June Wei,Yuan Liu,June Lu,Milos Slaninka,Kristie Abston

DOI: https://doi.org/10.1504/ijmc.2021.114313

2021-01-01

International Journal of Mobile Communications

Abstract:This paper proposed an indexed matrix to assess information security risks' impacts on mobile social media to help organisations address security risks effectively and efficiently. It developed and integrated a static social media information security risk model and a dynamic social media information flow model in the mobile environment to investigate the potential security risks in social networks. The pattern of security risks with three levels was identified using cluster analysis. An indexed matrix is also proposed to assess the information security impacts on social media via the relative-weigh quantitative method. The results can help to develop an effective and safe way to transmit information through social media. This research is the first attempt to integrate static information security threats into the dynamic social media information flow processes to assess the information security risk levels by developing a new indexed method. The theoretical and practical implications are presented.

Yan Leng,Yijun Chen,Xiaowen Dong,Junfeng Wu,Guodong Shi

DOI: https://doi.org/10.2139/ssrn.3875878

2021-01-01

SSRN Electronic Journal

Abstract:There exists a growing concern about the privacy threats inherently encoded in the increasingly available behavioral data. In this paper, we focus on online service providers over which users reveal preferences (e.g., ratings or reviews) as publicly available behavioral data. We model users' strategic interactions in making these decisions as quadratic games on networks, where a user's payoff depends not only on their actions but also on their neighbors in a social interaction network. Based on the assumption that the observed preferences correspond to the Nash equilibrium of the game, we investigate whether eavesdroppers or competitors having access to such behavioral data could potentially infer or even thoroughly learn the hidden social interaction network from the observed user actions, leading to privacy risks at a system level for the platform. We introduce three notions of privacy risks on networks: fundamental privacy, conditional privacy, and practical privacy. We establish necessary and sufficient conditions for fundamental and conditional privacy of the social interaction structure, suggesting that at the system level, such interaction structure is not facing a critical risk of being fully exposed regardless of the amount of data available. To study practical privacy, we further propose and analyze a novel learning framework by solving a joint optimization problem for the network structure and the individual marginal benefits in the game. Extensive experiments on synthetic and real-world data demonstrate the effectiveness of the proposed framework, hence illustrating that behavioral data indeed present substantial privacy risks in practice. Broadly, this study enriches the network privacy literature and provides implications for online platforms by revealing the unexpected consequence of leaking network connections due to public consumer revealed preferences.

Nicolas E. Diaz Ferreyra,Rene Meis,Maritta Heisel

DOI: https://doi.org/10.48550/arXiv.2008.09391

IF: 6.4588

2020-08-21

Human-Computer Interaction

Abstract:Social Network Sites (SNSs) like Facebook or Instagram are spaces where people expose their lives to wide and diverse audiences. This practice can lead to unwanted incidents such as reputation damage, job loss or harassment when pieces of private information reach unintended recipients. As a consequence, users often regret to have posted private information in these platforms and proceed to delete such content after having a negative experience. Risk awareness is a strategy that can be used to persuade users towards safer privacy decisions. However, many risk awareness technologies for SNSs assume that information about risks is retrieved and measured by an expert in the field. Consequently, risk estimation is an activity that is often passed over despite its importance. In this work we introduce an approach that employs deleted posts as risk information vehicles to measure the frequency and consequence level of self-disclosure patterns in SNSs. In this method, consequence is reported by the users through an ordinal scale and used later on to compute a risk criticality index. We thereupon show how this index can serve in the design of adaptive privacy nudges for SNSs.

