library
- C. Lampe, N. Ellison, and C. Steinfield. A face(book) in the crowd: Social searching vs. social browsing. In CSCW '06: Proceedings of the 2006 20th Anniversary Conference on Computer Supported Cooperative Work, pages 167--170, New York, NY, USA, 2006. ACM. Google ScholarDigital Library
- C. Lampe, N. B. Ellison, and C. Steinfield. Changes in use and perception of Facebook. In CSCW '08: Proceedings of the 2008 ACM Conference on Computer Supported Cooperative Work, pages 721--730, New York, NY, USA, 2008. ACM. Google ScholarDigital Library
- M. M. Skeels and J. Grudin. When social networks cross boundaries: A case study of workplace use of Facebook and LinkedIn. In GROUP '09: Proceedings of the 2009 International ACM Conference on Supporting Group Work, pages 95--104, New York, NY, USA, 2009. ACM. Google ScholarDigital Library
- C. Steinfield, J. M. DiMicco, N. B. Ellison, and C. Lampe. Bowling online: social networking and social capital within the organization. In C&T '09: Proceedings of the 4th International Conference on Communities and Technologies, pages 245--254, New York, NY, USA, 2009. ACM. Google ScholarDigital Library
- K. Strater and H. R. Lipford. Strategies and struggles with privacy in an online social networking community. In BCS-HCI '08: Proceedings of the 22nd British HCI Group Annual Conference, pages 111--119, Swinton, UK, UK, 2008. British Computer Society. Google ScholarDigital Library
- F. Stutzman and J. Kramer-Duffield. Friends only: examining a privacy-enhancing behavior in Facebook. In CHI '10: Proceedings of the 28th International Conference on Human Factors in Computing Systems, pages 1553--1562, New York, NY, USA, 2010. ACM. Google ScholarDigital Library
- A. Tootoonchian, K. K. Gollu, S. Saroiu, Y. Ganjali, and A. Wolman. Lockr: social access control for web 2.0. In WOSN '08: Proceedings of the 1st Workshop on Online Social Networks, pages 43--48, New York, NY, USA, 2008. ACM. Google ScholarDigital Library
- T. Turner, P. Qvarfordt, J. T. Biehl, G. Golovchinsky, and M. Back. Exploring the workplace communication ecology. In CHI '10: Proceedings of the 28th International Conference on Human Factors in Computing Systems, pages 841--850, New York, NY, USA, 2010. ACM. Google ScholarDigital Library
- J. Watson, M. Whitney, and H. R. Lipford. Configuring audience-oriented privacy policies. In SafeConfig '09: Proceedings of the 2nd ACM Workshop on Assurable and Usable Security Configuration, pages 71--78, New York, NY, USA, 2009. ACM. Google ScholarDigital Library
- A. Wu, J. M. DiMicco, and D. R. Millen. Detecting professional versus personal closeness using an enterprise social network site. In CHI '10: Proceedings of the 28th International Conference on Human Factors in Computing Systems, pages 1955--1964, New York, NY, USA, 2010. ACM. Google ScholarDigital Library
- A. L. Young and A. Quan-Haase. Information revelation and internet privacy concerns on social network sites: a case study of Facebook. In C&T '09: Proceedings of the 4th International Conference on Communities and Technologies, pages 265--274, New York, NY, USA, 2009. ACM. Google ScholarDigital Library
Index Terms
- Oops, I did it again: mitigating repeated access control errors on facebook
Recommendations
Privacy antecedents for SNS self-disclosure
Social networking sites privacy issues and self-disclosure are examined.A research model of privacy issues and self-disclosure is built.Structural equations modeling is used to assess the model fit.Path analysis is done to analyze hypothesis whereas 11 ...
Preserving the User's Privacy in Social Networking Sites
TrustBus 2013: Proceedings of the 10th International Conference on Trust, Privacy, and Security in Digital Business - Volume 8058In the last years, social networking sites SNSs have enjoyed an undeniable success. Those web platforms have huge quantities of active users sharing lots of information everyday. Usually, user-generated content may be almost innocuous, however, some ...
Persona: an online social network with user-defined privacy
SIGCOMM '09: Proceedings of the ACM SIGCOMM 2009 conference on Data communicationOnline social networks (OSNs) are immensely popular, with some claiming over 200 million users. Users share private content, such as personal information or photographs, using OSN applications. Users must trust the OSN service to protect personal ...
Comments