TY - GEN
T1 - The Privacy in the Time of the Internet
T2 - 2nd ACM Conference on Data and Application Security and Privacy, CODASPY'12
AU - Pontual, Murillo
AU - Gampe, Andreas
AU - Chowdhury, Omar
AU - Kone, Bazoumana
AU - Ashik, Md Shamim
AU - Winsborough, William H.
N1 - Publisher Copyright: © 2012 ACM.
PY - 2012
Y1 - 2012
N2 - In the current time of the Internet, specifically with the emergence of social networking, people are sharing both sensitive and non-sensitive information among each other without understanding its consequences. Federal regulations exist to mandate how sensitive information (e.g., SSN, health records, etc.) of a person can be shared (or, used) by organizations. However, there are no established norms or practices regarding how information that is deemed to be not sensitive may be used or shared. Furthermore, for the sake of transparency, different organizations reveal small amounts of non-sensitive information (i.e., photos, salaries, work hours, size of the houses, etc.) about their clients or employees. Although such information seems insignificant, the aggregation of it can be used to create a partial profile of a person which can later be used by malicious parties for robbery, extortion, kidnapping, etc. The goal of this work is to create awareness by demonstrating that it is plausible to create such a partial profile of a person just by crawling the Internet. For this, we have developed an open source framework that generates batch crawlers to create partial profiles of individuals. We also show empirical comparisons of the amount of information that can be gathered by using free and also paid websites.
AB - In the current time of the Internet, specifically with the emergence of social networking, people are sharing both sensitive and non-sensitive information among each other without understanding its consequences. Federal regulations exist to mandate how sensitive information (e.g., SSN, health records, etc.) of a person can be shared (or, used) by organizations. However, there are no established norms or practices regarding how information that is deemed to be not sensitive may be used or shared. Furthermore, for the sake of transparency, different organizations reveal small amounts of non-sensitive information (i.e., photos, salaries, work hours, size of the houses, etc.) about their clients or employees. Although such information seems insignificant, the aggregation of it can be used to create a partial profile of a person which can later be used by malicious parties for robbery, extortion, kidnapping, etc. The goal of this work is to create awareness by demonstrating that it is plausible to create such a partial profile of a person just by crawling the Internet. For this, we have developed an open source framework that generates batch crawlers to create partial profiles of individuals. We also show empirical comparisons of the amount of information that can be gathered by using free and also paid websites.
KW - information sharing
KW - internet
KW - privacy
KW - social networking
KW - transparency
UR - https://www.scopus.com/pages/publications/85040977667
U2 - 10.1145/2133601.2133618
DO - 10.1145/2133601.2133618
M3 - Conference contribution
SN - 9781450310918
T3 - CODASPY'12 - Proceedings of the 2nd ACM Conference on Data and Application Security and Privacy
SP - 133
EP - 140
BT - CODASPY'12 - Proceedings of the 2nd ACM Conference on Data and Application Security and Privacy
PB - Association for Computing Machinery
Y2 - 7 February 2012 through 9 February 2012
ER -