UnFriendly: Multi-party privacy risks in social networks

Kurt Thomas, Chris Grier, David M. Nicol

Research output: Chapter in Book/Report/Conference proceedingConference contribution


As the popularity of social networks expands, the information users expose to the public has potentially dangerous implications for individual privacy. While social networks allow users to restrict access to their personal data, there is currently no mechanism to enforce privacy concerns over content uploaded by other users. As group photos and stories are shared by friends and family, personal privacy goes beyond the discretion of what a user uploads about himself and becomes an issue of what every network participant reveals. In this paper, we examine how the lack of joint privacy controls over content can inadvertently reveal sensitive information about a user including preferences, relationships, conversations, and photos. Specifically, we analyze Facebook to identify scenarios where conflicting privacy settings between friends will reveal information that at least one user intended remain private. By aggregating the information exposed in this manner, we demonstrate how a user's private attributes can be inferred from simply being listed as a friend or mentioned in a story. To mitigate this threat, we show how Facebook's privacy model can be adapted to enforce multi-party privacy. We present a proof of concept application built into Facebook that automatically ensures mutually acceptable privacy restrictions are enforced on group content.

Original languageEnglish (US)
Title of host publicationPrivacy Enhancing Technologies - 10th International Symposium, PETS 2010, Proceedings
Number of pages17
StatePublished - Aug 16 2010
Event10th International Symposium on Privacy Enhancing Technologies, PETS 2010 - Berlin, Germany
Duration: Jul 21 2010Jul 23 2010

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume6205 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Other10th International Symposium on Privacy Enhancing Technologies, PETS 2010

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)


Dive into the research topics of 'UnFriendly: Multi-party privacy risks in social networks'. Together they form a unique fingerprint.

Cite this