Security and Privacy in Online Social Networks

Introduction 

In our day to day lives, online social networks aspect is permeating our lives. The evolution of online social networks from platforms used to disseminate news and communicate socially to indispensable tools used to interface professionally has become a reality due to the unparalleled popularity. Due to its complexity and heterogeneity, security and privacy issues in our online social networks have become critical and they need to get highlighted. The online social network security and privacy is an issue because some developers have come up with sites and applications that spy on users personal data or even sell the data to advertisers (Zhang and Gupta, 2018). By doing this, the developers of such applications are infringing the rights of its users. This paper will highlight how the centralized online social networks will pose serious security and privacy threat to the users because of the unlimited access to the user's data. 

Detailed description of the area researched 

Most applications and websites used on social media have been identified to have information on privacy practices that is poor. The privacy issues arise because of functionality designing of the online social networks. The network's design is to share generated content from the user (Quinn, 2018). This functionality shows that for these applications and social network site to operate, they need private information from the users to become public. 

A good example is a medical or health applications. The medical application program assures the users of its quality through its accreditation mechanisms. Its ability to control information privacy risks, however, is not known well. According to Huckvale et al. (2015), 66% of applications used to send and identify information through the internet lacked encryption. The study further revealed that more than 20% percent of the apps also lacked a clear privacy policy. When applications lack strong encryption codes and transparent privacy policy, it automatically places the users at risk of data theft. 

The technology involved in the area 

Some of the techniques involved in this area include social networking websites, health and wellness applications, and the internet. Social networking sites are interactive platforms where users create accounts with their profiles and interact with other users. Users on social networking site have an option to confirm or deny new users basing on the kind of connection the two are sharing. Online social networks include Facebook, Twitter, MySpace, Pinterest, LinkedIn, and Bebo. Over the recent years, the popularity of social networks has risen drastically with over eight hundred and twenty-nine million active users on Facebook each day (O'Brolchain, Jacquemard, Monaghan, O'Connor, Novitzky, & Gordjin, 2016). Facebook is an example of a social network site that has both professional and private life. Facebook users create personal accounts which they use to connect with other users across the globe. Facebook allows sharing of data with other users. The data shared include pictures, videos, and web links. News feeds from status updates from other user members connected is also a service offered by Facebook. 

LinkedIn, on the other hand, is a site that is solely used for professional connections. The LinkedIn social site has features that allow users to upload listings of different jobs. When businesses need an employee, they can quickly go through the profile and select a candidate that fits the required qualifications. Various companies also have their pages with the necessary background information on their corporate side indicated. Mailboxes and news feeds are some of the features present on the site. Twitter also like Facebook gives instant updates from people who the users follow. Twitter is also a popular online network service where users can post what anything with the number of characters limited to one hundred and forty. 

Apart from using websites, these social media networks also have applications that are installed in devices like mobile phones. The entire social networks have various privacy concerns since the number of users is very high and also the site processes vast amounts of data in a single day. The privacy levels vary from one social network site to the other. Sites like Facebook encourage the use of real names date of birth and even phone numbers. Most users on this social network sites tend to reveal a lot of information about them and at the same time concerned about their privacy. 

Health and wellness applications are also increasing which is bringing about a privacy concern to its users. In as much as it is a positive move contributing to the wellbeing of patients, privacy concern questions still arise. How well are these health and wellness application prepared to protect the patient's information? The internet also raises some privacy concerns since it connects more than a billion people around the world (Huckvale, Prieto, Tilney, Benghozi & Car, 2015). The internet is undoubtedly central to many individuals' lives concerning data transfer, communication and also relaying information. 

The internet's, unlike other social networks where users don't control their privacy, users make decisions concerning their privacy and security. The decisions made by users include accessing an open Wi-Fi network at a café or creating a password for your shopping site. The internet understanding of the user will determine the kind of decisions an individual will make (Kang, Dabbish, Fruchter, & Kiesler, 2015). Regarding the internet, the privacy and security concern may be affected by the technological know-how of the users. Location-based services have in recent years also gained enormous popularity due to technological advancement in mobile and communication. Just like other social networks, the location-based service's security and privacy has not yet been dealt with well. 