Deborah Lupton

DOI: https://doi.org/10.2139/SSRN.2511717

2014-10-19

Abstract:This chapter examines the phenomenon of risk as it is mediated and remediated via digital technologies. As social life and social institutions have become experienced and managed via novels forms of digital technologies, and as both public and personal spaces as well as human bodies have become increasingly monitored by digital surveillance devices and sensors, a new field of risk inquiry has opened up in response to what might be termed ‘digital risk society’. The intersections between risk and digital technologies operate in several ways. First, the phenomena and individuals that are identified as ‘risks’ or ‘risky’ are increasingly configured and reproduced via digital media, devices and software. These technologies act not as only as mediators of risk but frequently are the source of new concepts of risk. Second, various uses of digital technologies are often presented as posing risks to users. These two aspects of digital risk society may be glossed as ‘digitising risk’ and ‘the risks of digital technology use’ respectively. In a third major dimension, members of some social groups are positioned in the literature on the ‘digital divide’ as at risk of disadvantage in relation to communication, education, information or better employment opportunities because they lack access to or interest or skills in using online technologies. This aspect of digital risk society may be characterised as ‘digital social inequality risks’. The three dimensions of digital risk society require new sources of theorising risk that are able to understand and elucidate the ways in which digitisation and risk intersect to create risk representations, mentalities and practices. This chapter addresses each one of these major dimensions in turn. Before doing so, however, it is important to introduce some of these perspectives that may be productively employed to theorise digital risk society. This involves moving away from the perspectives that traditionally have dominated risk sociology and embracing the ideas of writers in such fields as digital sociology, internet studies, new media and communication and surveillance studies.

Sociology,Computer Science,Engineering

Michael Fire,Roy Goldschmidt,Yuval Elovici

DOI: https://doi.org/10.1109/COMST.2014.2321628

2014-07-24

Abstract:Many online social network (OSN) users are unaware of the numerous security risks that exist in these networks, including privacy violations, identity theft, and sexual harassment, just to name a few. According to recent studies, OSN users readily expose personal and private details about themselves, such as relationship status, date of birth, school name, email address, phone number, and even home address. This information, if put into the wrong hands, can be used to harm users both in the virtual world and in the real world. These risks become even more severe when the users are children. In this paper we present a thorough review of the different security and privacy risks which threaten the well-being of OSN users in general, and children in particular. In addition, we present an overview of existing solutions that can provide better protection, security, and privacy for OSN users. We also offer simple-to-implement recommendations for OSN users which can improve their security and privacy when using these platforms. Furthermore, we suggest future research directions.

Social and Information Networks,Computers and Society,Physics and Society

Emílio José Montero Arruda Filho,Igor de Jesus Lobato Pompeu Gammarano,Edmilson Marcelo Corrêa Duarte

DOI: https://doi.org/10.1093/iwc/iwad027

2023-03-10

Interacting with Computers

Abstract:Abstract This study analyzes how users perceive the risks associated with privacy loss on social networks and behave in response to these perceived risks. Specifically, it studies how privacy literacy influences privacy-related risk perceptions concerning the usage of personal information on social networks, and the relationship between the user's privacy concerns and their sharing behavior on social media. The privacy paradox concept is evaluated in this context with respect to the ambiguous values and perceptions that social network users have, wherein they experience concerns regarding their privacy in specific environments but continue to share their information and personal content via these channels regardless. The research adopts a qualitative exploratory approach using semi-structured interviews and content analysis, with Facebook as the focal social network. Four categorical headlines are identified, supporting specific findings that indicate that risk perceptions concerning privacy do impact users' privacy concerns, but do not influence individuals to reduce sharing data. Thus, although some users perceive risks involved in these practices, they continue to share data, ignoring the fact that this may be to their detriment and instead focusing on characteristics that support their sharing. The findings indicate that social interaction benefits obtained from social, hedonic and utilitarian elements provided via the social network lead users to take risks regarding online self-exposure based on their desires and social values.

computer science, cybernetics,ergonomics

Gráinne H Kirwan,Chris Fullwood,Brendan Rooney

DOI: https://doi.org/10.1089/cyber.2016.0714

Abstract:Social networking sites (SNSs) can provide cybercriminals with various opportunities, including gathering of user data and login credentials to enable fraud, and directing of users toward online locations that may install malware onto their devices. The techniques employed by such cybercriminals can include clickbait (text or video), advertisement of nonexistent but potentially desirable products, and hoax competitions/giveaways. This study aimed to identify risk factors associated with falling victim to these malicious techniques. An online survey was completed by 295 Malaysian undergraduate students, finding that more than one-third had fallen victim to SNS scams. Logistic regression analysis identified several victimization risk factors including having higher scores in impulsivity (specifically cognitive complexity), using fewer devices for SNSs, and having been on an SNS for a longer duration. No reliable model was found for vulnerability to hoax valuable gift giveaways and "friend view application" advertising specifically, but vulnerability to video clickbait was predicted by lower extraversion scores, higher levels of openness to experience, using fewer devices, and being on an SNS for a longer duration. Other personality traits were not associated with either overall victimization susceptibility or increased risk of falling victim to the specific techniques. However, age approached significance within both the video clickbait and overall victimization models. These findings suggest that routine activity theory may be particularly beneficial in understanding and preventing SNSs scam victimization.

