Cognitive disconnect: Understanding facebook connect login permissions

Nicky Robinson, Joseph Bonneau

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

We study Facebook Connect's permissions system using crawling, experimentation, and user surveys. We find several areas in which it it works differently than many users and developers expect. More permissions can be granted than developers intend. In particular, permissions that allow a site to post to the user's profile are granted on an all-or-nothing basis. While users generally understand what data sites can read from their profile, they generally do not understand the full extent of what sites can post. In the case of write permissions, we show that user expectations are influenced by the identity of the requesting site although this has no impact on what is actually enforced. We also find that users generally do not understand the way Facebook Connect permissions interact with Facebook's privacy settings. Our results suggest that users understand detailed, granular messages better than those that are broad and vague.

Original languageEnglish (US)
Title of host publicationCOSN 2014 - Proceedings of the 2014 ACM Conference on Online Social Networks
PublisherAssociation for Computing Machinery, Inc
Pages247-258
Number of pages12
ISBN (Electronic)9781450331982
DOIs
StatePublished - Oct 1 2014
Event2nd ACM Conference on Online Social Networks, COSN 2014 - Dublin, Ireland
Duration: Oct 1 2014Oct 2 2014

Other

Other2nd ACM Conference on Online Social Networks, COSN 2014
CountryIreland
CityDublin
Period10/1/1410/2/14

Keywords

  • Facebook
  • Online social networks
  • Permissions
  • Privacy

ASJC Scopus subject areas

  • Computer Networks and Communications

Cite this

Robinson, N., & Bonneau, J. (2014). Cognitive disconnect: Understanding facebook connect login permissions. In COSN 2014 - Proceedings of the 2014 ACM Conference on Online Social Networks (pp. 247-258). Association for Computing Machinery, Inc. https://doi.org/10.1145/2660460.2660471

Cognitive disconnect : Understanding facebook connect login permissions. / Robinson, Nicky; Bonneau, Joseph.

COSN 2014 - Proceedings of the 2014 ACM Conference on Online Social Networks. Association for Computing Machinery, Inc, 2014. p. 247-258.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Robinson, N & Bonneau, J 2014, Cognitive disconnect: Understanding facebook connect login permissions. in COSN 2014 - Proceedings of the 2014 ACM Conference on Online Social Networks. Association for Computing Machinery, Inc, pp. 247-258, 2nd ACM Conference on Online Social Networks, COSN 2014, Dublin, Ireland, 10/1/14. https://doi.org/10.1145/2660460.2660471
Robinson N, Bonneau J. Cognitive disconnect: Understanding facebook connect login permissions. In COSN 2014 - Proceedings of the 2014 ACM Conference on Online Social Networks. Association for Computing Machinery, Inc. 2014. p. 247-258 https://doi.org/10.1145/2660460.2660471
Robinson, Nicky ; Bonneau, Joseph. / Cognitive disconnect : Understanding facebook connect login permissions. COSN 2014 - Proceedings of the 2014 ACM Conference on Online Social Networks. Association for Computing Machinery, Inc, 2014. pp. 247-258
@inproceedings{236a7a94678e41a793e1b581fddccb36,
title = "Cognitive disconnect: Understanding facebook connect login permissions",
abstract = "We study Facebook Connect's permissions system using crawling, experimentation, and user surveys. We find several areas in which it it works differently than many users and developers expect. More permissions can be granted than developers intend. In particular, permissions that allow a site to post to the user's profile are granted on an all-or-nothing basis. While users generally understand what data sites can read from their profile, they generally do not understand the full extent of what sites can post. In the case of write permissions, we show that user expectations are influenced by the identity of the requesting site although this has no impact on what is actually enforced. We also find that users generally do not understand the way Facebook Connect permissions interact with Facebook's privacy settings. Our results suggest that users understand detailed, granular messages better than those that are broad and vague.",
keywords = "Facebook, Online social networks, Permissions, Privacy",
author = "Nicky Robinson and Joseph Bonneau",
year = "2014",
month = "10",
day = "1",
doi = "10.1145/2660460.2660471",
language = "English (US)",
pages = "247--258",
booktitle = "COSN 2014 - Proceedings of the 2014 ACM Conference on Online Social Networks",
publisher = "Association for Computing Machinery, Inc",

}

TY - GEN

T1 - Cognitive disconnect

T2 - Understanding facebook connect login permissions

AU - Robinson, Nicky

AU - Bonneau, Joseph

PY - 2014/10/1

Y1 - 2014/10/1

N2 - We study Facebook Connect's permissions system using crawling, experimentation, and user surveys. We find several areas in which it it works differently than many users and developers expect. More permissions can be granted than developers intend. In particular, permissions that allow a site to post to the user's profile are granted on an all-or-nothing basis. While users generally understand what data sites can read from their profile, they generally do not understand the full extent of what sites can post. In the case of write permissions, we show that user expectations are influenced by the identity of the requesting site although this has no impact on what is actually enforced. We also find that users generally do not understand the way Facebook Connect permissions interact with Facebook's privacy settings. Our results suggest that users understand detailed, granular messages better than those that are broad and vague.

AB - We study Facebook Connect's permissions system using crawling, experimentation, and user surveys. We find several areas in which it it works differently than many users and developers expect. More permissions can be granted than developers intend. In particular, permissions that allow a site to post to the user's profile are granted on an all-or-nothing basis. While users generally understand what data sites can read from their profile, they generally do not understand the full extent of what sites can post. In the case of write permissions, we show that user expectations are influenced by the identity of the requesting site although this has no impact on what is actually enforced. We also find that users generally do not understand the way Facebook Connect permissions interact with Facebook's privacy settings. Our results suggest that users understand detailed, granular messages better than those that are broad and vague.

KW - Facebook

KW - Online social networks

KW - Permissions

KW - Privacy

UR - http://www.scopus.com/inward/record.url?scp=84912130230&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84912130230&partnerID=8YFLogxK

U2 - 10.1145/2660460.2660471

DO - 10.1145/2660460.2660471

M3 - Conference contribution

SP - 247

EP - 258

BT - COSN 2014 - Proceedings of the 2014 ACM Conference on Online Social Networks

PB - Association for Computing Machinery, Inc

ER -