Abstract
The General Data Protection Regulation (GDPR) was adopted in 2018 and had as main objective the establishment of the protection of personal data as a right of European citizens. However, the information, being the most valuable asset of our time, is a necessary element for the professional activity of most websites and applications. Secure design is fundamental for ensuring and maintaining trust between devices and user. IoT devices are the future of technology and communication. Given the multi-device interface technology, we must consider the ability to protect the user from leaks to other devices, applications and websites. Encryption is an important tool that can help us, ensure users trust in the devices they use. Privacy of personal data must therefore be ensured, especially since they are now a protected right of users. In this work, we examine the most commonly used calling and messaging, networking applications, of everyday life: Ayoba, Facebook Messenger, Line, Signal, Skype, Slack, Telegram, Whatsapp, and Viber. Especially, the permissions they ask from the user, the protection and the guarantees they provide under the General Data Protection Regulation, is explored. The additional permissions requested, or the shared data, are figured out. The results of our research, have proven the leakage of personal data and information, from the smart hand held devices, of the users, to third-party websites. Finally, the intersection of the third-party websites and, consequently, the sharing of the users information to other parties, without their immediate permission, are reported.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Regulation (EU) 2016/679 of the European Parliament and of the Council, Official Journal of the European Union, April 2016
Vollmer, N.: Article 25 EU General Data Protection Regulation, EU-GDPR, September 2018
Sklavos, N., Zaharakis, I.D.: Cryptography and security in Internet of Things (IoT): models, schemes, and implementations. In: Proceedings of 8th IFIP International Conference on New Technologies, Mobility and Security (NTMS 2016), Larnaca, Cyprus, 21–23 November 2016 (2016)
Hu, F.: Security and Privacy in Internet of Things: Models, Algorithms and Implementations. CRC Press (2016). ISBN: 9781498723183
Warren, S.D., Brandeis, L.D.: The right to privacy. Harvard Law Rev. Assoc. 4(5), 193–220 (1890)
Stallings, W.: Cryptography and Network Security, 6th edn. Pearson, Upper Saddle River (2014). ISBN: 0133354695
Barker, K., et al.: A data privacy taxonomy. In: Sexton, Alan P. (ed.) BNCOD 2009. LNCS, vol. 5588, pp. 42–54. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-02843-4_7
Limniotis, K.: Anonymization and pseudonymization of personal data. In: 7th International Conference on e-Democracy - Workshop on Technologies and Procedures as Tools for Compliance with the General Data Protection Regulation (GDPR), Athens, 14 December 2017 (2017)
Krombholz, K., Hobel, H., Huber, M., Weippl, E.: Advanced social engineering attacks. J. Inf. Secur. Appl. 22(C), 113–122 (2015)
Mitnick, K.D., Simon, W.L.: The Art of Deception: Controlling the Human Element of Security. Wiley Publishing, Indianapolis (2003)
Clarke, R.: Introduction to Dataveillance and Information Privacy and Definitions of Terms, Computer Science (1997)
Eurobarometer, “Personal data protection”, Survey 431, European Parliament, Figures 2015 (2015)
de la Torre, L.F.: What are privacy-enhancing technologies (PETs)? A medium corporation. Am. Bee J. March 2019
European Union Agency for Network and Information Security (ENISA), A tool on Privacy Enhancing Technologies (PETs) knowledge management and maturity assessment—ENISA, February 2019
Heartfield, R., Loukas, G.: Mechanisms for semantic social engineering attacks, a taxonomy of attacks and a survey of defense. ACM Comput. Surv. December 2015
Milosevic, J., Sklavos, N., Koutsikou, K.: Malware in IoT software and hardware. In: Proceedings of Workshop on Trustworthy Manufacturing and Utilization of Secure Devices (TRUDEVICE 2016), Barcelona, Spain, 14–16 November 2016
Solove, D.J.: A taxonomy of privacy. Univ. Pennsylvania Law Rev. 154(3), 477 (2006). GWU Law School Public Law Research Paper No. 129
Lumen Privacy Monitor, Version 2.2.2 (2020)
Website. www.icsi.berkeley.edu/icsi/projects/networking/haystack
ICSI Haystack Panopticon. www.haystack.mobi/panopticon (2020)
Sklavos, N., Zaharakis, I.D., Kameas, A., Kalapodi, A.: Security & trusted devices in the context of Internet of Things (IoT). In: 20th EUROMICRO Conference on Digital System Design, Architectures, Methods, Tools (DSD 2017), Vienna, Austria, 30 August–1 September 2017 (2017)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Kalapodi, A., Sklavos, N. (2021). The Concerns of Personal Data Privacy, on Calling and Messaging, Networking Applications. In: Thampi, S.M., Wang, G., Rawat, D.B., Ko, R., Fan, CI. (eds) Security in Computing and Communications. SSCC 2020. Communications in Computer and Information Science, vol 1364. Springer, Singapore. https://doi.org/10.1007/978-981-16-0422-5_20
Download citation
DOI: https://doi.org/10.1007/978-981-16-0422-5_20
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-0421-8
Online ISBN: 978-981-16-0422-5
eBook Packages: Computer ScienceComputer Science (R0)