Hannah Soong,Sue Nichols,Karen Dooley,Michelle M. Neumann

DOI: https://doi.org/10.1080/17482798.2024.2402271

IF: 2.716

2024-09-20

Journal of Children and Media

Abstract:Children's social lives are mediated increasingly by digital tools, thereby making new modes of home-school-world relationships possible. In this context, children's digital out-of-school social practices continue to be associated with risk. Children are construed as an "at risk" and vulnerable population by adults who frame children's everyday digital social life with ambivalence. This framing is used to justify imposition of constraints in the present, with children's digital engagement a key site of regulation. The study we report here problematises research that separates risk from children's digital social participation. To challenge dominant views of children being vulnerable to risk, we use Actor Network Theory to provide a nuanced exposition of concepts of "digital risk" and agentic self, relevant to children's digital social lives. From the findings of the present study, involving 62 10–11-year-old children in 3 Australian schools, we argue that "digital risk" framing of children's social lives underplays children's agency and voice in digital environments. Additionally, what is missing in the framing of digital risk is recognition that children utilise digital tools to ameliorate non-digital risk. In other words, risk is not only digital; and there is more to digital participation than risk. Prior State of Knowledge: Children's social lives are mediated increasingly by digital tools and digital practices that continue to be associated with risks. This framing justifies children's digital engagement as a site of regulation as children are continually construed as an "at risk" population. Novel Contributions: A new way of framing "digital risk" is offered which incorporates children's perspectives on digital experiences. Children can create diverse types of digital social practices in relation to perceived and experienced risk, acting to strengthen their navigation of digital risk. Practical Implications: Adults need to rethink what "digital risk" means in terms of affording opportunities for children's social development. Parents are best placed to support children's agency through online experiences, whilst guiding children through the challenges and benefits of digital risk.

social sciences, interdisciplinary,communication

Rosanna Bellini,Emily Tseng,Noel Warford,Alaa Daffalla,Tara Matthews,Sunny Consolvo,Jill Palzkill Woelfer,Patrick Gage Kelley,Michelle L. Mazurek,Dana Cuomo,Nicola Dell,Thomas Ristenpart

DOI: https://doi.org/10.48550/arXiv.2309.00735

2023-09-02

Abstract:Research involving at-risk users -- that is, users who are more likely to experience a digital attack or to be disproportionately affected when harm from such an attack occurs -- can pose significant safety challenges to both users and researchers. Nevertheless, pursuing research in computer security and privacy is crucial to understanding how to meet the digital-safety needs of at-risk users and to design safer technology for all. To standardize and bolster safer research involving such users, we offer an analysis of 196 academic works to elicit 14 research risks and 36 safety practices used by a growing community of researchers. We pair this inconsistent set of reported safety practices with oral histories from 12 domain experts to contribute scaffolded and consolidated pragmatic guidance that researchers can use to plan, execute, and share safer digital-safety research involving at-risk users. We conclude by suggesting areas for future research regarding the reporting, study, and funding of at-risk user research

