Online privacy

Sonja Buchegger is studying ways to improve the user’s privacy and regain control of our own personal data in social networks like Facebook and Twitter.

Today it is almost impossible to protect your personal information from the owners of social networks such as Facebook, states Sonja Buchegger, Associate Professor at the Department Theoretical Computer Science.

“We want to get away from the central data collection in these networks, and instead have it distributed. My research is aimed at developing a secure social network with peer-to-peer technology (p2p) and encryption to protect user data and information about the users".

In the beginning of 2011 Sonja was chosen to be a future research leader by the Swedish Foundation for Strategic Research, SSF, and awarded a SEK 10 million grant over 5 years. Before that, in 2010, Sonja got a SEK 3.2 million grant over 4 years, following a research fellow grant from the Swedish Research Council at the end of 2009.

”The grants are for different parts of the project PeerSoN, which is about giving control of the data back to the user, in particular user privacy.  The different parts concern security/privacy and networking/distributed systems aspects. The research is also a part of the KTH ACCESS Centre.”

PeerSoN is has had collaboration between researchers in five countries: KTH, NTU in Singapore, Deutsche Telekom Laboratories in Germany, Warsaw University and EPFL in Lausanne, Switzerland.

Sonja is originally from Austria, but with a PhD from EPFL in Lausanne, and postdoc studies in Berkeley, California. Before she came to KTH in 2010 she worked as a research scientist at Deutsche Telekom Laboratories in Berlin.

She favours a holistic approach to research and takes a multi-disciplinary perspective in order to come to terms with the privacy problem. Her extensive background in economics, computer
networks and security ensures that she stays with the big picture.

The data on social networks is today stored in large centralised collections. This is problematic, as we only have limited control over what happens to it and even that varies over time as privacy agreements change.

“The data may be leaked, mined, or even sold off by the providers of social networks," says Sonja.  “With providers and data placed in other countries, Swedish law might not apply. We thus aim at preventing data loss and misuse in the first place, for example by cryptographic means.”

In a decentralised and encrypted p2p network, on the other hand, there is no central repository for information, each participant in the network has control over their own information, Sonja explains, possibly including individual cloud storage.

”Our research on social networks are merely the starting point though, once we have enough building blocks for decentralized private communications, we can enable new applications that no one has thought of yet.”

The SSF grant will primarily be used to build a research group and she has employed 3 PhD students and one post doc.

"We will gain momentum by having several people working together on different aspects of the topic. As the grant is for five years, we can afford to be bolder and freer in our research and thus take more risks," she says.

But is it even possible to control something as evasive and subversive as the free flow of information on social networks?

"I believe that privacy issues will become even more pertinent in the near future, as there is more data available about us and it can easily be combined.  In order to tackle the privacy issue we need to bring several disciplines together. Beyond the underlying technology, we also need more human-computer interaction research to make privacy easier to understand for users so they can adjust the privacy settings of the applications they use," states Sonja.

Top page top