Checklist for Validation of Data Privacy Augmentation Computation in Social Media

We are all into social media nowadays. A day is not spent well unless we spend some time in social media. According to a report there are more than 5 billion active social media users worldwide. With such a high number of users connected, it has created a lot of possibilities with accessibility. Social media has its advantages as well as more disadvantages.

For information about indium’s digital assurance services

Contact Us

With the booming number of users Data privacy is at its stake. Content creators of social media are a lot but are they equipped enough with data security? Managing the privacy of customer data is one of the biggest challenges faced in social media, according to a report by Hoot suite Social Trends Survey 2022.

As per Gartner’s report, 75% of the world’s population will have its personal data covered under modern privacy regulations, by end of 2024. This regulatory component is the critical catalyst for the operationalization of privacy.

With the privacy regulations across the globe, organizations should focus on privacy enhancing computation techniques to meet the challenges of protecting the data.

Increasing complexity of analytics engines and architectures mandates that social media owners incorporate a by-design privacy capability. AI models and techniques helps in designing this. Unlike common data-at-rest safety measures, privacy enhancing computation protects data in use.

While incorporating the algorithm is one side of the spectrum, validating the data logic plays a crucial role to ensure that the desired outcome is achieved.

Working with one of the top social media creators, we have created a checklist to help validating the data privacy augmentation.

Here is a glimpse of the control points for which we have a checklist created for validation:

  • Web / DNS control points
  • Email control points
  • Executable control points
  • Content control points

We have created a 3 stage model to achieve this.

Setup 

The Setupphase includes foundational capabilities of a privacy management. Identifying control points, defining business rules, record keeping. These are needed for any customer-facing organization that processes personal information. These include discovery and enrichment to establish and maintain privacy risk registers

Maintain

The maintain phase is to scale and focus on ongoing administration and resource management. Categorization of the controls and actions on the incidents observed, thereby bringing automaton to privacy impact considerations. Tools are used to identify the contents and block based on the rules.

Progress

The progress phase is updating the rules based on the controls and mitigating the risks identified. Its more of a continuous improvement phase.

Now lets move on the checklist for validation.

  • Web / DNS control points

This is more of filtering on the unauthorized access from DNS / web addresses. List of control points used in this validation with multifold techniques. Repository of unauthorized DNS addresses created with responsive actions. DNS control points blocks content or network access from potentially harmful sources. Control point will have a block list or allowlist to filter harmful unwanted content. API will identify the blocked domains on the CMS and restricts user to create account, add email using those domains.

  • Email control points

Screening of emails for spam and objectionable content forms this email control points repository created with rules of actions. API will identify and restrict banned users from login to the application.

  • Executable control points

Few files while opening or executing triggers unwanted actions and those are added in executable control points. Rules are programmed to stop execution of the malicious files.

  • Content control points

Content based controls use pre moderation and post moderation techniques to filter and bypass the unwanted content. API identifies the word configured in CMS and restricts user from posting those words.

Pre-Moderation Server will identify and restrict users to create account using configured words, will identify configured words on posts, comments and quote posts and will block users from posting. Post-Moderation Server will identify and delete words/images/video which meets the AI score

These controls are configured to exclude undesirable unwanted type of content that violates the product’s acceptable use policies.

Above checklists helps to validate the data privacy augmentation rules and protects the organizations and individuals against harmful content.

Validation helps to minimize unwanted access and content thereby making the social media safe for the ever increasing users.



Author: Premalatha S
Premalatha Shanmugham with 13+ years of experience In Indium, focusing on Digital Assurance and managing delivery. She holds an M.Phil in Computer Science and has presented papers in various conferences including STC, Step-IN, eWIT forums. With the extensive experience in Infrastructure, Grey box, and Test Ops domains has helped to achieve quick cycle to release, Regression optimization, Test optimization, and risk-free Quality products.