Future trends in the area 

The future direction regarding the security and privacy of online social networks is an essential topic. The fact that the current world is full of security and privacy concerns beg the question how prepared is the website and application developers to address these issues. The first area of focus will be the future security of the network. One way is to put in place a physical layer of protection. The primary objective behind a physical security layer is ensuring that the transmission process is error free. Also, another future security trend is information-centric networking (Jiang, Cui & Faloutsos, 2016). The networking security feature also is known as publish/subscribe is scalable and addresses efficiency and space when distributing immense amounts of data. The design further provides for the security properties such as availability, authenticity, and authorization unlike the current ones provided like add-in features. The infrastructural integrity is also essential. All elements tasked to perform functions aligned with networking will not be corrupted in any way and must have resilience against any security threat. 

The future exchange of information on the internet will also require protection like the current one through both techniques that are cryptography and the steganography. Steganography is the next security addition that will ensure discreteness when sending direct messages on online social networks. This technique will conceal the fact that a message has been submitted and also make the two users invincible (Jiang, Cui & Faloutsos, 2016). This new technique offers both anonymity and privacy on top of communication security an aspect desired highly in this modern society. Steganography will also play a vital role in minimization of any potential malicious threats in the future if well analyzed, and its functionality of network protocols gets understood clearly considering its complexity in nature. 

Just like security, privacy is another major networking concern. The most affected areas are multi-hop wireless networks. The exposure of data among the nodes even when encrypted is high. Anonymous networking helps with the provision of the traffic flow of data to avoid any possible eavesdropper in the transmission process. In this future security proposal, the attacker won't access or decrypt the information (Jiang, Cui & Faloutsos, 2016). The data transfers will use a transmitter schedule that is fixed and independent from any traffic demands. Due to the dynamic nature of attacks targeting online social networks, the developers must think on how to modify the already existing security models to ensure that any attack levelled at the system gets averted. 

Another future trend concerning the security and privacy of online social network understands the internet well. Following the internet does not necessarily imply that all the technical details get understood but rather the essential details that will help make good decisions concerning the user's privacy and security (Jiang, Cui & Faloutsos, 2016). Some of the necessary features are how the system works and also the obeying various recommendations like when instructed to increase the strengths of passwords. The developers can also develop systems in line with how internet users are thinking to meet their various expectations. At the same time when users learn more about the internet, communication from the policymakers to the lay people will get understood very easily 

According to Kang et al. (2015) internet users who show exemplary skills are found to generate more content and manage their presence online. Also, internet knowledge helps users in the modification of their privacy settings in any social network site. The social network site's privacy management also increases when users get to learn more details about privacy-related knowledge. The users should understand that the internet is changing from time to time and they need to update their knowledge to keep up with the changes. 

Example companies involved in the area 

Security and privacy scandals are not something new to online social network services. In the past various high profile technologies have got involved in privacy issues leading to exposure of the user's data. Other companies together with other third parties also collect the user's data without their knowledge and selling it which is against the privacy rules. Facebook is one of the companies that were actively involved in the privacy and security case during the last United States of America's general elections. The data scandal that involved mark Zuckerberg's Facebook with Cambridge Analytica a company that was part of the current United States of America's campaign was revealed early last year by a whistleblower (Meredith, 2018). Cambridge Analytica used millions of user's data for political purposes from Facebook without their consent. The first report about the illegal harvest of data was in December 2016 by a Guardian journalist. The scandal again erupted in 2018 something that forced Facebook's CEO to appear before the United States Congress. 

