Virtual Private Social Networks


Social networking services have been transformed from one-stop websites, to social interaction platforms deeply integrated with third-party websites, applications, and even operating systems. As prominent examples, social plugins such as Facebook's Like and Google's +1 buttons enable websites to offer personalized content and allow their visitors to seamlessly share and interact with their social circles, while Facebook and Twitter support is already integrated in iOS 6.

These social features offer multifaceted benefits to both users and content providers, and have driven their widespread adoption across the web and the mobile application ecosystem. However, this increasing integration has raised concerns about the implications of these social features to user privacy, as they enable social networking services to track a growing part of their members' activity, including their browsing histories, locations, and communications.

The research in this project seeks to address these privacy concerns by exploring a novel design for privacy-preserving virtual private social networks, which fulfills two seemingly contradicting requirements: it protects user privacy by minimizing the transmission of user-identifying information to the social networking platform, while preserving all existing functionality by delivering the same personalized content. The main insight of this approach is to shift content personalization from a server-side to a client-side process, by decoupling the retrieval of potentially sensitive social information from the presentation of personalized content that uses that information. The PIs are developing a personalized "information overlay" that prefetches information from a user's social circle independently of third-party accesses, and keeps this information consistent across the user's devices. The outcomes of this research effort are expected to significantly improve the privacy of members of social networking services, without degrading the current personalization experience to which they have grown accustomed.



  • SafeButton, an extension for the Firefox and Chrome Web browsers that provides privacy-preserving versions of the social widgets offered by major social networking services.
  • LBSProximityAuditor, a framework that allows security researchers to evaluate the privacy offered by proximity-based services against attacks attempting to discover users' locations.


Network Security Lab, Columbia University

This material is based upon work supported by the National Science Foundation under Grant No. 1318415

Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.