A Review of Privacy Decision-making Mechanisms in Online Social Networks

Abstract

Personal information of online social networks (OSNs) is governed by the privacy policies chosen by users besides OSN’s policies. Users make these decisions using privacy mechanisms, but privacy problems and regrets are daily reported. This article reviews current privacy mechanisms and solutions. For this, we analyze all the sub-decisions and elements of online communication involved in the privacy decision-making process. However, the differences in users’ motivations and the disclosure of too sensitive information (among others) can lead to loss of privacy. In this work, we identify requirements such as automation, preference-centered, relationship-based, and multi-party privacy mechanisms, which have been more researched. But also other requirements (recently emerged), such as privacy preservation with risk metrics, explainability, and ephemeral messages. We explore all the advances made in the literature, and we have seen that most of these have been focused on matching the users’ preferences with their decision (which is not appropriate, because users cannot evaluate all of the potential privacy scenarios) instead of assessing privacy risk metrics, adaptation, and explainability. Therefore, we have identified open challenges, such as metrics for assessing privacy risks, explainable solutions for users, ephemeral communication solutions, and the application of these requirements to the multi-party privacy scenario.