Significance
SNS are designed to connect people together online. Users share information and build relationships online. Privacy leaks can still occur even with privacy settings intact. Users’ connections on SNS can reveal personal information such as having friends from the same university can lead to an inference that a person attends that university. Furthermore, even if a person has strict privacy settings enabled, their privacy can still be leaked through their connections who may not have as many privacy settings in place. This calls for enhanced privacy settings that can tolerate different privacy settings while allowing online connections. The ability to control who views their content influences users’ decision to share or not share images on SNS such asDefault settings
Privacy settings for SNS have default settings that set up users to automatically share personal information the user has inputted. For example,Users' role in privacy settings
Theories
Privacy settings are situated in the framework of thePrivacy paradox
By accepting privacy policies and therefore agreeing to default settings set in place by companies, users are prone to oversharing information. However, users usually do not change their privacy settings unless they personally experience a privacy invasion or unintentionally share information. In a study exploring the connection between Facebook attitudes and behaviors, having a friend experience a privacy invasion (''e.g.'' someone hacking into their profile) did not lead to one implementing privacy changes. A possible explanation for this is theInfluences
Another reason users do not alter their privacy settings is a lack of knowing these settings exist. Facebook users that know privacy settings exist are more likely to change them compared to users who do not know privacy settings exist. Furthermore, with Facebook, users explain their lack of privacy setting alteration because the choice to choose who is a Facebook friend is already a form of privacy. However, Debatin ''et al.'' emphasizes that the criteria individuals use to decide who is a Facebook friend is typically relaxed, posing privacy risks for users. In a different study, it was shown that the number of friends who had a private profile increased the likelihood that a user would adopt a private profile. Furthermore, the amount of time a person spent on Facebook and women were more likely to have a private profile. A private Facebook profile was defined as changing the default settings so non-friends cannot search for their profile. If the data is valuable, privacy is prevalent on the app, and implementing privacy settings is easy, users say they are more likely to engage in privacy behavior.Updated privacy settings
In May 2020, Facebook began implementing the option to give users to delete or archive past posts from a certain time or from certain people. This "Manage Activity" option allows more security and privacy control for users. This tool is only accessible through the mobile app and has yet to be adapted to the web version of Facebook.Companies' role in privacy settings
Policy design
However, users are not the sole party involved in privacy. Companies are also responsible for implementing default privacy settings and creating options. Romele ''et al.'' acknowledges that social media companies often play a significant role in perpetuating the voluntary servitude of users. Social mediaPrinciple of reciprocity
Default settings put users on a specific trajectory regarding their privacy. The principle of reciprocity (PoR) is played out in terms of privacy and sociability on these networks. PoR is the concept that users who give their privacy receive application utility in return. In aProfit
SNS companies who want to increase revenue from advertisements can achieve this by increasing the number of users and retention rate. Lin ''et al.'' revealed that both informational and territorial privacy are user concerns with SNS. Territory coordination, the access to an individual's virtual territory which can be a Facebook profile or a Twitter page, influences user privacy management more than informational disclosure. More fine-grain privacy settings are recommended by Lin ''et al''. to better suit a wide collection of territorial and informational privacy preferences. By targeting user preferences and needs, companies can increase the number of users on their platforms and increase their revenue. This serves as a monetary motivation for companies to adjust their privacy settings to better support users.External contributors in privacy settings
