Towards better user privacy via exposure control
We posit that access control, the dominant model for modeling and
managing privacy in today's online world, is fundamentally
inadequate. First, with access control, users must a priori
specify precisely who can or cannot access information by enumerating
users, groups, or roles---a task that is difficult to get right. Second,
access control fails to separate who can access information from
who actually does , because it ignores the difficulty of
finding information. Third, access control does not capture if and
how a person who has access to some information redistributes that
information. Fourth, access control fails to account for information
that can be inferred from other, public information.
We present exposure as an alternate model for information
privacy; exposure captures the set of people expected to learn an item of
information eventually. We believe the model takes an important step towards
enabling users to model and control their privacy effectively.