|
|
@@ -1,10 +1,8 @@
|
|
|
-The criticism of the protection of privacy on the Internet, especially in social networks, is not new. As early as 2010, the founders of diaspora* discovered that there was no social network that sufficiently protected the privacy of users\cite{diaspora2010kickstarter-pitch}. Their idea of a decentralized network that protected user data by design convinced so many people that even before the start of the development people donated \$200,000 instead of the required \$10,000 to a Kickstarter campaign.
|
|
|
+The reason for the inadequate protection of personal data lies in the centralized system structure used by all leading social platforms (e.g., Facebook and Twitter). With this structure, the data is stored centrally and mostly unencrypted. The service provider therefore inevitably has access to this data. It is not transparent to users, which data the service provider record during the use and what happens to the data.
|
|
|
+On the one hand, the user data is evaluated to improve the user experience (suggestions for content matching the user’s preferences using recommender systems), but on the other hand also to make a profit. With personalized advertisement and, in the worst case, by selling the data, revenues are generated. Furthermore, the protection of data against access by third parties via official interfaces (harvesting) or unauthorized hacking cannot be ruled out (e.g., Facebook's incident with Cambridge Analytica in March 2018 \cite{facebook2018cambridge-analytica}). Last but not least, due to applicable law, it may be necessary for data to be transferred to secret services or government agencies (e.g., Facebook had more than 100\,000 requests from governments between January and July 2018 \cite{facebookXXXXtake-down}).
|
|
|
|
|
|
-The reason for the inadequate protection of personal data lies in the centralized system structure used by all leading social platforms. With this structure, the data is stored centrally and mostly unencrypted. The service provider therefore inevitably has access to this data. Which data is collected during use and what happens to the data is not transparent to the user.
|
|
|
-On the one hand, the user data is evaluated in order to improve the user experience (suggestions for content matching the user’s preferences using recommender systems), but on the other hand also in order to make a profit. Revenues can be generated through personalized advertising or, in the worst case, through the sale of data. Furthermore, the protection of data against access by third parties via official interfaces (harvesting) or unauthorized hacking cannot be ruled out. Last but not least, due to applicable law, it may be necessary for data to be transferred to secret services or government agencies.
|
|
|
+The criticism of the protection of privacy on the Internet, especially in social networks, is not new. Already in 2010, the founders of diaspora* discovered that no social network sufficiently protects the privacy of users\cite{diaspora2010kickstarter-pitch}. Although the problems and dangers of centralized \acp{OSN} are known for a long time and new scandals regularly become known to the public, the users remain mostly loyal to the respective social networks. As a result of the Cambridge Analytica incident, Facebook lost only a few users in Europe but is in the meantime back on the previous level \cite{facebook2019reportq4}. Alternative social networks, which focus on privacy protection (e.g., Vero\footnote{https://www.vero.co}, Ello\footnote{https://ello.co}), lack attractiveness regarding their design, complexity, and functionality. As a consequence, they do not get enough users and often fail after a short time. The connection to the respective social network is so strong that the barrier for switching to another, more secure social network is not overcome. The amount of content already created, the social network built up, and a large number of contacts using the same platform all create this so-called lock-in effect.
|
|
|
|
|
|
-Although the problems and dangers are known for a long time and new scandals regularly become known to the public, the users remain mostly loyal to the respective social networks. Alternative social networks, which focus on privacy protection (e.g., Vero\footnote{https://www.vero.co}, Ello\footnote{https://ello.co}), lack attractiveness so that they gain only a few users and often fail after a short time. The connection to the respective social network is so strong that the barrier to switch to another, more secure social network is not overcome. The amount of content already created, the social network built up, and a large number of contacts using the same platform all create this so-called lock-in effect.
|
|
|
+If switching to another platform is not an alternative, it is necessary to look for better ways to protect users and their data on existing platforms. The Researcher Training Group (RTG) \enquote{Privacy and Trust for Mobile Users}\footnote{https://www.informatik.tu-darmstadt.de/privacy-trust/privacy\_and\_trust/index.en.jsp} in research area B \enquote{Privacy and Trust in Social Networks} is dealing with problems on this topic. Subarea B.2 deals especially with the protection of privacy in hybrid social networks. A hybrid approach allows the user to stay in the \ac{OSN} but is in control over his data. \cite{rtgXXXXarea-b,rtgXXXXarea-b2}
|
|
|
|
|
|
-If switching to another platform is not an alternative, it is necessary to look for ways to better protect users and their data on existing platforms. The Researcher Training Group (RTG) \enquote{Privacy and Trust for Mobile Users}\footnote{https://www.informatik.tu-darmstadt.de/privacy-trust/privacy\_and\_trust/index.en.jsp} in research area B \enquote{Privacy and Trust in Social Networks} is dealing with problems like this. Subarea B.2 deals specifically with the protection of privacy in hybrid social networks.
|
|
|
-
|
|
|
-In the following, a concept for a hybrid \ac{OSN} will be worked out that takes into account the interests of the different stakeholders. Besides, functionality requirements and potential limitations are listed. Finally, a solution strategy is shown, and a possible architecture is presented.
|
|
|
+In the following, a concept for a hybrid \ac{OSN} will be worked out that takes into account the interests of the different stakeholders. Besides, functionality requirements and potential limitations are listed. Finally, a solution strategy and a possible architecture are presented.
|
