Abstract
Online Social Networks (OSNs) are very popular and widely adopted by the vast majority of Internet users across the globe. Recent scandals on the abuse of users’ personal information via these platforms have raised serious concerns about the trustworthiness of OSN service providers. The unprecedented collection of personal data by OSN service providers poses one of the greatest threats to users’ privacy and their right to be left alone. The recent approval of the GDPR (General Data Protection Regulation) presents OSN service providers with great compliance challenges. A set of new data protection requirements are imposed on data controllers (OSN service providers) by GDPR that offer greater control to data subjects (OSN users) over their personal data. This position paper investigates the link between GDPR provisions and the use of blockchain technology for solving the consent management problem in online social networks. We also describe challenges and opportunities in designing a GDPR-compliant consent management mechanism for online social networks. Key characteristics of blockchain technology that facilitate regulatory compliance were identified. The legal and technological state of play of the blockchain-GDPR relationship is reviewed and possible ways to reconcile blockchain technology with the GDPR requirements are demonstrated. This paper opens up new research directions on the use of the disruptive innovation of blockchain to achieve regulatory compliance in the application domain of online social networks.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
Nielsen http://www.nielsen.com/.
- 3.
Facebook for Developers, https://developers.facebook.com/.
- 4.
Open Social, https://www.getopensocial.com/.
- 5.
Millions of Facebook user records exposed in data breach, https://www.telegraph.co.uk/technology/2019/04/03/millions-facebook-user-records-exposed-data-breach/.
- 6.
- 7.
Mark Zuckerberg Testimony: Senators Question Facebook’s Commitment to Privacy, https://www.nytimes.com/2018/04/10/us/politics/mark-zuckerberg-testimony.html.
- 8.
GDPR Compliance Toolkit, https://info.nymity.com/gdpr-compliance-toolkit.
- 9.
Microsoft GDPR Detailed Assessment, https://aka.ms/gdrpdetailedassessment.
References
Ahmed, J.: Privacy in online social networks: an ontological model for self-presentation. In: International Conference on Knowledge Engineering and the Semantic Web, pp. 56–70. Springer (2016)
Ahmed, J., Governatori, G., van der Torre, L.W.N., Villata, S.: Social interaction based audience segregation for online social networks. In: ECSI, pp. 186–197 (2014)
Ahmed, J., Shaikh, Z.A.: Privacy issues in social networking platforms: comparative study of facebook developers platform and opensocial. In: International Conference on Computer Networks and Information Technology, pp. 179–183. IEEE (2011)
Alizadeh, F., Jakobi, T., Boldt, J., Stevens, G.: GDPR-Reality check on the right to access data: claiming and investigating personally identifiable data from companies. In: Proceedings of Mensch und Computer 2019, pp. 811–814. ACM (2019)
Bahri, L., Carminati, B., Ferrari, E.: Decentralized privacy preserving services for online social networks. Online Soc. Netw. Media 6, 18–25 (2018)
Bayle, A., Koscina, M., Manset, D., Perez-Kempner, O.: When blockchain meets the right to be forgotten: technology versus law in the healthcare industry. In: 2018 IEEE/WIC/ACM International Conference on Web Intelligence (WI), pp. 788–792. IEEE (2018)
Bond, R.M., Fariss, C.J., Jones, J.J., Kramer, A.D.I., Marlow, C., Settle, J.E., Fowler, J.H.: A 61-million-person experiment in social influence and political mobilization. Nature 489(7415), 295 (2012)
Boyd, D.M., Ellison, N.B.: Social network sites: definition, history, and scholarship. J. Comput. Mediat. Commun. 13(1), 210–230 (2007)
Chakravorty, A., Rong, C.: Ushare: user controlled social media based on blockchain. In: Proceedings of the 11th International Conference on Ubiquitous Information Management and Communication, pp. 99. ACM (2017)
Chen, Y., Li, Q., Wang, H.: Towards trusted social networks with blockchain technology. arXiv preprint arXiv:1801.02796 (2018)
De, S.J., Imine, A.: On consent in online social networks: privacy impacts and research directions (short paper). In: International Conference on Risks and Security of Internet and Systems, pp. 128–135. Springer (2018)
Farshid, S., Reitz, A., Roßbach, P.: Design of a forgetting blockchain: a possible way to accomplish GDPR compatibility. In: Proceedings of the 52nd Hawaii International Conference on System Sciences (2019)