What happened is that Facebook exposed data of up to 87 million users to a Cambridge Analytica researcher. The researcher by the name Kogan developed an application for Facebook that was to conduct some questions. In the process of holding the questions, the application exposed a loophole in Facebook something that led to the collection of data from not only the users taking the questions but also the friends of the quiz takers as well. This act exposed some Facebook users' accounts without their knowledge. The fact that a secure social network site was able to lose data to a third party ignites the debate whether the many users across the globe can trust Facebook to secure their data (Meredith, 2018). A whistleblower by the name Wylie Christopher claimed that data harvested from Facebook by Cambridge Analytica was used to deliver pro-Trump materials online through the creation of psychographic profiles. Even though Facebook's CEO did apologize, online network users have lost faith in the privacy and security mechanisms put in place the site by the website developers. 

Also in 2010, Facebook got involved with another scandal. Over ten application affiliated to Facebook shared the user's data without their consent with advertisers. The data shared included the users' names and their details. This privacy issue affected over ten million Facebook users including those that used private settings stringently. This privacy issue came about after the past case against Facebook for transmitting the identity numbers of users once they clicked on advertisement to the advertising companies. Facebook CEO promised to do a thorough audit process for any third party that was to get involved with the company. 

Also, in the year 2011, a California based insurer got its patient data exposed. The privacy breach exposed more than two million personal data of its clients. The data included their names, social security numbers, financial and health data and also their addresses. The data that stored in hard drives by IBM which was the contractor then went missing. Over one and half million policyholders lot their social security numbers. The health net insurer together with IBM was sued by the by the nation over the privacy breach. Google also was in trouble in the year 2007 when they added a feature on Google maps called street view. The street view feature with the help of webcams provided a panoramic view of a street something that exposed individuals' private life and ever since Google has been facing paying fines from complaints against them and facing multiple audits on their features. 

Regulatory issues surrounding the area 

To avoid the problems concerning online social networks security and privacy, the relevant stakeholders and the government have come together to find various ways to reduce or prevent the technological companies losing their users information. The companies dealing with social networks should develop features that are simple to use so that users can avoid clicking on anything they fell uncomfortable with (Magid, 2013). These features should apply to the tracking cookies and also when setting up their profiles on social networks. The government also should take part in imparting knowledge to the public who are the users on how to protect themselves from online security and privacy issues. The government also should ensure that companies always disclose full information on the potential threats that a particular application or website is likely to cause to the users and also follow their stated privacy guidelines. 

The government should ensure that they follow due process when they need to access the citizen's private information. By following the due process, the government acts as an example to other companies to emulate (Magid, 2013). Additionally, the government should also ensure that they do not over-regulate nor be relaxed with the laws something that will encourage innovation and at the same time good practices across the social network platforms. There are various security and privacy guidelines that are in place to ensure that the online presence users are not threatened whatsoever. Users should always ensure that they set up strong passwords for social network sites that require them to have one (Budd, 2018). Also when accessing websites or various applications, you should ensure that you are using a secure network meaning users should not use any network available without knowing if it's safe. Such like networks that are available anywhere may have malicious programs that will end up coping a user's personal information. 

Online social network users should also ensure that they have an up to date security package. The security package is essential in protecting the user's device against any malware that may arise. Users should always avoid using free security packages since they offer the necessary protection leaving the devices vulnerable to security threats. Users should also take their time and read the applications or the websites stated policies and guidelines before engaging in any online activities. By reading through, the users verify all the potential privacy threats that they may get exposed to. Hence they can consider opting out or continuing. A weekly scan by good security software should at least get done once in a week to keep the devices secure. The users as well should always make sure that they do not disclose a lot of personal information on their social network channels. 

Global implications for the area 

Lack of privacy and secure online networks has a significant consequence on the news passed across to the public. Fake news was one of the tactics employed by Cambridge Analytica in the 2016 general elections of the United States of America. Fake news is an act of deliberately misinforming the public via print or social media platforms. In 2016 Cambridge Analytica access Facebook's information and harvested millions of user's data without their knowledge and used it for political gains. According to Gunther, (2018), fake news contributed a lot in the determination of the general elections outcome. During the campaign period, over twenty-five thousand messages were shared and half of the messages being unverified. 

