The cost of a more secure Facebook: almost half a million dollars.
Landon Cox, assistant professor of computer science, was recently awarded a $498,000 grant from the National Science Foundation to investigate privacy problems pertaining to online social networks like Facebook and MySpace. Cox is working with a team of two graduate students and collaborators at AT&T to identify and target potential privacy issues.
Cox said his team is concerned that users’ personal information is all controlled by a single centralized entity, making it vulnerable to hackers. The other danger, Cox explained, lies in the fact that social networking Web sites own rights to users’ information and can use that data as they see fit.
“Is there a way to get the same service and protect ourselves a little more?” Cox asked.
Cox and his collaborators aim to find a more decentralized setup. In this alternative, instead of personal information being concentrated in a single administrative domain, each user would upload his or her information into a Virtual Individual Server. This VIS would be one component of a peer-to-peer network.
“It’s a much safer model if you’re in control,” he said.
Cox proposed three possible uses for the VISs within the alternative social network. The first would require each user to host a VIS on his or her desktop, the second would involve “clouds” of servers hosting VISs and the third would be a hybrid of the two.
Cox added that if the privacy and ownership issues are not addressed in some way, the consequences could harm millions of users of social networking Web sites.
“I don’t think Facebook is evil,” Cox said. “But this information can leak. Administrators of these major Web sites can make mistakes and they leak data and it [can] get into the wrong hands.”
Cox cited a recent study from the University of Cambridge as only one of numerous examples showing that Facebook users’ data are not completely secure. Researchers found that photos deleted from Facebook accounts still existed on the Internet even six months later.
Cox said another example of privacy problems stems from location-based social networking sites like Foursquare, on which users update their location information with mobile devices such as iPhones or Blackberrys.
“When location comes into the equation, the danger really goes up,” he said.
Get The Chronicle straight to your inbox
Signup for our editorially curated, weekly newsletter. Cancel at any time.
David McDonald, NSF program manager of Cox’s project, said that although NSF had the opportunity to reduce the proposed funding for the research, it opted not to. The difficult engineering challenges of the project posed by the development of peer-to-peer networks merited the significant sum, he said.
Sophomore Ali Cohen questioned whether the funding was necessary to research privacy on social networking sites.
“If you’re thinking about it in the grand scheme of things, you kind of choose to make a Facebook,” Cohen said. “So why should [NSF] be investing all this money?”
But sophomore Angela Sheng said she supports this newest effort to solve social networking Web sites’ privacy problems and would delete her Facebook account if she felt it invaded her privacy.
“[Facebook’s] nice, but I’d rather be safe than anything else,” she said.