Consensual and Privacy-Preserving Sharing of Multi-Subject and Interdependent Data

Olteanu, Alexandra-Mihaela; Huguenin, Kévin; Dacosta, Italo; Hubaux, Jean-Pierre

doi:10.14722/ndss.2018.23002

Cited by 21 publications

(31 citation statements)

References 54 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Furthermore, the approach does not take into account the effect of types of data items under consideration. In a rather restrictive proposal by Olteanu et al [66], photos can only be uploaded to a social network site with all faces detected in it being removed, only allowing to display them after the corresponding person has explicitly agreed.…”

Section: Data Co-ownershipmentioning

confidence: 99%

SoK: Managing Longitudinal Privacy of Publicly Shared Personal Online Data

Schnitzler

Mirza

Dürmuth

et al. 2020

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

Over the past decade, research has explored managing the availability of shared personal online data, with particular focus on longitudinal aspects of privacy. Yet, there is no taxonomy that takes user perspective and technical approaches into account. In this work, we systematize research on longitudinal privacy management of publicly shared personal online data from these two perspectives: user studies capturing users’ interactions related to the availability of their online data and technical proposals limiting the availability of data. Following a systematic approach, we derive conflicts between these two sides that have not yet been addressed appropriately, resulting in a list of challenging open problems to be tackled by future research. While limitations of data availability in proposed approaches and real systems are mostly time-based, users’ desired models are rather complex, taking into account content, audience, and the context in which data has been shared. Our systematic evaluation reveals interesting challenges broadly categorized by expiration conditions, data co-ownership, user awareness, and security and trust.

show abstract

Section: Data Co-ownershipmentioning

confidence: 99%

SoK: Managing Longitudinal Privacy of Publicly Shared Personal Online Data

Schnitzler

Mirza

Dürmuth

et al. 2020

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

show abstract

“…In general, cryptography can be helpful in the case of interdependent privacy (mostly for co-owned data as cryptographic techniques are data agnostic, and therefore cannot address data correlation issues per se), to hide information to certain adversarial parties. For instance to share content online or decide on the visibility of some shared content without the service providers and unauthorized users having access to it [Beato and Peeters 2014;Ilia et al 2015;Olteanu et al 2018;Palomar et al 2016] (see Sec. 5.2 and more specifically Table 4 on page 31).…”

Section: Cryptographymentioning

confidence: 99%

“…Manuscript submitted to ACM photo users access control (trust, sensitivity, visibility) [Hu et al 2013] photo users access control (weighted voting) [Beato and Peeters 2014] photo users cryptography (secret sharing) [González-Manzano et al 2014] photo users access control (fine-grained) [Guo et al 2014] generic mobile apps access control (fine-grained) [Ilia et al 2015] photo users access control (fine-grained) + obfuscation [Aditya et al 2016] photo users cryptography (homomorphic encryption) [Mehregan and Fong 2014] generic users access control (discretionary) [Mehregan and Fong 2016] generic users access control (relationship-based) [Such and Rovatsos 2016] photo users access control (negotiation/action vector) [Keküllüoğlu et al 2016] photo users access control (negotiation/action vector) [Palomar et al 2016] photo users cryptography (attribute-based credential) [Rathore and Tripathy 2016] generic users access control (majority voting) [Misra and Such 2017a,b] photo users policy recommandation [Ilia et al 2017] generic service provider cryptography (secret sharing) [Guarnieri et al 2017] medical data users access control (inference control) [Li et al 2017a] photo users obfuscation [Xu et al 2017] photo users access control (veto voting) [Li et al 2017b] photo users access control (fine-grained) [Harkous and Aberer 2017] file cloud storage apps privacy meter (for users) [Zhong et al 2018] photo users access control (neural network detection) [Olteanu et al 2018 show that, despite their popularity, blurring and pixelating are ineffective at obfuscating users, and that inpainting (i.e., removing the user entirely and replacing her with something visually consistent with the image) and avatar (i.e., replacing the user with an avatar that preserves some of the elements of the initial representation) are the best options.…”