Culture
Societal norms
Societal norms can also contribute to privacy setting behavior. Close friends’ own privacy behavior can influence a person's intentions to also participate in similar behavior. However, intentions may not always lead to action which was seen in Saeri ''et al''.’s study. Two weeks after indicating intentions to engage in privacy protection behavior on a survey, most participants did nothing. An explanation lies in the habitual nature of using Facebook, making it difficult for some to change their behavior. Facebook also encourages users to share information which shapes norms that influence behavior. Norms serve a role in influencing privacy behavior.Enhancements
Design
With the growing prevalence of social media, the risk for privacy leaks becomes more and more possible. Privacy settings can help protect users if designed and used in specific ways. Privacy settings could be re-designed with the intention of protecting the user as much as possible. This is called privacy by design. Privacy by design aims to limit the risks of information sharing while maintaining or possibly increasing the benefits. Privacy policies can be complex and unclear which serves as an obstacle to users understanding their privacy. Potential changes in privacy settings include simpler privacy policies that are concise, clear, and understood by the user. Incorporating reminders for users to check, and possibly update their privacy settings occasionally may increase privacy awareness. With default settings designed for users to keep an open profile, Watson ''et al.'' offered a different default setting design. Facebook default privacy settings could be altered to be more conservative (''e.g.'' not being searchable by anyone on Facebook) to possibly prevent unintentional information sharing. However, utility needs to be balanced with default privacy settings. If default privacy settings were too strict and closed off, the functionality of social media apps could decrease. A balance between default privacy settings that protect the user from unwanted privacy leaks but also allow users to socialize and interact online should be considered. When first choosing privacy settings, it may be useful to choose from pre-made profiles that have varying levels of privacy in them. Sanchez ''et al.''’s study revealed that profile examples accurately reflect user privacy preferences and beliefs; this limits the discrepancy between privacy beliefs and privacy behavior. Along with the profile examples, users could also manually change and adjust their privacy settings accordingly after. This keeps the privacy setting process flexible and more convenient than manually choosing each privacy setting option. Furthermore, a simulation tool that informs users about posts and comments’ visibility can encourage users to use privacy settings more. Sayin ''et al.'' created a Facebook simulation tool that showed users how a post's audience setting was going to affect comment owners and their privacy. For example, if a user commented on a post that was initially only viewable by friends but later changed to public, the user's privacy is risked because Facebook does not notify users of this audience change. 95% of participants that used the simulation tool believed that this tool would help increase Facebook privacy awareness.Software
