SocSec Paper Accepted by International Workshop on Social Network Security
Title: Detecting Unintentional Information Leakage in Social Media News Comments
Authors: Inbal Yahav, David G. Schwartz, Gahl Silverman
Abstract: This paper is concerned with unintentional information leakage through private users of social networks, and in particular, Facebook. Organizations, such as the military, businesses and the courts, often use forms of self-censorship in order to maintain security. Non-identification of individuals, products, or places is often seen as a sufficient means of information protection. We contend that in the age of social networking and social media such non-identification is ineffective as a security measure. A prime example of such censorship is the replacement of a name with a supposedly non-identifying initial. Such censorship has traditionally been deemed effective in obfuscating information regarding the identification of military personnel, protected witnesses, minors, victims or suspects who, for various reasons, need to be granted a level of protection through anonymity. In this paper we challenge the effectiveness of this form of censorship in light of current uses and ongoing developments in Social Networks. We observe that name-obfuscation mandated by court or military order can be systematically compromised through the unintentional actions of public social network commenters in what we term unintentional information leakage (UIL). We propose a qualitative method for recognition and characterization of UIL behaviors leading to this unintentional censorship circumvention, followed by a quantitative study that automatically detects UIL comments.