Data control in social networks

Social networks are very popular for several years and are one of the most important communication channels in the Internet today. Facebook and Twitter are well-known examples. According to a study of the Nielsen Company, communication on social networks already has overtaken the use of Email. Numerous users are releasing a lot of private information and details about their daily habits and lifestyle, trusting the correct treatment and protection of their data as appointed in the terms of usage. Furthermore, not only private communication but also in the commercial environment, advertising and business contacts are done by social networks and are increasingly important. On the other side, headlines of data leakage are appearing day-to-day. Also, the creation of user profiles or disposition of posted messages is an upcoming and fast evolving threat. The use of protected connections like TLS is not enough, because the data itself presented on the servers of the social networks is not secured. Yet, there is no solution for ensuring the confidentiality of the user data stored on a public server and accessible for a specific user group on the one side and being fully transparent and without any server-side requirements for the protection on the other side. Therefore, new concepts are necessary to enable the users to protect their own information by themselves without the need for cooperation of the service provider. We propose a new concept for securing shared information on public servers in a transparent manner. A first prototype for the Firefox browser and the social network Facebook was built and tested very successfully. It has a modular design and therefore it is easy to include new websites or cryptographic modules. The mode of operation is transparent for the user and very easy to use. By the use of our encryption concept, the user can control the distribution of her data in an easy and effective way.