About | Remix Defined | The Book | Texts | Projects | Travels/Exhibits | Remixes/Lists| Twitter

REBLOG: Could Your Social Networks Spill Your Secrets?, by Tom Simonite

Image and Text: NewScientist

Originally posted on January 7, 2009

Via Netbehaviour.org

In an article at the end of last year we looked at some of the ways data-mining techniques are being used by marketeers and security services to extract sometimes private information by assembling huge amounts of data from web visits, emails, purchases, and more.

Now researchers at Google caution in a paper (pdf) that by becoming entangled in ever more social networks online, people are building up their own piles of revealing data. And as more websites gain social features, even the things users strive to keep private won’t necessarily stay that way, they suggest.

As a hypothetical example, combining public information on, say, the business social network LinkedIn with that on another like MySpace could reveal that one of your key business contacts spends their free time in full Kiss makeup, even their two profiles are kept relatively anonymous and are not linked directly in any way.

That approach is dubbed “merging social graphs” by the researchers. In fact, it has already been used to identify some users of the DVD rental site Netflix, from a supposedly anonymised dataset released by the company. The identities were revealed by combining the Netflix data with user activity on movie database site IMDb.

The Google team’s proposed solution is a kind of privacy warning system. When you sign up for a new online service, it would take a look on the internet and let you know if there’s a risk that the new information you are uploading could be used to make connections about you.

In 2007 computer scientists at Palo Alto Research Center, California, and the University of Waterloo, Ontario, built a similar warning system. It calculates whether data about to be released – for example medical records sent to insurers – could be combined with publically available information – for example wikipedia articles on health conditions – to reveal diagnoses purposefully removed from the original data.

It occurs to me that such warning systems can easily be turned on their heads, and become a kind of automated data detective. How long before such programs are circulated online to help people learn the secrets of others?

The Google team’s paper (Under)mining privacy in social networks (pdf) will be presented at the Web 2.0 Security and Privacy 2009 meeting in May.

Tom Simonite, online technology editor

Comments are closed.

Current Projects