Could your social networks spill your secrets?
In an article at the end of last year we looked at some of the ways data-mining techniques are being used by marketeers and security services to extract sometimes private information by assembling huge amounts of data from web visits, emails, purchases, and more.
Now researchers at Google caution in a paper (pdf) that by becoming entangled in ever more social networks online, people are building up their own piles of revealing data. And as more websites gain social features, even the things users strive to keep private won't necessarily stay that way, they suggest.
As a hypothetical example, combining public information on, say, the business social network LinkedIn with that on another like MySpace could reveal that one of your key business contacts spends their free time in full Kiss makeup, even their two profiles are kept relatively anonymous and are not linked directly in any way.
That approach is dubbed "merging social graphs" by the researchers. In fact, it has already been used to identify some users of the DVD rental site Netflix, from a supposedly anonymised dataset released by the company. The identities were revealed by combining the Netflix data with user activity on movie database site IMDb.
The Google team's proposed solution is a kind of privacy warning system. When you sign up for a new online service, it would take a look on the internet and let you know if there's a risk that the new information you are uploading could be used to make connections about you.
The Google team's paper
(Under)mining privacy in social networks (pdf)
will be presented at the
Web 2.0 Security and Privacy 2009 meeting in May.