research-article

Reviewing review platforms: a privacy perspective

Authors:

Kevin De Boeck,

Jenno Verdonck,

Michiel Willocx,

Vincent NaessensAuthors Info & Claims

ARES '22: Proceedings of the 17th International Conference on Availability, Reliability and Security

Article No.: 8, Pages 1 - 10

https://doi.org/10.1145/3538969.3538974

Published: 23 August 2022 Publication History

Abstract

Many tourists heavily rely on online review platforms for decisions with respect to food, visits and hotel bookings today. Review communities rigorously log all experiences on popular online platforms such as Google Maps, Tripadvisor and Yelp. However, many contributors are unaware that, along with experiences, a lot of sensitive information is often indirectly exposed to platform visitors. Examples are reviewer’s locations in the privacy sphere, age, medical information and financial status. Malicious entities could potentially employ this information in various ways, for example during extortion or targeted phishing attempts. This work outlines the potential risks for contributors on review platforms. The Google Maps review platform is applied as a prototypical example, with a special focus on predicting the reviewer’s home location. The accuracy of our predictions is assessed by relying on ground truth datasets. This paper further presents and evaluates strategies to tackle common problems.

References

[1]

2021. Facebook Data on 533 Million Users Reemerges Online for Free. https://www.bloomberg.com/news/articles/2021-04-03/facebook-data-on-533-million-users-leaked-business-insider

[2]

2021. Order of vaccination for people who do not work in healthcare. https://web.archive.org/web/20210822184326/https://www.government.nl/topics/coronavirus-covid-19/dutch-vaccination-programme/order-of-vaccination-against-coronavirus/order-of-vaccination-for-people-who-do-not-work-in-healthcare

[3]

Mishari Almishari and Gene Tsudik. 2012. Exploring Linkability of User Reviews. In Computer Security – ESORICS 2012, Sara Foresti, Moti Yung, and Fabio Martinelli (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 307–324.

[4]

David Arthur and Sergei Vassilvitskii. 2006. k-means++: The advantages of careful seeding. Technical Report. Stanford.

[5]

Philip J Clark and Francis C Evans. 1954. Distance to nearest neighbor as a measure of spatial relationships in populations. Ecology 35, 4 (1954), 445–453.

[6]

Yves-Alexandre De Montjoye, Laura Radaelli, Vivek Kumar Singh, 2015. Unique in the shopping mall: On the reidentifiability of credit card metadata. Science 347, 6221 (2015), 536–539.

[7]

Marie Douriez, Harish Doraiswamy, Juliana Freire, and Cláudio T Silva. 2016. Anonymizing nyc taxi data: Does it matter?. In 2016 IEEE international conference on data science and advanced analytics (DSAA). IEEE, 140–148.

[8]

Manuel Rodríguez Díaz and Tomás F Espino Rodríguez. 2018. Determining the reliability and validity of online reputation databases for lodging: Booking. com, TripAdvisor, and HolidayCheck. Journal of Vacation Marketing 24, 3 (2018).

[9]

Khaled El Emam. 2013. Guide to the de-identification of personal health information. CRC Press.

[10]

Martin Ester, Hans-Peter Kriegel, Jörg Sander, Xiaowei Xu, 1996. A density-based algorithm for discovering clusters in large spatial databases with noise. In kdd, Vol. 96. 226–231.

[11]

Stan Gurtler and Ian Goldberg. 2021. SoK: Privacy-Preserving Reputation Systems.Proc. Priv. Enhancing Technol. 2021, 1 (2021), 107–127.

[12]

Wajih Ul Hassan, Saad Hussain, and Adam Bates. 2018. Analysis of Privacy Protections in Fitness Tracking Social Networks -or- You can run, but can you hide?. In 27th USENIX Security Symposium (USENIX Security 18). USENIX Association, Baltimore, MD, 497–512.

[13]

María Hernández-Rubio, Iván Cantador, and Alejandro Bellogín. 2019. A comparative analysis of recommender systems based on item aspect opinions extracted from user reviews. User Modeling and User-Adapted Interaction 29, 2 (2019).

[14]

Arjan JP Jeckmans, Michael Beye, Zekeriya Erkin, Pieter Hartel, Reginald L Lagendijk, and Qiang Tang. 2013. Privacy in recommender systems. In Social media retrieval. Springer.

[15]

Michael Luca. 2016. Reviews, reputation, and revenue: The case of Yelp. com. Com (March 15, 2016). Harvard Business School NOM Unit Working Paper12-016 (2016).

[16]

Michael Luca and Georgios Zervas. 2016. Fake it till you make it: Reputation, competition, and Yelp review fraud. Management Science 62, 12 (2016), 3412–3427.

Digital Library

[17]

Eva Martin-Fuentes, Carles Mateu, and Cesar Fernandez. 2020. The more the merrier? Number of reviews versus score on TripAdvisor and Booking. com. International Journal of Hospitality & Tourism Administration 21, 1(2020), 1–14.

[18]

Grant McKenzie, Krzysztof Janowicz, and Dara Seidl. 2016. Geo-privacy beyond coordinates. In Geospatial Data in a Changing World. Springer, 157–175.

[19]

Arvind Narayanan and Vitaly Shmatikov. 2008. Robust de-anonymization of large sparse datasets. In 2008 IEEE Symposium on Security and Privacy (sp 2008). IEEE, 111–125.