Feng, Q., He, D., Zeadally, S., Khan, M.K., Kumar, N.: A survey on privacy protection in blockchain system. J. Netw. Comput. Appl. 126, 45–58 (2018)
Finck, M.: Blockchains and data protection in the european union. Eur. Data Prot. L. Rev. 4, 17 (2018)
Gross, R., Acquisti, A.: Information revelation and privacy in online social networks. In: Proceedings of the 2005 ACM workshop on Privacy in the electronic society, pp. 71–80. ACM (2005)
Ho, A., Maiga, A., Aïmeur, E.: Privacy protection issues in social networking sites. In: 2009 IEEE/ACS International Conference on Computer Systems and Applications, pp. 271–278. IEEE (2009)
Ibáñez, L.-D., O’Hara, K., Simperl, E: On blockchains and the general data protection regulation (2018)
Isaac, M.: Facebook security breach exposes accounts of 50 million users (2018)
Kramer, A.D., Guillory, J.E., Hancock, J.T.: Experimental evidence of massive-scale emotional contagion through social networks. Proc. Nat. Acad. Sci. 111(24), 8788–8790 (2014)
Millard, C.: Blockchain and law: incompatible codes? Comput. Law Secur. Rev. 34(4), 843–846 (2018)
Molina-Jimenez, C., Sfyrakis, I., Solaiman, E., Ng, I., Wong, M.W., Chun, A., Crowcroft, J.: Implementation of smart contracts using hybrid architectures with on and off–blockchain components. In: 2018 IEEE 8th International Symposium on Cloud and Service Computing (SC2), pp. 83–90. IEEE (2018)
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (white paper) (2008). https://bitcoin.org/bitcoin.pdf. Accessed 28 May 2019
Nissenbaum, H.: Privacy as contextual integrity. Wash. L. Rev. 79, 119 (2004)
Onik, M.M.H., Kim, C.-S., Yang, J.: Personal data privacy challenges of the fourth industrial revolution. In: 2019 21st International Conference on Advanced Communication Technology (ICACT), pp. 635–638. IEEE (2019)
Qin, D., Wang, C., Jiang, Y.: RPchain: a blockchain-based academic social networking service for credible reputation building. In: International Conference on Blockchain, pp. 183–198. Springer (2018)
Seneviratne, O., Kagal, L.: Enabling privacy through transparency. In: 2014 Twelfth Annual International Conference on Privacy, Security and Trust, pp. 121–128. IEEE (2014)
Smith, K.: 53 incredible facebook statistics and facts (2019)
Tikkinen-Piri, C., Rohunen, A., Markkula, J.: EU general data protection regulation: changes and implications for personal data collecting companies. Comput. Law Secur. Rev. 34(1), 134–153 (2018)
van Geelkerken, F.W.J., Konings, K.: Using blockchain to strengthen the rights granted through the GDPR. In: Litteris et Artibus, pp. 458–461 (2017)
Voigt, P., Von dem Bussche, A.: The EU general data protection regulation (GDPR). In: A Practical Guide, 1st edn. Springer, Cham (2017)
Vujicic, D., Jagodic, D., Randic, S.: Blockchain technology, bitcoin, and Ethereum: a brief overview. In: 2018 17th International Symposium INFOTEH-JAHORINA (INFOTEH), pp. 1–6. IEEE (2018)
Wang, Y., Kogan, A.: Designing confidentiality-preserving blockchain-based transaction processing systems. Int. J. Account. Inf. Syst. 30, 1–18 (2018)
Westerkamp, M., Göndör, S., Küpper, A.: Tawki: towards self-sovereign social communication (2019)
Yaga, D., Mell, P., Roby, N., Scarfone, K.: Blockchain technology overview. arXiv preprint arXiv:1906.11078 (2019)
Yeung, C.A., Liccardi, I., Lu, K., Seneviratne, O., Berners-Lee, T.: Decentralization: the future of online social networking. In: W3C Workshop on the Future of Social Networking Position Papers, vol. 2, pp. 2–7 (2009)
Acknowledgment
This work was carried out at the department of information security and communication technology, Norwegian University of Science and Technology, Gjovik, Norway during the tenure of an ERCIM ‘Alain Bensoussan’ Fellowship Programme.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Ahmed, J., Yildirim, S., Nowostawski, M., Abomhara, M., Ramachandra, R., Elezaj, O. (2020). Towards Blockchain-Based GDPR-Compliant Online Social Networks: Challenges, Opportunities and Way Forward. In: Arai, K., Kapoor, S., Bhatia, R. (eds) Advances in Information and Communication. FICC 2020. Advances in Intelligent Systems and Computing, vol 1129. Springer, Cham. https://doi.org/10.1007/978-3-030-39445-5_10
Download citation
DOI: https://doi.org/10.1007/978-3-030-39445-5_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-39444-8
Online ISBN: 978-3-030-39445-5
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)