Personal DLP for Facebook

Data Loss Prevention (DLP) is a well-established security and privacy concept in enterprise environments: Enterprise DLP tools scan outgoing messages and stop unintended information flows. It may catch malicious insiders, but the main use case is avoiding data leaks due to human errors. Good DLP tools prevent careless employees from doing something they would probably regret if made aware of. Individuals using online social networks are in a very similar situation: Often they share the wrong information with the wrong people, unaware of the risks and often even unaware of the technical meaning of what they are doing. Personal DLP, introduced in this paper, extends the notion of DLP to individual users. It makes the individual users aware of risks and mistakes, and it does so based on rules explicitly set by each user, and rules derived from that users´ past behavior and individual settings. Personal DLP raises awareness by explaining the risks, but the final decision is always with the user.