Digital Library

[20]

F. Pedregosa, G. Varoquaux, A. Gramfort, V. Michel, B. Thirion, O. Grisel, M. Blondel, P. Prettenhofer, R. Weiss, V. Dubourg, J. Vanderplas, A. Passos, D. Cournapeau, M. Brucher, M. Perrot, and E. Duchesnay. 2011. Scikit-learn: Machine Learning in Python. Journal of Machine Learning Research 12 (2011), 2825–2830.

Digital Library

[21]

Tatiana Pontes, Marisa Vasconcelos, Jussara Almeida, Ponnurangam Kumaraguru, and Virgilio Almeida. 2012. We Know Where You Live: Privacy Characterization of Foursquare Behavior. In Proceedings of the 2012 ACM Conference on Ubiquitous Computing (Pittsburgh, Pennsylvania) (UbiComp ’12). Association for Computing Machinery, New York, NY, USA, 898–905.

Digital Library

[22]

Ivens Portugal, Paulo Alencar, and Donald Cowan. 2018. The use of machine learning algorithms in recommender systems: A systematic review. Expert Systems with Applications 97 (2018), 205–227.

[23]

Jonathan Rusert, Osama Khalid, Dat Hong, Zubair Shafiq, and Padmini Srinivasan. 2019. No Place to Hide: Inadvertent Location Privacy Leaks on Twitter.Proc. Priv. Enhancing Technol. 2019, 4 (2019), 172–189.

[24]

Ville Satopaa, Jeannie Albrecht, David Irwin, and Barath Raghavan. 2011. Finding a” kneedle” in a haystack: Detecting knee points in system behavior. In 2011 31st international conference on distributed computing systems workshops. IEEE.

Digital Library

[25]

Ruchi Singh, Jongwook Woo, N Khan, J Kim, HJ Lee, HA Rahman, J Park, J Suh, M Eom, and N Gudigantala. 2019. Applications of machine learning models on yelp data. Asia Pacific Journal of Information Systems 29, 1 (2019), 35–49.

[26]

Latanya Sweeney. 2000. Simple demographics often identify people uniquely. Health (San Francisco) 671, 2000 (2000), 1–34.

[27]

Yehuda Vardi and Cun-Hui Zhang. 2000. The multivariate L1-median and associated data depth. Proceedings of the National Academy of Sciences 97, 4 (2000), 1423–1426.

[28]

Xu Zheng, Zhipeng Cai, Jianzhong Li, and Hong Gao. 2017. Location-privacy-aware review publication mechanism for local business service systems. In IEEE INFOCOM 2017-IEEE Conference on Computer Communications. IEEE, 1–9.

Cited By

De Boeck KVerdonck JWillocx MLapon JNaessens V(2024)Compromising anonymity in identity-reserved k-anonymous datasets through aggregate knowledgeProceedings of the 19th International Conference on Availability, Reliability and Security10.1145/3664476.3664489(1-12)Online publication date: 30-Jul-2024
https://dl.acm.org/doi/10.1145/3664476.3664489

Index Terms

Reviewing review platforms: a privacy perspective
1. Security and privacy
  1. Human and societal aspects of security and privacy
    1. Privacy protections
  2. Software and application security
    1. Social network security and privacy

Recommendations

Privacy Capsules: Preventing Information Leaks by Mobile Apps
MobiSys '16: Proceedings of the 14th Annual International Conference on Mobile Systems, Applications, and Services

Preventing the leakage of user information via untrusted third-party apps is a key challenge in mobile privacy. We propose and evaluate privacy capsules (PCs), a platform execution model for mobile apps that prevents the flow of private information to ...
WPES '23: 22nd Workshop on Privacy in the Electronic Society
CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security

These proceedings contain the papers selected for inclusion in the technical program for the 22st ACM Workshop on Privacy in the Electronic Society (ACM WPES 2023), held in conjunction with the 30th ACM Conference on Computer and Communication Security (...
Protecting Privacy on Mobile Apps: A Principal–Agent Perspective
Although individuals increasingly use mobile applications (apps) in their daily lives, uncertainty exists regarding how the apps will use the information they request, and it is necessary to protect users from privacy-invasive apps. Recent literature has ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

ARES '22: Proceedings of the 17th International Conference on Availability, Reliability and Security

August 2022

1371 pages

ISBN:9781450396707

DOI:10.1145/3538969

Copyright © 2022 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 23 August 2022

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

ARES 2022

ARES 2022: The 17th International Conference on Availability, Reliability and Security

August 23 - 26, 2022

Vienna, Austria

Acceptance Rates

Overall Acceptance Rate 228 of 451 submissions, 51%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
75
Total Downloads

Downloads (Last 12 months)20
Downloads (Last 6 weeks)1

Reflects downloads up to 12 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

De Boeck KVerdonck JWillocx MLapon JNaessens V(2024)Compromising anonymity in identity-reserved k-anonymous datasets through aggregate knowledgeProceedings of the 19th International Conference on Availability, Reliability and Security10.1145/3664476.3664489(1-12)Online publication date: 30-Jul-2024
https://dl.acm.org/doi/10.1145/3664476.3664489

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Media

Figures

Other

Tables

View Table of Contents