Anytime a new connection is made on a social media app, users could be prompted to set privacy settings for that specific individual. This may be tedious and too effortful for some users to use effectively. However, this can be balanced with the assistance of software tools such as a personal data manager. This software can be used to take into account user's privacy wants, and apply appropriate privacy settings that match these preferences to an individual's accounts. However, more research needs to be conducted to make sure this software can accurately apply privacy preferences to privacy settings. Personal data managers have the potential to help users become more involved in their privacy and lessen the effort for setting privacy controls. Another software, AID-S (Adaptive Inference Discovery Service) personalizes each user's privacy preferences since what is considered private information varies from each individual. Torre ''et al.'' found that AID-S can be used to find a user's preferred privacy settings and help users make more informed decisions regarding privacy including third party inclusion. Furthermore, a framework was created for smart home information processing that includes a two layer security that improves user privacy. This framework incorporates user privacy preferences, similar to the personal data manager, and usesTrust-based negotiations
Trust-based negotiations are based on a contingency of acceptance or rejection from the user. In respect to privacy, trust-based negotiations have been offered as a diversion from the binary of accepting or rejecting privacy policies in full, and allow acceptance and rejection of specific parts of the privacy policies. This allows users to have more control over their privacy and allow interaction between the two parties. TheInteractive educational games
The privacy paradox is contributed by lack of privacy knowledge, fatigue, and feeling distant from a privacy invasion. Education and increasing intrinsic motivation can help alleviate the effect of these contributors, and in turn, the privacy paradox. However, in a study that tested the effectiveness of an interactive privacy smartwatch game, game players were more likely to engage in privacy behavior such as enabling a lock screen. The game was personalized where users could create their ownSee also
*References
{{reflist, refs= {{Cite journal, last1=Li, first1=Yan, last2=Li, first2=Yingjiu, last3=Yan, first3=Qiang, last4=Deng, first4=Robert H., date=March 2015, title=Privacy leakage analysis in online social networks, journal=Computers & Security, volume=49, pages=239–254, doi=10.1016/j.cose.2014.10.012, s2cid=4988526 , issn=0167-4048, url=https://ink.library.smu.edu.sg/sis_research/2806 {{Cite journal, last1=Lewis, first1=Kevin, last2=Kaufman, first2=Jason, last3=Christakis, first3=Nicholas, date=October 2008, title=The Taste for Privacy: An Analysis of College Student Privacy Settings in an Online Social Network, journal=Journal of Computer-Mediated Communication, volume=14, issue=1, pages=79–100, doi=10.1111/j.1083-6101.2008.01432.x, issn=1083-6101, doi-access=free {{Cite journal, last=Fuller, first=Caleb S., s2cid=53625280, date=2019-02-13, title=Is the market for digital privacy a failure?, journal=Public Choice, volume=180, issue=3–4, pages=353–381, doi=10.1007/s11127-019-00642-2, issn=0048-5829 {{Cite journal, last1=Debatin, first1=Bernhard, last2=Lovejoy, first2=Jennette P., last3=Horn, first3=Ann-Kathrin, last4=Hughes, first4=Brittany N., date=October 2009, title=Facebook and Online Privacy: Attitudes, Behaviors, and Unintended Consequences, journal=Journal of Computer-Mediated Communication, volume=15, issue=1, pages=83–108, doi=10.1111/j.1083-6101.2009.01494.x, issn=1083-6101, doi-access=free {{Cite journal, last1=Khalil, first1=Ashraf, last2=Zia, first2=Huma, last3=Abdallah, first3=Salam, date=2019, title=Privacy in the context of reciprocity:conceptualizing users' choices, journal=Online Information Review, volume=43, pages=1316–1333 {{Cite journal, last1=Sanchez, first1=Odnan Ref, last2=Torre, first2=Ilaria, last3=Knijnenburg, first3=Bart P., date=October 2020, title=Semantic-based privacy settings negotiation and management, journal=Future Generation Computer Systems, volume=111, pages=879–898, doi=10.1016/j.future.2019.10.024, issn=0167-739X, doi-access=free {{Cite journal, last1=Li, first1=Yao, last2=Gui, first2=Xinning, last3=Chen, first3=Yunan, last4=Xu, first4=Heng, last5=Kobsa, first5=Alfred, s2cid=53228462, date=November 2018, title=When SNS Privacy Settings