For purposes of this paper, we define "Personally identifiable information" (PII) as information which can be used to distinguish or trace an individual's identity either alone or when combined with other information that is linkable to a specific individual. The popularity of Online Social Networks (OSN) has accelerated the appearance of vast amounts of personal information on the Internet. Our research shows that it is possible for third-parties to link PII, which is leaked via OSNs, with user actions both within OSN sites and elsewhere on non-OSN sites. We refer to this ability to link PII and combine it with other information as "leakage". We have identified multiple ways by which such leakage occurs and discuss measures to prevent it. Categories and Subject Descriptors C.2 [Computer-Communication Networks]: Network Protocols--applications General Terms Measurement Keywords Online Social Networks, Privacy, Personally Identifiable Information
Balachander Krishnamurthy, Craig E. Wills