Computers and Society,Cryptography and Security,Human-Computer Interaction

Kijung Lee,Prudence Attablayo

DOI: https://doi.org/10.48550/arXiv.2303.07927

2023-03-14

Social and Information Networks

Abstract:This research aims to investigate the impact of users' privacy awareness on their self-disclosing behavior. Our primary research question is to investigate how young social media users feel about the benefits and risks of disclosing them-selves on social media and how risk-benefit awareness influences the assess-ment of their self-disclosure. Based on the data we recorded, the factor analysis, and three-way ANOVA, we conclude that users who know more about privacy benefits share more on social media (F= 36.291; df 1; sig < .001) while those who know less about the benefits disclose less on social media. According to the analysis, users who know more about self-disclosure risks share less on so-cial media (F= 7.001; df 1; sig < .001). Users disclose less information on so-cial media platforms based on the different levels of their risk perceptions (df 3, F=.715, sig < 0.5). This indicates that risks on social media platforms vary to some degree. We saw that people's sharing habits based on their levels of risk, benefits, and social media platforms can vary. One thing that remained certain was users' main benefit for engaging and disclosing on social media is their need to stay in touch with friends and their need for community. On the flip side, the main risk was the need not to be impersonated and misunderstood by people. Based on a simple frequency analysis of the open-ended questions we asked In our data collection, the most highlighted words in our responses were "people" and "friends". These were the two main words that stood out in all the data we collected concerning the benefits, risks, and intention to self-disclose.

Isabel Casas,Jose Hurtado,Xingquan Zhu

DOI: https://doi.org/10.1007/978-3-319-26187-4_44

2015-01-01

Abstract:Social networks are becoming pervasive in todays world. Millions of people worldwide are involved in different form of online networking, with Facebook being one of the most popular sites. Online networks allow individuals to connect with friends and family, and share their private information. One of the reasons for the popularity of virtual communities is the perception of benefits received from the community. However, problems with privacy and security of the users information may also occur, especially when members are not aware of the risks of posting sensitive information on a social network. Members of social networking sites could become victims of identity theft, physical or online stalking and embarrassment as a consequence of malicious manipulation of their profiles data. Although networking sites often provide features for privacy settings, a high percentage of users neither know nor change their privacy preferences. This situation brings to consideration about many important aspects of social network privacy, such as what are the privacy issues in social networks? what are common privacy threats or risks in social networks? how privacy can be measured in a meaningful way? and how to empower users with knowledge to make correct decisions when selecting privacy settings? The goal of this paper is twofold. First, we discuss potential risks and attacks of social network site users privacy. Second, we present the measurement and quantification of the social privacy, along with solutions for privacy protection.

Andrey Rodrigues,Maria Lúcia Villela,Eduardo Feitosa

DOI: https://doi.org/10.1145/3645086

IF: 16.6

2024-02-07

ACM Computing Surveys

Abstract:Online Social Networks (OSNs) are becoming pervasive in today’s world. Millions of people worldwide are involved in different forms of online networking. However, this ease of use of OSNs comes with a cost in terms of privacy. Users of OSNs become victims of identity theft, cyberstalking, and information leakage, which are real threats to privacy. These threats can obtain a user’s personal information and disclose it for malicious purposes. To understand how researchers are addressing this question, the state of the art of the existing privacy threats in OSNs described in the literature and the existing academic research-based solutions to address such threats were reviewed. To this end, we performed a systematic mapping study to identify, classify and analyze them. From the initial set of 1117 papers, we selected and extracted 45 publications reporting different threats and solutions. Based on this, this is the first systematic mapping study, to provide: a) well-defined categories of specific privacy threats in the OSN domain; and b) the available academic solutions for preventing these threats. Our results serve as a guide for researchers and analysts in academia and industry to understand the most important privacy threats in OSNs and make moves towards mitigating them.

computer science, theory & methods

Maria Karyda,Thanos Papaioannou,A. Tsohou

DOI: https://doi.org/10.1108/ICS-01-2020-0003

2021-04-05

Information and Computer Security

Abstract:Purpose This paper aims to identify the data elements that social network sites (SNS) users consider important for shaping their digital identity and explore how users’ privacy concerns, self-esteem and the chosen SNS shape this process. Design/methodology/approach This study conducted an online survey with the participation of 759 individuals, to examine the influence of privacy concerns, self-esteem and the chosen SNS platform, on the shaping of the digital identity, through a classification of identity elements that users disclose when using a SNS, the Rosenberg self-esteem scale and relevant constructs from the literature. Findings Findings reveal that users consider the name, gender, picture, interests and job as most important elements for shaping their digital identity. They also demonstrate that privacy concerns do not seem to affect the amount of information users choose to publish when shaping their digital identity. Specific characteristics of SNS platforms are found to affect the way that users shape their digital identity and their privacy behavior. Finally, self-esteem was found to affect privacy concerns and digital identity formation. Research limitations/implications To avoid a lengthy questionnaire and the risk of low participation, the respondents answered the questions for one SNS of their choice instead of answering the full questionnaire for each SNS that they use. The survey included the most popular SNSs at the time of the survey in terms of popularity. Practical implications The results contribute to the theory by furthering our knowledge on the elements that shape digital identity and by providing evidence with regard to the role of privacy and self-esteem within social networking. In practice, they can be useful for SNS providers, as well as for entities that design security and privacy awareness campaigns. Originality/value This paper identifies novel factors that influence digital identity formation, including the specific SNS used with its particular characteristics in combination with privacy concerns and self-esteem of the user.