Become Granular, journal=Proceedings of the ACM on Human-Computer Interaction, volume=2, issue=CSCW, pages=1–21, doi=10.1145/3274377, issn=2573-0142, doi-access=free {{Cite journal, last1=Hu, first1=Xiaoxia, last2=Hu, first2=Donghui, last3=Zheng, first3=Shuli, last4=Li, first4=Wangwang, last5=Chen, first5=Fan, last6=Shu, first6=Zhaopin, last7=Wang, first7=Lina, s2cid=8300434, date=2017-02-10, title=How people share digital images in social networks: a questionnaire-based study of privacy decisions and access control, journal=Multimedia Tools and Applications, volume=77, issue=14, pages=18163–18185, doi=10.1007/s11042-017-4402-x, issn=1380-7501 {{Cite journal, last1=Romele, first1=Alberto, last2=Gallino, first2=Francesco, last3=Emmenegger, first3=Camilla, last4=Gorgone, first4=Daniele, date=2017-05-08, title=Panopticism is not Enough: Social Media as Technologies of Voluntary Servitude, url=https://ojs.library.queensu.ca/index.php/surveillance-and-society/article/view/not_enough, journal=Surveillance & Society, language=en, volume=15, issue=2, pages=204–221, doi=10.24908/ss.v15i2.6021, issn=1477-7487, doi-access=free {{Cite journal, last1=Liang, first1=Hai, last2=Shen, first2=Fei, last3=Fu, first3=King-wa, s2cid=30609708, date=2016-05-12, title=Privacy protection and self-disclosure across societies: A study of global Twitter users, journal=New Media & Society, language=en-US, volume=19, issue=9, pages=1476–1497, doi=10.1177/1461444816642210, issn=1461-4448 {{Cite journal, last=De Wolf, first=Ralf, date=2019-09-14, title=Contextualizing how teens manage personal and interpersonal privacy on social media, journal=New Media & Society, volume=23, issue=6, pages=1158–1075, doi=10.1177/1461444819876570, s2cid=219962009, issn=1461-4448 {{Cite journal, last=De Wolf, first=Ralf, date=2019-09-14, title=Contextualizing how teens manage personal and interpersonal privacy on social media, journal=New Media & Society, volume=22, issue=6, pages=1058–1075, doi=10.1177/1461444819876570, s2cid=219962009, issn=1461-4448 {{Cite journal, last1=Saeri, first1=Alexander K, last2=Ogilvie, first2=Claudette, last3=La Macchia, first3=Stephen, last4=Smith, first4=Joanne, last5=Louis, first5=Winnifred R, date=2019-01-31, title=Predicting Facebook Users' Online Privacy Protection: Risk, Trust, Norm Focus Theory, and the Theory of Planned Behavior, journal=The Journal of Social Psychology, volume=154, issue=4, pages=352–69, doi=10.31234/osf.io/x3tjb, pmid=25154118, hdl=10871/18706, hdl-access=free {{Cite journal, last1=WatsonJason, last2=Richter, first2=LipfordHeather, last3=BesmerAndrew, s2cid=17796129, date=2015-11-02, title=Mapping User Preference to Privacy Default Settings, journal=ACM Transactions on Computer-Human Interaction , volume=22, issue=6, pages=1–20, language=EN, doi=10.1145/2811257 {{Cite journal, last1=Adorjan, first1=Michael, last2=Ricciardelli, first2=Rosemary, date=2019-01-15, title=A New Privacy Paradox? Youth Agentic Practices of Privacy Management Despite "Nothing to Hide" Online, journal=Canadian Review of Sociology, volume=56, issue=1, pages=8–29, doi=10.1111/cars.12227, pmid=30648354, hdl=1880/107108, s2cid=58627644, issn=1755-6171, hdl-access=free {{Cite journal, last1=Williams, first1=Meredydd, last2=Nurse, first2=Jason R.C., last3=Creese, first3=Sadie, s2cid=153312534, date=October 2019, title=Smartwatch games: Encouraging privacy-protective behaviour in a longitudinal study, journal=Computers in Human Behavior, volume=98, pages=38–54, doi=10.1016/j.chb.2019.04.026, arxiv=1905.05222, issn=0747-5632 {{Cite news , first=Geoffrey A. , last=Fowler , title=Perspective {{! Now you can delete old Facebook posts without deleting Facebook, url=https://www.washingtonpost.com/technology/2020/06/02/facebook-manage-activity/, access-date=2020-07-20, newspaper=Washington Post, language=en {{Cite journal, last1=Shore, first1=Jennifer, last2=Steinman, first2=Jill, title=Did You Really Agree to That? The Evolution of Facebook's Privacy Policy, url=https://techscience.org/a/2015081102/, journal=Technology Science {{Cite journal, last1=Lin, first1=Shuaifu, last2=Armstrong, first2=Deborah J., date=2019, title=Beyond Information: