Third-party apps on Facebook: privacy and the illusion of control

Authors:
Na Wang;Heng Xu;Jens Grossklags
Affiliations:
The Pennsylvania State University, University Park, PA;The Pennsylvania State University, University Park, PA;The Pennsylvania State University, University Park, PA
Venue:
CHIMIT '11 Proceedings of the 5th ACM Symposium on Computer Human Interaction for Management of Information Technology
Year:
2011

Citing 9
Cited 6

Information revelation and privacy in online social networks

Proceedings of the 2005 ACM workshop on Privacy in the electronic society
Noticing notice: a large-scale experiment on the timing of software license agreements

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Understanding privacy settings in facebook with an audience view

UPSEC'08 Proceedings of the 1st Conference on Usability, Psychology, and Security
A "nutrition label" for privacy

Proceedings of the 5th Symposium on Usable Privacy and Security
Trained to accept?: a field experiment on consent dialogs

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Users' (mis)conceptions of social applications

Proceedings of Graphics Interface 2010
Contextual gaps: privacy issues on Facebook

Ethics and Information Technology
ROAuth: recommendation based open authorization

Proceedings of the Seventh Symposium on Usable Privacy and Security
Privacy: is there an app for that?

Proceedings of the Seventh Symposium on Usable Privacy and Security

Third-party applications' data practices on facebook

CHI '12 Extended Abstracts on Human Factors in Computing Systems
Helping Johnny 2.0 to encrypt his Facebook conversations

Proceedings of the Eighth Symposium on Usable Privacy and Security
Research Note---Effects of Individual Self-Protection, Industry Self-Regulation, and Government Regulation on Privacy Concerns: A Study of Location-Based Services

Information Systems Research
An online experiment of privacy authorization dialogues for social applications

Proceedings of the 2013 conference on Computer supported cooperative work
Appinspect: large-scale evaluation of social networking apps

Proceedings of the first ACM conference on Online social networks
Designing the default privacy settings for facebook applications

Proceedings of the companion publication of the 17th ACM conference on Computer supported cooperative work & social computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

Little research examines the privacy threats associated with the use of third-party apps on Facebook. To address this gap in the literature, we systematically study third-party apps' current practices for privacy notice and consent by: i) collecting data from the 1800 most popular Facebook apps to record their data collection practices concerning users and their friends, and ii) developing our own Facebook app to conduct a number of tests to identify problems that exist in the current design of authentication dialogs for third-party apps on Facebook. To address these problems, we propose two new interface designs for third-party apps' authentication dialogs to: i) increase user control of apps' data access and restrict apps' publishing ability during the process of adding them to users' profiles, and ii) alert users when their global privacy settings on Facebook are violated by apps. This research provides both conceptual and empirical insights in terms of design recommendations to address privacy concerns toward third-party apps on Facebook.