Social Media Countermeasures:
Countermeasures reduce the vulnerabilities in a system. In this section, we present these
countermeasures grouped into the following main categories: platform countermeasures and user
countermeasures. The former refers to countermeasures which collaborative platforms must
implement in order to prevent attacks directed both to platforms and users, while the later intends
to introduce the best practices to improve users privacy habits.
A. Countermeasures addressed to the Platform
1)Technological Security of the Platform: System administrators of collaborative networks
should be aware that their users share personal data through their services. Therefore, they
should protect their networks against potential attacks, employing tools especially made to
combat against pharming and phishing cases, not to mention one of the most
annoying threats of the current times: the spam. Regarding network connections, they should
make use of secure connections applying technologies (e.g. Security Socket Layer (SSL)), to
ensure private data transmissions. On the other hand, social networks provide users with little
control over their personal data. As a consequence, identity theft and fake proﬁles are common
issues. These platforms should provide tools to prevent cases of identity theft, to allow legitimate
users to get back the control of the account after the theft, or to strengthen user identiﬁcation
before registration. Additionally, it is recommended to implement technological measures to
verify the age of the users, in order to protect children against inappropriate contents or
2) User’s Data: OSN (Online Social Network) need to facilitate access to the Terms of Service
and User Conditions displaying all the information in understandable terms. To this end, these
documents must employ a perfectly understandable language by any kind of user. After reading
the document, the user should know its rights and obligations during the use of the service.
Besides, OSN must guarantee the users a complete control over their published information.
Therefore, a social network must implement several procedures in order to satisfy the following:
•Users should know the intended use by the social network of both personal and published data.
•Users should be able to apply the rights to access, rectify, cancel, and oppose to data concerning
them published in the OSN.
•User proﬁle conﬁguration should default to maximum privacy, allowing to later changing it
according to personal preferences.
•Users should be able to prevent the publication of unauthorised data. The use of tagging
mechanisms requesting user’s approval is one of the approaches aimed at the achievement of this
goal. Furthermore, OSN must protect users data against the indexation of search engines by
using appropriate codiﬁcation.
3) Author’s Royalties: Author’s rights must be protected. OSN must provide users with tools
that allow reporting the existence of contents protected by author’s rights. Additionally, social
networks need adequate staff or automatic tools to check all uploaded contents and establish if
such contents are subject to intellectual rights. Besides, OSN users must know the nature of the
rights to authorship and the importance to respect them for the correct use of the service, through
general conditions when creating new accounts, FAQs, etc.
4) User Awareness: It is essential that OSN encourage their users to know the use that social
networks make of their personal data, the advertisement systems present in the platform and the
potential threats that users face while using on-line services. Similarly, it is necessary to display
information related to the security of the platform, including the measures that users should take
in case of abuse of their rights.
B. Countermeasures addressed to the Users
before the registering process and every time any change occurs. Once the user has registered, it
must conﬁgure properly the privacy settings, so that only his friends have access to the published
contents. Users have absolute control over the information that they want to publish. They are
therefore responsible for the publication of excessive information putting at risk their intimacy
or their whereabouts. In this sense, it is recommended not to publish intimate information in
personal proﬁles that could be seen by everybody. Users must also be careful when publishing
audiovisual or graphical contents, trying not to put at risk other users’ privacy. Moreover,
friendship relations are the core of these networks. Once deﬁned the privacy settings, users must
be careful with friend requests. Users should only accept friend requests coming from people
already known and avoid accepting compulsively any request for friendship because it could
result in privacy issues.
2) Technological Concerns: There are security and technological considerations that users must
take into account in order to increase the level of security. First, users should use different user-
names and passwords to access different social networks. Second, they should use strong
passwords to prevent brute force attacks. Finally, they should use updated security software and
3) Special Considerations for Children: Under-age users are specially vulnerable. Thus, they
need extra care to ensure that their personal data is not disclosed. Parents or guardians should be
consulted for every sensitive action when using social networks (e.g. content uploading and
publishing personal information), being able to abort their children actions. Additionally, parents
and guardians should take into account several considerations. The computer should be placed in
a common area of the house, establishing some rules about the use of Internet. Parental control