Facebook since then as put in place various mechanisms to combat the rise of fake news. More than a million accounts get the stop when being created for not meeting the required guidelines. The Facebook Company has ensured that the management will also deactivate any account peddling fake news. The company's main aim is to increase transparency levels when anything is adversities on the platform including political news. Additionally, Facebook is developing additional features whose primary purpose is to monitor any abuse (Economic Times, 2018) proactively. Facebook wants to invest in both the users and the technology. Over fifty thousand members have joined the team from across the globe. The main aim to have these people on board is to help do a review of any unwanted content in more than fifty languages. These reviews will help the company get ready to defeat any unwanted behaviour on the social network. 

In conclusion, issues regarding social network services are susceptible. The more technology is improving, and many social networking sites are getting upgraded, users are always getting exposed to more security and privacy threats. Mobile applications and websites can greatly disclose the user's personal information to unwanted persons. In as much as technology is good, it also has its ugly side. Health applications and websites also are at risk of exposing essential details of patients and even their social security number. The social networking sites also risk getting infiltrated if the passwords and login details don't get handled carefully. The government and the various stakeholders have come together to ensure that the give regulatory measures and firm guidelines to reduce and even avoid online networking security and privacy issues. The users should also ensure that the privacy settings get followed keenly to prevent losing data. 

References 

Budd, Christopher. (2018) Suggested Security and Privacy Guidelines for Social Media https://maximizesocialbusiness.com/12-suggested-security-privacy-guidelines-social-media-9765/ 

Economic Times. (2018) Facebook blocks account to combat fake news, monitor abuse, and increase transparency 

Gunther, Richard. Nisbet, Erik. Beck, Paul. (2018) Trump may owe his 2016 victory to ‘fake news,’ new study suggests https://theconversation.com/trump-may-owe-his-2016-victory-to-fake-news-new-study-suggests-91538 

Huckvale, K., Prieto, J. T., Tilney, M., Benghozi, P., & Car, J. (2015). Unaddressed privacy risks in accredited health and wellness apps: a cross-sectional systematic assessment. BMC Medicine , 13 (214). Retrieved from https://bmcmedicine.biomedcentral.com/articles/10.1186/s12916-015-0444-y?report=reader#Sec11 

Kang, R., Dabbish, L., Fruchter, N., & Kiesler, S. (2015). “My Data Just Goes Everywhere:” User mental models of the internet and implications for privacy and security. From the 2015 Symposium on Usable Privacy and Security . 

Magid, larry. (2013) online Privacy and Security is a Shared Responsibility: Government, Industry and You 

Meredith, Sam. (2018) Facebook-Cambridge Analytica: A timeline of the data hijacking scandal https://www.cnbc.com/2018/04/10/facebook-cambridge-analytica-a-timeline-of-the-data-hijacking-scandal.html 

O’Brolchain, F., Jacquemard, T., Monaghan, D., O’Connor, N., Novitzky, P., & Gordjin, B. (2016). The convergence of virtual reality and social networks – Threats to privacy and Autonomy. Science and Engineering Ethics , 22 (1), 1-29. 

Sun, Y., Wang, N., Shen, X., & Zhang, J. X. (2015). Location information disclosure in location-based social network services: Privacy calculus, benefit structure, and gender differences. Computers in Human Behavior , 52 , 278-292. 

Xiao, X., Chen, C., Sangaiah, A. K., Hu, G., Ye, R., Jiang, Y. (2018). CenLocShare: A centralized privacy-preserving location-sharing system for mobile online social networks. Future Generation Computer Systems , 86 , 863-872. Retrieved from https://www.sciencedirect.com/science/article/pii/S0167739X17301723