introduction.tex 3.3 KB

12345678
  1. The reason for the inadequate protection of personal data lies in the centralized system structure used by all leading social platforms (e.g., Facebook and Twitter). With this structure, the data is stored centrally and mostly unencrypted. The service provider therefore inevitably has access to this data. It is not transparent to users, which data the service provider record during the use and what happens to the data.
  2. On the one hand, the user data is evaluated to improve the user experience (suggestions for content matching the user’s preferences using recommender systems), but on the other hand also to make a profit. With personalized advertisement and, in the worst case, by selling the data, revenues are generated. Furthermore, the protection of data against access by third parties via official interfaces (harvesting) or unauthorized hacking cannot be ruled out (e.g., Facebook's incident with Cambridge Analytica in March 2018 \cite{facebook2018cambridge-analytica}). Last but not least, due to applicable law, it may be necessary for data to be transferred to secret services or government agencies (e.g., Facebook had more than 100\,000 requests from governments between January and July 2018 \cite{facebookXXXXtake-down}).
  3. The criticism of the protection of privacy on the Internet, especially in social networks, is not new. Already in 2010, the founders of diaspora* discovered that no social network sufficiently protects the privacy of users\cite{diaspora2010kickstarter-pitch}. Although the problems and dangers of centralized \acp{OSN} are known for a long time and new scandals regularly become known to the public, the users remain mostly loyal to the respective social networks. As a result of the Cambridge Analytica incident, Facebook lost only a few users in Europe but is in the meantime back on the previous level \cite{facebook2019reportq4}. Alternative social networks, which focus on privacy protection (e.g., Vero\footnote{https://www.vero.co}, Ello\footnote{https://ello.co}), lack attractiveness regarding their design, complexity, and functionality. As a consequence, they do not get enough users and often fail after a short time. The connection to the respective social network is so strong that the barrier for switching to another, more secure social network is not overcome. The amount of content already created, the social network built up, and a large number of contacts using the same platform all create this so-called lock-in effect.
  4. If switching to another platform is not an alternative, it is necessary to look for better ways to protect users and their data on existing platforms. The Researcher Training Group (RTG) \enquote{Privacy and Trust for Mobile Users}\footnote{https://www.informatik.tu-darmstadt.de/privacy-trust/privacy\_and\_trust/index.en.jsp} in research area B \enquote{Privacy and Trust in Social Networks} is dealing with problems on this topic. Subarea B.2 deals especially with the protection of privacy in hybrid social networks. A hybrid approach allows the user to stay in the \ac{OSN} but is in control over his data. \cite{rtgXXXXarea-b,rtgXXXXarea-b2}
  5. In the following, a concept for a hybrid \ac{OSN} will be worked out that takes into account the interests of the different stakeholders. Besides, functionality requirements and potential limitations are listed. Finally, a solution strategy and a possible architecture are presented.