Sociology,Psychology,Computer Science

Christos Ellinas,Neil Allan,Caroline Coombe

DOI: https://doi.org/10.48550/arXiv.1801.05759

2018-01-17

Risk Management

Abstract:Modern society heavily relies on strongly connected, socio-technical systems. As a result, distinct risks threatening the operation of individual systems can no longer be treated in isolation. Consequently, risk experts are actively seeking for ways to relax the risk independence assumption that undermines typical risk management models. Prominent work has advocated the use of risk networks as a way forward. Yet, the inevitable biases introduced during the generation of these survey-based risk networks limit our ability to examine their topology, and in turn challenge the utility of the very notion of a risk network. To alleviate these concerns, we proposed an alternative methodology for generating weighted risk networks. We subsequently applied this methodology to an empirical dataset of financial data. This paper reports our findings on the study of the topology of the resulting risk network. We observed a modular topology, and reasoned on its use as a robust risk classification framework. Using these modules, we highlight a tendency of specialization during the risk identification process, with some firms being solely focused on a subset of the available risk classes. Finally, we considered the independent and systemic impact of some risks and attributed possible mismatches to their emerging nature.

Imrul Kayes,Adriana Iamnitchi

DOI: https://doi.org/10.1016/j.osnem.2017.09.001

2015-01-28

Abstract:Online Social Networks (OSN) are a permanent presence in today's personal and professional lives of a huge segment of the population, with direct consequences to offline activities. Built on a foundation of trust-users connect to other users with common interests or overlapping personal trajectories-online social networks and the associated applications extract an unprecedented volume of personal information. Unsurprisingly, serious privacy and security risks emerged, positioning themselves along two main types of attacks: attacks that exploit the implicit trust embedded in declared social relationships; and attacks that harvest user's personal information for ill-intended use. This article provides an overview of the privacy and security issues that emerged so far in OSNs. We introduce a taxonomy of privacy and security attacks in OSNs, we overview existing solutions to mitigate those attacks, and outline challenges still to overcome.

Social and Information Networks,Cryptography and Security

Sibel Yildiz Çankaya,Yesim Can Saglam,Bulent Sezen

DOI: https://doi.org/10.1108/bpmj-07-2023-0561

2024-05-02

Business Process Management Journal

Abstract:Purpose With the increasing use of social media in operation and supply chain management (OSCM), it is of great importance for managers to consider risks in advance and take precautions against the risks that might arise from social media usage among supply chain members. The aim of this research is to identify and evaluate the risks related to the use of social media in OSCM. Design/methodology/approach An initial research of the literature revealed that there is no detailed risk categorization in this area. Current taxonomies on the business risks of social media usage were examined and integrated with classifications identified in a Delphi study. The authors empirically demonstrate how the determined risks are prioritized and how decision-makers may decide to manage risks effectively based on the analytical hierarchy process (AHP) method. Findings The findings of the research showed that reputation-associated risks such as criticism, language and loss of confidence should be prioritized over human, content and technical-associated risks. Originality/value To date, a comprehensive approach to determine risks arising from using social media in OSCM is missing. With the Delphi and AHP techniques, the authors provide a novel insight for managers to mitigate risks. The outcomes of this study may assist executives in achieving successful management of social media usage in OSCM. Besides, the proposed AHP model may provide guidelines and direction in this regard.

