Group items tagged

Abstract: The objective of this paper is to systematically develop privacy heuristics for Online Social Network Services (SNS). In order to achieve this, we provide an analytical framework in which we characterize privacy breaches that have occurred in SNS and distinguish different stakeholders' perspectives. Although SNS have been criticized for numerous grave privacy breaches, they have also proven to be an interesting space in which privacy design is implemented and critically taken up by users. Community involvement in the discovery of privacy breaches as well as in articulating privacy demands points to possibilities in user-driven privacy design. In our analysis we take a multilateral security analysis approach and identify conflicts in privacy interests and list points of intervention and negotiation. In our future research, we plan to validate the usefulness as well as the usability of these heuristics and to develop a framework for privacy design in SNS"

Seda Gurses, Carmela Troncoso, and Claudia Diaz Abstract: The design and implementation of privacy requirements in systems is a dicult problem and requires the translation of complex social, legal and ethical concerns into systems requirements. The concept of \privacy by design" has been proposed to serve as a guideline on how to address these concerns. \Privacy by design" consists of a number of principles that can be applied from the onset of systems development to mitigate privacy concerns and achieve data protection compliance. However, these principles remain vague and leave many open questions about their application when engineering systems. In this paper we show how starting from data minimization is a necessary and foundational rst step to engineer systems in line with the principles of privacy by design. We rst discuss what data minimization can mean from a security engineering perspective. We then present a summary of two case studies in which privacy is achieved by minimizing dierent types of data, according to the purpose of each application. First, we present a privacy-preserving ePetition system, in which user's privacy is guaranteed by hiding their identity from the provider while revealing their votes. Secondly, we study a road tolling system, in which users have to be identied for billing reasons and data minimization is applied to protect further sensitive information (in this case location information). The case studies make evident that the application of data minimization does not necessarily imply anonymity, but may also be achieved by means of concealing information related to identiable individuals. In fact, dierent kinds of data minimization are possible, and each system requires careful crafting of data minimization best suited for its purpose. Most importantly, the two case studies underline that the interpretation of privacy by design principles requires specic engineering expertise [...]