Section: Technical Solutionsmentioning

confidence: 99%

“…This terminology was later used by Humbert et al, Pu and Grossklags, and Olteanu et al. Extending this terminology, Olteanu et al coined the term interdependent personal data to refer to the case where data (seemingly) concerns a single individual but is, in fact, related to others because of data correlation [Olteanu et al 2018].…”

mentioning

confidence: 99%

“…Manuscript submitted to ACM collective privacy [Squicciarini et al 2009] [Ilia et al 2017;Jia and Xu 2016a,b;Ratikan and Shikida 2014;Squicciarini et al 2010Squicciarini et al , 2011] multi-party privacy [Thomas et al 2010] [Fogues et al 2015;Hu et al 2013;Li et al 2017a;Such and Criado 2014Such and Rovatsos 2016] networked privacy [Boyd 2012] [Cho and Filippova 2016;Marwick and Boyd 2014;Vitak et al 2015] interdependent privacy Chia 2013] [Ayday andHarkous and Aberer 2017;Olteanu et al 2018Olteanu et al , 2017Olteanu et al , 2019Pu and Grossklags 2014Symeonidis et al 2016a;Weidman et al 2018] peer privacy [Chen et al 2015] [Ozdemir et al 2017] group privacy [Bloustein 1978] [Radaelli et al 2018] multiple-subject privacy [Gnesi et al 2014] [ Olteanu et al 2018]…”

mentioning

confidence: 99%

See 2 more Smart Citations

A Survey on Interdependent Privacy

Humbert¹,

Trubert

Huguenin

2019

ACM Comput. Surv.

View full text Add to dashboard Cite

The privacy of individuals does not only depend on their own actions and data but may also be affected by the privacy decisions and by the data shared by other individuals. This interdependence is an essential aspect of privacy and ignoring it can lead to serious privacy violations. In this survey, we summarize and analyze research on interdependent privacy risks and on the associated (cooperative and non-cooperative) solutions. We also demonstrate that interdependent privacy has been studied in isolation in different research communities. By doing so, we systematize knowledge on interdependent privacy research and provide insights on how this research should be conducted and which challenges it should address.

show abstract

Interdependent Privacy Issues Are Pervasive Among Third-Party Applications

Liu

Herendi

Biczók

2022

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Third-party applications have become an essential part of today's online ecosystem, enhancing the functionality of popular platforms. However, the intensive data exchange underlying their proliferation has increased concerns about interdependent privacy (IDP). This paper provides a comprehensive investigation into the previously underinvestigated IDP issues of third-party apps. Specifically, first, we analyze the permission structure of multiple app platforms, identifying permissions that have the potential to cause interdependent privacy issues by enabling a user to share someone else's personal data with an app. Second, we collect datasets and characterize the extent to which existing apps request these permissions, revealing the relationship between characteristics such as the respective app platform, the app's type, and the number of interdependent privacy-related permissions it requests. Third, we analyze the various reasons IDP is neglected by both data protection regulations and app platforms and then devise principles that should be followed when designing a mitigation solution. Finally, based on these principles and satisfying clearly defined objectives, we propose IDPFilter, a platform-agnostic API that enables application providers to minimize collateral information collection by filtering out data collected from their users but implicating others as data subjects. We implement a proof-ofconcept prototype, IDPTextFilter, that implements the filtering logic on textual data, and provide its initial performance evaluation with regard to privacy, accuracy, and efficiency.

show abstract

Consensual and Privacy-Preserving Sharing of Multi-Subject and Interdependent Data

Cited by 21 publications

References 54 publications

SoK: Managing Longitudinal Privacy of Publicly Shared Personal Online Data

SoK: Managing Longitudinal Privacy of Publicly Shared Personal Online Data

A Survey on Interdependent Privacy

Interdependent Privacy Issues Are Pervasive Among Third-Party Applications

Contact Info

Product

Resources

About