Incidental Data: Observation of Privacy Compromising Data on Social Media Platforms

TL;DR

This paper demonstrates how easily unintentional social media data can be exploited to compromise privacy, highlighting the need for increased awareness and legal changes to protect individuals.

Contribution

It introduces two novel methods for revealing private data from social media and proposes a thirteen-step awareness guideline and legislative changes.

Findings

Two hours of manual data collection can reveal private information

Two methods effectively uncover unintentional data

Proposed awareness guideline and legal recommendations

Abstract

Social media plays an important role for a vast majority in one's internet life. Likewise, sharing, publishing and posting content through social media became nearly effortless. This unleashes new threats as unintentionally shared information may be used against oneself or beloved ones. With open source intelligence data and methods, we show how unindented published data can be revealed and further analyze possibilities that can potentially compromise one's privacy. This is backed up by a popular view from interviewed experts from various fields of expertise. We were able to show that only 2 hours of manually fetching data are sufficient in order to unveil private personal information that was not intended to be published by the person. Two distinctive methods are described with several approaches. From our results, we were able to describe a thirteen-step awareness guideline and proposed a change of law within Austrian legislation. Our work has shown that awareness among persons on social media needs to be raised. Critically reflecting on our work has revealed several ethical implications that made countermeasures necessary; however, it can be assumed that criminals do not do that.