Detrimental network effects in privacy: A graph-theoretic model for node-based intrusions

Florimond Houssiau, Piotr Sapieżyński, Laura Radaelli, Erez Shmueli, Yves Alexandre de Montjoye*

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review


Despite proportionality being one of the tenets of data protection laws, we currently lack a robust analytical framework to evaluate the reach of modern data collections and the network effects at play. Here, we propose a graph-theoretic model and notions of node- and edge-observability to quantify the reach of networked data collections. We first prove closed-form expressions for our metrics and quantify the impact of the graph's structure on observability. Second, using our model, we quantify how (1) from 270,000 compromised accounts, Cambridge Analytica collected 68.0M Facebook profiles; (2) from surveilling 0.01% of the nodes in a mobile phone network, a law enforcement agency could observe 18.6% of all communications; and (3) an app installed on 1% of smartphones could monitor the location of half of the London population through close proximity tracing. Better quantifying the reach of data collection mechanisms is essential to evaluate their proportionality.

Original languageEnglish
Article number100662
Issue number1
StatePublished - 13 Jan 2023


  • DSML 2: Proof-of-concept: Data science output has been formulated, implemented, and tested for one domain/problem
  • networks
  • privacy
  • social networks
  • surveillance


Dive into the research topics of 'Detrimental network effects in privacy: A graph-theoretic model for node-based intrusions'. Together they form a unique fingerprint.

Cite this