IDG News Service - Online social networks are gathering information about their users that those people never intended to disclose, and government regulation may be the only way to stop the practice, a researcher said Tuesday.
People deliberately disclose a great deal of their personal data to social networks such as Twitter, Facebook and LinkedIn, but the networks can use that information, and data about users' online behavior, to infer even more, allowing them to build extensive user profiles, said Christian Zimmermann, a researcher at the University of Freiburg in Germany, at the Amsterdam Privacy Conference.
For users to regain control over what the networks know about them would require the networks to be more transparent about their methods. That's unlikely to happen without regulation or an economic incentive, because transparent processes would be hard to implement and knowing less about their users is not in the networks' interest.
Existing techniques already allow the social networks to determine the purchasing power, ethnicity or political affiliation of users who did not intend to disclose such information, Zimmermann said. Making such inferences without informing the users constitutes a severe threat to privacy, and allows unprecedented user profiling, he said.
"Knowing someone's political affiliation might not be so important here, but it might be very important in countries like Syria," said Zimmermann, who added that kind of inferred data might have a big impact on someone's life there.
Indications of a user's purchasing power can also be useful for companies, he said. "Recently it was discovered that a hotel booking site showed more expensive hotels to Mac users that visited the site," Zimmermann said, referring to online booking site Orbitz, which showed site visitors rooms in more expensive hotels depending on the computer they used.
Similar techniques could benefit social networks such as Facebook, Twitter and LinkedIn, which offer a mostly free service to users, and generate the lion's share of their revenue by selling advertising space. The highest price is paid for targeted advertising that matches the user's interest and purchasing power, and inferred data could help a lot in targeting ads, Zimmermann said.
"Revenues from data-centric service providers depends directly on the data they gather from users," he said.
The problem is that social network users have no idea what information is pieced together about them, while from a privacy perspective, it should really be the user who is in control of the data, not the social network, Zimmermann said. "Of course there is a privacy risk, because there is derived data that you really did not intend to disclose. From a user prospective it is a black box."
Free Insider Guide
Rising salaries boost IT optimism, though not everyone is feeling upbeat. Our survey of 4,000+ IT workers shows who's riding the wave and why. Use our interactive tool and compare your own paycheck. Read more...
Copyright © 1994 - 2013 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
