12345678910 |
- The criticism of the protection of privacy on the Internet, especially in social networks, is not new. As early as 2010, the founders of diaspora* discovered that there was no social network that sufficiently protected the privacy of users\cite{diaspora2010kickstarter-pitch}. Their idea of a decentralized network that protected user data by design convinced so many people that even before the start of the development people donated \$200,000 instead of the required \$10,000 to a Kickstarter campaign.
- The reason for the inadequate protection of personal data lies in the centralized system structure used by all leading social platforms. With this structure, the data is stored centrally and mostly unencrypted. The service provider therefore inevitably has access to this data. Which data is collected during use and what happens to the data is not transparent to the user.
- On the one hand, the user data is evaluated in order to improve the user experience (suggestions for content matching the user’s preferences using recommender systems), but on the other hand also in order to make a profit. Revenues can be generated through personalized advertising or, in the worst case, through the sale of data. Furthermore, the protection of data against access by third parties via official interfaces (harvesting) or unauthorized hacking cannot be ruled out. Last but not least, due to applicable law, it may be necessary for data to be transferred to secret services or government agencies.
- Although the problems and dangers are known for a long time and new scandals regularly become known to the public, the users remain mostly loyal to the respective social networks. Alternative social networks, which focus on privacy protection (e.g., Vero\footnote{https://www.vero.co}, Ello\footnote{https://ello.co}), lack attractiveness so that they gain only a few users and often fail after a short time. The connection to the respective social network is so strong that the barrier to switch to another, more secure social network is not overcome. The amount of content already created, the social network built up, and a large number of contacts using the same platform all create this so-called lock-in effect.
- If switching to another platform is not an alternative, it is necessary to look for ways to better protect users and their data on existing platforms. The Researcher Training Group (RTG) \enquote{Privacy and Trust for Mobile Users}\footnote{https://www.informatik.tu-darmstadt.de/privacy-trust/privacy\_and\_trust/index.en.jsp} in research area B \enquote{Privacy and Trust in Social Networks} is dealing with problems like this. Subarea B.2 deals specifically with the protection of privacy in hybrid social networks.
- In the following, a concept for a hybrid \ac{OSN} will be developed that takes into account the interests of the different stakeholders. Besides, functionality requirements and potential limitations are listed. Finally, a solution strategy is shown, and a possible architecture is presented.
|