Collection of data from social networks: privacy of personal data through access of the Application Programming Interface

The development of social networks is a topic of study for several areas, and with the increased use of the Internet in professional and leisure activities, online social networks have emerged: services with the goal of providing an interface between individuals.
Some of these networks have millions of users, who agree and give their consent to the Terms of Use. The Terms of Use of these services contain the delimitation of the processes of data collection by external agents, creating a cascading effect of user identification and can enhance activities which are detrimental to user privacy.
This study looks to verify if the systematic data collection processes for documents which contain characteristics of the Application Programming Interfaces (APIs) data collection and the Terms of Use can help in identifying activities potentially harmful to user privacy (referenced) and reveal prerequisites of knowledge about the technology involved in this process, concepts prior to identifying characteristics and professional areas involved in understanding the technology of the API and the Terms of Use.
The objective is to propose an analysis based data model on personal privacy data issues, from the identification of the characteristics of the collection of data from the referenced API to assist in identifying potential actions and activities which are detrimental to privacy obtained through the data collection process.
The research universe is limited to the services available on the Internet that use APIs as interoperability interfaces of their content and the sample was defined in three APIs: from Facebook, Twitter and LinkedIn.
The methodology adopted was exploratory analysis, in qualitative form, with combined methods based on the exploitation of the technical characteristics of APIs and the reading of available documents, being segmented by the perspectives: professional areas involved, collection technology and knowledge prerequisites.
To conduct this study, three cycles are proposed: first, with the identification of the characteristics of the structure of data collection and the functionalities presented by the APIs; second, propose a model of the data from the collection of the characteristics of existing structures (Direct Model); and third, a model of Second Order, with specific information about referenced data privacy for the analysis of data privacy aspects to share with third parties.
In the end, present a list of criteria for the monitoring and evaluation of the information of referenced documents and the Terms of Use of social networks, as a way of identifying possible relationships between the absence of data.
In the considerations, we maintain the idea that this environment is complex and obfuscated to those referenced, but the data model and the instruments developed can help to minimize the complexity of referenced documents about the interoperability of datasets to external agents and understand the Terms of Use.
Keywords: Privacy. Social Network. Application Programming Interface. Data. Personal Data.


  1. Fernando de Assis Rodrigues

Full text available* at

* Only in Brazilian Portuguese.

  1. UNESP – São Paulo State University Repository


Fernando de Assis Rodrigues, B.Sc., M.S., Ph.D., is a professor at Federal University of Pará (UFPA), Brazil.