A look into user privacy andthird-party applications in Facebook. (26th July 2021)
- Record Type:
- Journal Article
- Title:
- A look into user privacy andthird-party applications in Facebook. (26th July 2021)
- Main Title:
- A look into user privacy andthird-party applications in Facebook
- Authors:
- Seng, Sovantharith
Al-Ameen, Mahdi Nasrullah
Wright, Matthew - Abstract:
- Abstract : Purpose: A huge amount of personal and sensitive data are shared on Facebook, which makes it a prime target for attackers. Adversaries can exploit third-party applications connected to a user's Facebook profiles (i.e. Facebook apps) to gain access to this personal information. Users' lack of knowledge and the varying privacy policies of these apps make them further vulnerable to information leakage. However, little has been done to identify mismatches between users' perceptions and the privacy policies of Facebook apps. This paper aims to address this challenge in the work. Design/methodology/approach: The authors conducted a lab study with 31 participants, where the authors received data on how they share information on Facebook, their Facebook-related security and privacy practices and their perceptions on the privacy aspects of 65 frequently-used Facebook apps in terms of data collection, sharing and deletion. The authors then compared participants' perceptions with the privacy policy of each reported app. Participants also reported their expectations about the types of information that should not be collected or shared by any Facebook app. Findings: The analysis reveals significant mismatches between users' privacy perceptions and reality (i.e. privacy policies of Facebook apps), where the authors identified over-optimism not only in users' perceptions of information collection but also in their self-efficacy in protecting their information in Facebook despiteAbstract : Purpose: A huge amount of personal and sensitive data are shared on Facebook, which makes it a prime target for attackers. Adversaries can exploit third-party applications connected to a user's Facebook profiles (i.e. Facebook apps) to gain access to this personal information. Users' lack of knowledge and the varying privacy policies of these apps make them further vulnerable to information leakage. However, little has been done to identify mismatches between users' perceptions and the privacy policies of Facebook apps. This paper aims to address this challenge in the work. Design/methodology/approach: The authors conducted a lab study with 31 participants, where the authors received data on how they share information on Facebook, their Facebook-related security and privacy practices and their perceptions on the privacy aspects of 65 frequently-used Facebook apps in terms of data collection, sharing and deletion. The authors then compared participants' perceptions with the privacy policy of each reported app. Participants also reported their expectations about the types of information that should not be collected or shared by any Facebook app. Findings: The analysis reveals significant mismatches between users' privacy perceptions and reality (i.e. privacy policies of Facebook apps), where the authors identified over-optimism not only in users' perceptions of information collection but also in their self-efficacy in protecting their information in Facebook despite experiencing negative incidents in the past. Originality/value: To the best of the knowledge, this is the first study on the gap between users' privacy perceptions around Facebook apps and reality. The findings from this study offer direction for future research to address that gap through designing usable, effective and personalized privacy notices to help users to make informed decisions about using Facebook apps. … (more)
- Is Part Of:
- Information and computer security. Volume 29:Number 2(2021)
- Journal:
- Information and computer security
- Issue:
- Volume 29:Number 2(2021)
- Issue Display:
- Volume 29, Issue 2 (2021)
- Year:
- 2021
- Volume:
- 29
- Issue:
- 2
- Issue Sort Value:
- 2021-0029-0002-0000
- Page Start:
- 283
- Page End:
- 313
- Publication Date:
- 2021-07-26
- Subjects:
- Perceptions -- Facebook -- User study -- Computer privacy -- Third-party applications
Computer security -- Management -- Periodicals
Computer networks -- Security measures -- Periodicals
Data protection -- Management -- Periodicals
658.47 - Journal URLs:
- http://www.emeraldinsight.com/loi/ics ↗
http://www.emeraldinsight.com/ ↗ - DOI:
- 10.1108/ICS-08-2019-0108 ↗
- Languages:
- English
- ISSNs:
- 2056-4961
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 4481.796000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 17804.xml