University of Colombo School of Computing
This paper proposes that social network data should be assumed public but treated private. Assuming this rather confusing requirement means that anonymity models such as k-anonymity cannot be applied to the most common form of private data release on the internet, social network APIs. An alternative anonymity model, q-Anon, is presented, which measures the probability of an attacker logically deducing previously unknown information from a social network API while assuming the data being protected may already be public information. Finally, the feasibility of such an approach is evaluated suggesting that a social network site such as Facebook could practically implement an anonymous API using q-Anon, providing its users with an anonymous option to the current application model.