management,business

JaeWon Kim,Soobin Cho,Robert Wolfe,Jishnu Hari Nair,Alexis Hiniker

2024-10-22

Abstract:Privacy is essential to fully enjoying the benefits of social media. While fear around privacy risks can sometimes motivate privacy management, the negative impact of such fear, particularly when it is perceived as unaddressable (i.e., "dysfunctional" fear), can significantly harm teen well-being. In a co-design study with 136 participants aged 13-18, we explored how teens can protect their privacy without experiencing heightened fear. We identified seven different sources of dysfunctional fear, such as `fear of a hostile environment' and `fear of overstepping privacy norms.' We also evaluated ten designs, co-created with teen participants, that address these fears. Our findings suggest that social media platforms can mitigate dysfunctional fear without compromising privacy by creating a culture where privacy protection is the norm through default privacy-protective features. However, we also found that even the most effective privacy features are not likely to be adopted unless they balance the multifaceted and diverse needs of teens. Individual teens have different needs -- for example, public and private account users have different needs -- and teens often want to enjoy the benefits they get from slightly reducing privacy and widening their social reach. Given these considerations, augmenting default privacy features by allowing them to be toggled on and off will allow individual users to choose their own balance while still maintaining a privacy-focused norm.

Human-Computer Interaction

Sonia Livingstone,Peter K Smith

DOI: https://doi.org/10.1111/jcpp.12197

Abstract:Aims and scope: The usage of mobile phones and the internet by young people has increased rapidly in the past decade, approaching saturation by middle childhood in developed countries. Besides many benefits, online content, contact or conduct can be associated with risk of harm; most research has examined whether aggressive or sexual harms result from this. We examine the nature and prevalence of such risks, and evaluate the evidence regarding the factors that increase or protect against harm resulting from such risks, so as to inform the academic and practitioner knowledge base. We also identify the conceptual and methodological challenges encountered in this relatively new body of research, and highlight the pressing research gaps. Methods: Given the pace of change in the market for communication technologies, we review research published since 2008. Following a thorough bibliographic search of literature from the key disciplines (psychology, sociology, education, media studies and computing sciences), the review concentrates on recent, high quality empirical studies, contextualizing these within an overview of the field. Findings: Risks of cyberbullying, contact with strangers, sexual messaging ('sexting') and pornography generally affect fewer than one in five adolescents. Prevalence estimates vary according to definition and measurement, but do not appear to be rising substantially with increasing access to mobile and online technologies, possibly because these technologies pose no additional risk to offline behaviour, or because any risks are offset by a commensurate growth in safety awareness and initiatives. While not all online risks result in self-reported harm, a range of adverse emotional and psychosocial consequences is revealed by longitudinal studies. Useful for identifying which children are more vulnerable than others, evidence reveals several risk factors: personality factors (sensation-seeking, low self-esteem, psychological difficulties), social factors (lack of parental support, peer norms) and digital factors (online practices, digital skills, specific online sites). Conclusions: Mobile and online risks are increasingly intertwined with pre-existing (offline) risks in children's lives. Research gaps, as well as implications for practitioners, are identified. The challenge is now to examine the relations among different risks, and to build on the risk and protective factors identified to design effective interventions.

Noel Warford,Tara Matthews,Kaitlyn Yang,Omer Akgul,Sunny Consolvo,Patrick Gage Kelley,Nathan Malkin,Michelle L. Mazurek,Manya Sleeper,Kurt Thomas

DOI: https://doi.org/10.48550/arXiv.2112.07047

2021-12-13

Computers and Society

Abstract:At-risk users are people who experience elevated digital security, privacy, and safety threats because of what they do, who they are, where they are, or who they are with. In this systematization work, we present a framework for reasoning about at-risk users based on a wide-ranging meta-analysis of 85 papers. Across the varied populations that we examined (e.g., children, activists, women in developing regions), we identified 10 unifying contextual risk factors--such as oppression or stigmatization and access to a sensitive resource--which augment or amplify digital-safety threats and their resulting harms. We also identified technical and non-technical practices that at-risk users adopt to attempt to protect themselves from digital-safety threats. We use this framework to discuss barriers that limit at-risk users' ability or willingness to take protective actions. We believe that the security, privacy, and human-computer interaction research and practitioner communities can use our framework to identify and shape research investments to benefit at-risk users, and to guide technology design to better support at-risk users.