What if you could measure your online privacy and get the results as a number, something like a credit score? Assistant Professor of Computer Science Evimaria Terzi is developing a tool to do just that.
“In the future, people will have a privacy score,” Terzi says. “The same way they have a credit score. They go online, they check it, and they decide what to do.”
Terzi envisions that such an online privacy score will serve as a kind of mirror for users, a way to gauge just how much information they have divulged to the world via social networking applications such as Facebook, Twitter, and blogs. Currently, it takes headlines about online privacy breaches and data theft to change behavior, and then only temporarily. “You can see that people become more and more cautious when they hear of cases,” she says.
Terzi is interested in better understanding behavioral trends related to what people put online and under what circumstances, and also wants to provide Internet denizens with a reliable way to quantify how much privacy they’ve ceded—and how much they have left.
With the help of a National Science Foundation grant, Terzi and two graduate students in the Computer Science Department, Theodoros Lappas and Behzad Golshan, are mining data gleaned from thousands of public online user profiles.
“When you sit behind your computer, you don’t know how many people are going to see what you put online.” Evimaria Terzi
Once they account for a certain amount of “noise” in the data—some people, for example, don’t give out certain information, like a website address, because they are concealing it, while others lack a URL to give—Terzi and her team assign point values to the kinds of disclosure they observe. In the end, under their model, users’ choices result in a number. The higher the number, the less private the user’s online world. A “good” score, according to Terzi, would start in the 700–800 range and then improve the lower it went. Terzi rates about a 400 on the scale.
“But this was not the case before I became involved in this work,” she says of her rating. Since the project began, she has pulled access to parts of her social networking profiles, from pictures to personal details.
“I am more skeptical now,” Terzi says. “I don’t want people to see where I was on May 26. First of all, I don’t think that they should care. Why should someone know that person X is engaged to person Y? Why should you make it public?”
Terzi isn’t categorically opposed to online social networking, she adds—she simply wants her research to prompt awareness and a process of self-evaluation that many people seem not to apply to their online behavior. She first started thinking about online privacy after observing her colleagues’ behavior, and she plans to implement a public version of her online privacy scoring system soon.
“I feel that computer scientists, in general, are introverted people,” Terzi says. “But when they go online they get crazy. They create different personas for themselves. I have friends like that. But when you sit behind your computer, you don’t know how many people are going to see what you put online. You somehow have to get people to question this.”