Role of Apps in Undoing of Privacy Policies on Facebook - 32th IFIP Annual Conference on Data and Applications Security and Privacy (DBSec)
Conference Papers Year : 2018

Role of Apps in Undoing of Privacy Policies on Facebook

Vishwas T. Patil
  • Function : Author
  • PersonId : 1026654
Nivia Jatain
  • Function : Author
  • PersonId : 1040502
R. K. Shyamasundar
  • Function : Author
  • PersonId : 1026655

Abstract

Facebook allows its users to specify privacy settings for the information they share with other users and Apps. Apps seek a set of permissions from the user at the time of installation. There is no check that is performed to evaluate any possible adverse implications of App’s permissions on the in-force privacy settings of an user. In this paper, we have investigated Facebook’s platform for access to users’ data by Apps and Advertisers. By signing up with Facebook, users implicitly trust the platform, which they believe can be held accountable in case of a breach. However, similar expectation of accountability from Apps is hard to imagine and difficult to ensure. At times, Apps have as much access to user data as Facebook and such a common access to user data undermines provenance of data leakage. Recently, though Facebook has reduced the extent of data access for Apps by deprecating certain APIs, a systematic design approach is missing for platform-wide access policy specification and conformance. We have presented several scenarios where App permissions are violating user privacy policies. Our findings have been presented with the help of experiments using Facebook Developer Platform.
Fichier principal
Vignette du fichier
470961_1_En_6_Chapter.pdf (318.96 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01954411 , version 1 (13-12-2018)

Licence

Identifiers

Cite

Vishwas T. Patil, Nivia Jatain, R. K. Shyamasundar. Role of Apps in Undoing of Privacy Policies on Facebook. 32th IFIP Annual Conference on Data and Applications Security and Privacy (DBSec), Jul 2018, Bergamo, Italy. pp.85-98, ⟨10.1007/978-3-319-95729-6_6⟩. ⟨hal-01954411⟩
228 View
145 Download

Altmetric

Share

More