Private Date Exposure in Facebook and the Impact of Comprehensible Audience Selection Controls

TL;DR

This study measures actual data exposure on Facebook, showing that simplified privacy controls influence the type of shared content, with sharing behaviors also varying by users' country of origin.

Contribution

It provides empirical data on user content exposure and demonstrates the impact of comprehensible audience controls on privacy configuration and sharing patterns.

Findings

Content visibility does not significantly decrease with simpler controls.

The composition of shared content changes with improved privacy interfaces.

Sharing behaviors vary significantly by users' country of origin.

Abstract

Privacy in Online Social Networks (OSNs) evolved from a niche topic to a broadly discussed issue in a wide variety of media. Nevertheless, OSNs drastically increase the amount of information that can be found about individuals on the web. To estimate the dimension of data leakage in OSNs, we measure the real exposure of user content of 4,182 Facebook users from 102 countries in the most popular OSN, Facebook. We further quantify the impact of a comprehensible privacy control interface that has been shown to extremely decrease configuration efforts as well as misconfiguration in audience selection. Our study highlights the importance of usable security. (i) The total amount of content that is visible to Facebook users does not dramatically decrease by simplifying the audience selection interface, but the composition of the visible content changes. (ii) Which information is uploaded to Facebook as well as which information is shared with whom strongly depends on the user's country of origin.