The Role of Territory in Privacy Management Behavior on Social Networking Sites, journal=Journal of the Association for Information Systems, pages=434–475, doi=10.17705/1jais.00540, s2cid=155567889, issn=1536-9323 {{Cite journal, last=Falgoust, first=Michael, date=2016, title=Data Science and Designing for Privacy, journal=Techné: Research in Philosophy and Technology, volume=20, issue=1, pages=51–68, doi=10.5840/techne201632446, issn=2691-5928 {{Cite journal, last1=Sanchez, first1=Odnan Ref, last2=Torre, first2=Ilaria, last3=He, first3=Yangyang, last4=Knijnenburg, first4=Bart P., s2cid=204330629, date=2019-10-12, title=A recommendation approach for user privacy preferences in the fitness domain, journal=User Modeling and User-Adapted Interaction, volume=30, issue=3, pages=513–565, doi=10.1007/s11257-019-09246-3, issn=0924-1868 {{Cite journal, last1=SAYİN, first1=Burcu, last2=ŞAHİN, first2=Serap, last3=KOGIAS, first3=Dimitrios G., last4=PATRIKAKIS, first4=Charalampos Z., date=2019-09-18, title=Privacy issues in post dissemination on Facebook, journal=Turkish Journal of Electrical Engineering & Computer Sciences, volume=27, issue=5, pages=3417–3432, doi=10.3906/elk-1811-25, issn=1303-6203, doi-access=free {{Cite journal, last1=Torre, first1=Ilaria, last2=Sanchez, first2=Odnan Ref, last3=Koceva, first3=Frosina, s2cid=4589182, title=Supporting users to take informed decisions on privacy settings of personal devices, journal=Personal and Ubiquitous Computing, year=2018, volume=22, issue=2, pages=345–364, doi=10.1007/s00779-017-1068-3 {{Cite journal, last1=Yang, first1=Lina, last2=Deng, first2=Haiyu, last3=Dang, first3=Xiaocui, s2cid=212648853, date=2020, title=Preference Preserved Privacy Protection Scheme for Smart Home Network System Based on Information Hiding, journal=IEEE Access, volume=8, pages=40767–40776, doi=10.1109/access.2020.2976782, issn=2169-3536, doi-access=free {{Cite journal, last1=Williams, first1=Meredydd, last2=Nurse, first2=Jason R.C., last3=Creese, first3=Sadie, s2cid=153312534, date=October 2019, title=Smartwatch games: Encouraging privacy-protective behaviour in a longitudinal study, journal=Computers in Human Behavior, volume=99, pages=38–54, doi=10.1016/j.chb.2019.04.026, arxiv=1905.05222, issn=0747-5632 {{Cite web, title=PRIVACY SETTINGS {{! definition in the Cambridge English Dictionary, url=https://dictionary.cambridge.org/us/dictionary/english/privacy-settings, access-date=2020-07-20, website=dictionary.cambridge.org, language=en-US {{Cite web, last=Germain, first=Thomas, title=How to Use Facebook Privacy Settings, url=https://www.consumerreports.org/privacy/facebook-privacy-settings/, access-date=2020-12-13, website=Consumer Reports, language=en-US {{Cite news, last=Lohr, first=Steve, date=2011-10-15, title=The Default Choice, So Hard to Resist, language=en-US, work=The New York Times, url=https://www.nytimes.com/2011/10/16/technology/default-choices-are-hard-to-resist-online-or-not.html, access-date=2020-08-04, issn=0362-4331 {{Cite journal, last1=Zhou, first1=Yun, last2=Qi, first2=Lianyong, last3=Raake, first3=Alexander, last4=Xu, first4=Tao, last5=Piekarska, first5=Marta, last6=Zhang, first6=Xuyun, date=2018-08-29, title=User attitudes and behaviors toward personalized control of privacy settings on smartphones, journal=Concurrency and Computation: Practice and Experience, volume=31, issue=22, doi=10.1002/cpe.4884, s2cid=69344305, issn=1532-0626 {{Cite journal, last1=Costantino, first1=Gianpiero, last2=Sgandurra, first2=Daniele, date=2015, title=Design and Development of a Facebook Application to Raise Privacy Awareness, journal=2015 23rd Euromicro International Conference on Parallel, Distributed, and Network-Based Processing, publisher=IEEE, pages=583–586, doi=10.1109/pdp.2015.23, isbn=978-1-4799-8491-6, s2cid=2620638 {{Cite journal, last1=Powell, first1=Adam, last2=Singh, first2=Preeti, last3=Torous, first3=John, date=2018, title=The Complexity of Mental Health App Privacy Policies: A Potential Barrier to Privacy, journal=JMIR mHealth and uHealth, language=en, volume=6, issue=7, pages=e158, doi=10.2196/mhealth.9871, pmid=30061090, pmc=6090172 Information privacy Privacy