Privacy impact assessment for online social networks

Outlet Title

International Conference on Collaboration Technologies and Systems (CTS)

Document Type

Conference Proceeding

Publication Date



Many threats and attacks have been found in online social networks. When a security incident happens and data loss occurs, it is important to assess how the lost data affects user privacy. Most approaches for privacy impact assessment are based on checklists and auditions. There is lack of quantitative analysis approach to study privacy impact. Privacy impact assessment is a very challenging issue. First, data loss includes direct data loss, indirect data loss, and potential data loss. The impact of these data loss to user privacy should all be considered. Second, privacy impact assessment requires measuring privacy. Privacy measurement itself is a challenging issue. Third, users are all connected in a social network. Data loss may spread and propagate across the whole social network. In this paper, we summarize issues and challenges for privacy impact assessment. We further propose a quantitative analysis approach to assess privacy impact for online social networks. Two particular challenges are considered in the paper, privacy impact assessment when partial user information is disclosed, and privacy impact assessment when a group of user accounts are compromised. The paper provides a quantitative analysis approach for government agencies, enterprises, and organizations to assess privacy impact for online social networks when a security incident occurs.