SoK: Managing Longitudinal Privacy of Publicly Shared Personal Online Data

Authors: Theodor Schnitzler† (RuhrUniversität Bochum, Bochum, Germany), Shujaat Mirza† (Courant Institute of Mathematical Sciences, New York University, New York City, NY, USA), Markus Dürmuth (Ruhr-Universität Bochum, Bochum, Germany), Christina Pöpper (New York University Abu Dhabi, Abu Dhabi, UAE)

Volume: 2021
Issue: 1
Pages: 229–249
DOI: https://doi.org/10.2478/popets-2021-0013

Download PDF

Abstract: Over the past decade, research has explored managing the availability of shared personal online data, with particular focus on longitudinal aspects of privacy. Yet, there is no taxonomy that takes user perspective and technical approaches into account. In this work, we systematize research on longitudinal privacy management of publicly shared personal online data from these two perspectives: user studies capturing users’ interactions related to the availability of their online data and technical proposals limiting the availability of data. Following a systematic approach, we derive conflicts between these two sides that have not yet been addressed appropriately, resulting in a list of challenging open problems to be tackled by future research. While limitations of data availability in proposed approaches and real systems are mostly time-based, users’ desired models are rather complex, taking into account content, audience, and the context in which data has been shared. Our systematic evaluation reveals interesting challenges broadly categorized by expiration conditions, data coownership, user awareness, and security and trust.

Keywords: Longitudinal Privacy Management, Online Exposure, Personal Data

Copyright in PoPETs articles are held by their authors. This article is published under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 license.