When Others Impinge upon Your Privacy: Interdependent Risks and Protection in a Connected World

Abstract Privacy is de ned as the right to control, edit, manage, and delete information aboutoneself and decide when, how, and to what extent this information is communicated toothers. Therefore, every person should ideally be empowered to manage and protect hisown data, individually and independently of others. This assumption, however, barelyholds in practice, because people are by nature biologically and socially interconnected.An individual’s identity is essentially determined at the biological and social levels. First,a person is biologically determined by his DNA, his genes, that fully encode his physicalcharacteristics. Second, human beings are social animals, with a strong need to createties and interact with their peers. Interdependence is present at both levels. At thebiological level, interdependence stems from genetic inheritance. At the social level,interdependence emerges from social ties. In this thesis, we investigate whether, intoday’s highly connected world, individual privacy is in fact achievable, or if it is almostimpossible due to the inherent interdependence between people.First, we study interdependent privacy risks at the social level, focusing on onlinesocial networks (OSNs), the digital counterpart of our social lives. We show that, even ifan OSN user carefully tunes his privacy settings in order to not be present in any searchdirectory, it is possible for an adversary to nd him by using publicly visible attributes ofother OSN users. We demonstrate that, in OSNs where privacy settings are not alignedbetween users and where some users reveal a (even limited) set of attributes, it is almostimpossible for a speci c user to hide in the crowd. Our navigation attack complementsexisting work on inference attacks in OSNs by showing how we can eciently nd targetedpro les in OSNs, which is a necessary precondition for any targeted attack. Our attackalso demonstrates the threat on OSN-membership privacy.Second, we investigate upcoming interdependent privacy risks at the biological level.More precisely, due to the recent drop in costs of genome sequencing, an increasing num-ber of people are having their genomes sequenced and share them online and/or withthird parties for various purposes. However, familial genetic dependencies induce indi-rect genomic privacy risks for the relatives of the individuals who share their genomes.We propose a probabilistic framework that relies upon graphical models and Bayesianinference in order to formally quantify genomic privacy risks. Then, we study the inter-play between rational family members with potentially conicting interests regarding thestorage security and disclosure of their genomic data. We consider both purely sel sh andaltruistic behaviors, and we make use of multi-agent inuence diagrams to eciently de-rive equilibria in the general case where more than two relatives interact with each other.We also propose an obfuscation mechanism in order to reconcile utility with privacy inv