— The emphasis of emerging mobile and Web 2.0 applications on collaboration and communication increases threats to user privacy. A serious, yet under-researched privacy risk results from social inferences about user identity, location and other personal information. In this paper, after analyzing the social inference problem theoretically, we assess the extent of the risk to users of computer-mediated communication and location based applications through 1) a laboratory experimentation, 2) a mobile phone field study, and 3) simulation. Our experimentation involved the use of 530 user-created profiles and a 292-subject laboratory chat-study between strangers. The field study explored the patterns of collocation and anonymity of 165 users using a location-aware mobile-phone survey tool. The empirical data was then utilized to populate large-scale simulations of the social inference risk. The work validates the theoretical model, highlights the seriousness of the social inference risk, ...
Sara Motahari, Sotirios G. Ziavras, Mor Naaman, Mo