"Social networks have changed the world. Now they need to be changed."
Social networks have changed the world. Now they need to be changed. A KTH researcher is part of an international project to improve privacy on the web.
In an increasingly connected world, much information that was once private is now shared among anything from hundreds to millions of people. Yet, if the level of social media use is any indication, relatively few people seem to mind: nearly one-sixth of the world’s people are active users of Facebook.
What many of them don’t seem to realise is how exposed their data is, and the extent to which it can be used by service providers and third parties, says Sarunas Girdzijauskas, Assistant Professor in Communications Networks.
“Everybody has a Facebook or Google + account today, and is very happy about it,” he says. “We think everything is free on social networks, but in a sense, we pay by giving away our private data to be monetised by social network providers.”
One problem is centralised data management. Social networks store and manage your data – photos, videos, contact information and messages – along with data from millions of other users in huge data centres around the world. Centralised storage makes it easier for someone to tap into your personal data. Girdzijauskas adds that these centres are also expensive to run and are environmentally unsustainable.
Another concern is ownership of information, which becomes increasingly difficult for the user to determine when the terms and conditions of these services are constantly changing. Complicating matters further is the question of whose laws apply when the user’s social network provider is registered in another country and the data is stored in yet another.
“If a photo I posted last month becomes very famous in different social networks, it’s very likely that the social network provider owns the rights by now,” Girdzijauskas says.
So, how we can ensure the same instantaneous global spread and functionalities that we enjoy in today’s social networks, and at the same time keep our data private?
A consortium that includes seven research partners from five countries has proposed a way. They designated a team of 11 PhD students and five postdocs to develop technologies that enable decentralised online social networks. Instead of data being handed over to centralised social network providers, it can be intelligently distributed on a number of devices belonging to trusted individuals.
Precisely how users can know who to trust is the main issue being addressed by those working on the research project that Girdzijauskas coordinates called iSocial. This project is funded by the European research fellowship programme Marie Curie Actions.
The starting point of iSocial is to enable people to exchange data locally. Most people don’t use the full capacity of their computer’s hard drive, so the researchers are exploring how they can take advantage of this fact.
But how can I trust my friends not to peek at my data? And what if my friend’s computer is switched off? How can I then get an overview of my data? These questions are being addressed by those working on the project.
“We are building decentralised search, storage and data dissemination networks which are secure and based on trust relationships among the involved users,” Girdzijauskas says.
In order to get access to your data, your friend’s computer has to be up and running. So the researchers are looking into a solution similar to peer-to-peer (P2P), keeping your data with people you trust.
To maximise data availability, they are also considering how many replicas of data are needed to assure access when you want it.
“Maybe we will not be able to guarantee the same quality of service as Facebook, for example, since uploading and downloading will depend on local conditions,” Girdzijauskas says. “But maybe that’s the price we will have to pay to protect our privacy.”
Along with the friendlier distributed storage, researchers are also developing an open source platform – for distributed machine learning that will enable pooling of global trends while keeping user data secret.
People’s privacy will be preserved by a distributed data algorithm. The pooling application is installed on the social network for the benefit of all users including private individuals as well as companies.
For example, if someone wants to inquire about a salary range for a particular segment or group, iSocial algorithms will enable the pooling application to quickly converge to a correct prediction without any need for private user data to ever leave their machine, and without being exposed to third parties.
“As the total data is aggregated, your user data never leaves your device and nobody can peek at your data – they can only see where it comes from,” Girdzijauskas says.
Up and coming internet players have a lot to gain from this distributed model too, Girdzijauskas believes. Today there is a major barrier preventing smaller companies from entering the social network market. Only large companies that have the resources to keep big data storage centres can host your data. And smaller companies are unable to launch social media applications without making commitments to the network giants such as Facebook and Google. A distributed model would – apart from empowering people – also empower small companies.
Whether people will want to accept delays or changes in the quality of service in order to protect their privacy is up to the test in iSocial.
“The question is, do you want your data to be stored with people you know, or with someone you don’t know; and you have no idea how they are going to use your information?
“We will know if users are concerned about their privacy by the end of this project.”
Marie Androv Broms