Previously, we had posted on how semantic technologies played an important role in mitigating privacy risks in both conventional software systems and semantic web applications. However, immaturity of semantic technologies means it can be easily exploited for nefarious gains. For example, Nasirifard et al. demonstrate how publicly available FOAF profiles allow spammers to send context-aware spam. Unlike online profiles within social networks, FOAF-based structured data provides a more reliable and accessible “food” for spammers and attackers. Current solutions (e.g. Digital Signatures) and proposed methods to restrict unauthorized accesses to FOAF files can prevent a subset of such activities but they are not widely used.
Interestingly however, FOAF is also a great illustration of the two-sided aspect of technology in privacy. Indeed, while creating such potentially new challenges for privacy, FOAF is also at the basis of WebID, one of the most interesting current development on giving back to users control over their personal information, through enabling a peer-to-peer identity framework where each user is responsible from managing their own identity (see also FOAF+SSL).