Architecture for Protecting Data Privacy in Decentralized Social Networks
Quang Cao, Katerina Vgena, Aikaterini-Georgia Mavroeidi, Christos Kalloniatis, Xun Yi, Son Hoang Dau
TL;DR
The paper addresses privacy concerns in social networks and proposes a decentralized DOSN architecture leveraging Blockchain, Decentralized Storage Networks, and Access Control Smart Contracts to protect user data and rights under GDPR. It conducts a PRISMA-based literature review, identifies gaps in defining DOSNs and GDPR-related legal frameworks, and motivates a novel architecture that distributes encrypted data across a DSN with the Merkle DAG root stored on-chain. The architecture uses Shamir Secret Sharing for key management and Access Control Contracts to enforce policies, mitigating reliance on trusted nodes and enabling auditable access. The work highlights that prior designs incur storage costs that scale with the number of trusted nodes and content, and argues that the DSN-based approach offers a practical, auditable path toward privacy-preserving decentralized social networks, while calling for empirical evaluations and security audits. Overall, the solution aims to provide a GDPR-aligned, user-centric foundation for the next generation of digital social platforms, balancing privacy, control, and verifiability.
Abstract
Centralized social networks have experienced a transformative impact on our digital era communication, connection, and information-sharing information. However, it has also raised significant concerns regarding users' privacy and individual rights. In response to these concerns, this paper proposes a novel Decentralized Social Network employing Blockchain technology and Decentralized Storage Networks completed by Access Control Smart Contracts. The initial phase comprises a comprehensive literature review, delving into decentralized social networks, explaining the review methodology, and presenting the resulting findings. Building upon these findings and an analysis of previous research gaps, we propose a novel architecture for decentralized social networks. In conclusion, the principal results highlight the benefit of our decentralized social network to protect user privacy. Moreover, the users have all rights to their posted information following the General Data Protection Regulation (GDPR).