Privacy is the right to have control over how an individual’s personal information is being collected, shared and used. In recent trends, people’s attitude towards the internet has changed tremendously. The willingness and comfort level of people to share and reveal information about themselves and their peers have vastly increased, and are further rising. As information intensive sites increase and sprout across networks, the probability of individuals to both consciously and subconsciously reveal personal information on these different networks has increased drastically, and will continue to increase in the foreseeable future. This increase in exposure can lead to incidents of identity theft, fraud and data leakage posing a serious threat to one’s privacy.
Financial institutions today are more aware and focused towards creating and monitoring scores of existing and potential customers to understand the credit risk they might be exposed to but not enough attention has been given to create a score that aggregates information from all available data sources and online portals to determine the privacy risk an individual might be exposed to.
We present a framework to quantitatively determine the privacy score of a user based on the user’s activity and his assessable information at all possible networks that could potentially lead to a breach of privacy. With this calculated score, a user’s privacy risk can be monitored and lowered by providing real time alerts, enabling the user to alter his/her information-sharing patterns
The privacy score of a user is an indicator of his potential privacy risk; the higher the privacy score of a user, the lower is the threat to his or her privacy. As per our understanding and experience of working in this space, there are two pivotal components of a privacy score- Sensitivity and Vulnerability.
Sensitivity measures how commonly an information is revealed or shared. Sensitivity score for a user is calculated as a deterministic model, taking into account all the information the user has revealed. In general, information items that are not revealed by a majority of people are the ones that are more sensitive. Weights are therefore assigned to the attributes depending on how other users reveal that attribute. The overall sensitivity score of an individual is calculated by combining the weights of each attribute revealed by that individual. Vulnerability measures the overall likelihood of an individual’s information being breached based on the visibility patterns of the attributes. The overall privacy score is an inverse combination of sensitivity score and vulnerability score.
Privacy Score = 1/ (sensitivity * vulnerability)
For the score to display the desired robustness and stability, we tested our sensitivity model with different scenarios. Scenarios are created keeping in mind possible stress situations that could arise due to constantly changing information sharing a pattern of our population.
We sincerely believe that people need to take privacy risk more seriously as they probably do with their credit scores and really understand that the consequences of a privacy breach could be more fatal than that of a decline in credit score. Our framework provides a new way of looking at the entire network based privacy risk by incorporating the data available from both online as well as offline sources and will therefore be really helpful for financial institutions and companies in the credit monitoring and identity theft space.