Our Argumentation Framework is based on Quantitative Bipolar Argumentation Frameworks [ 2 ].

We de ne an argumentation framework for online social networks as a tuple AF OSN = <A, R, P , p> where: A is a set of n arguments [ 0, . . . , n]; R is the attack relation on A such as A A ! R; P is the list of e pro les involved in an argumentation process [p0, . . . , pe]; and p is a function A P ! [0; : : : ; 1] that determines the score of an argument for a given pro le p.

In our framework, each individual argument = ( , T , D) is de ned by three parameters. is the claim or bias of the argument. It is represented as a binary variable that determines whether an argument acts in favour or against performing an action in the social network. T is the label of the argument, which represents the four di erent types of arguments that can be generated by our argumentation system: Privacy, Trust, Risk and Content arguments. Finally, D is the support of the argument. This parameter consists of a value derived from all the information gathered from the social network in order to infer the claim of a determined type of argument, and hence depends on the type of argument.

Each relationship r = ( i, j ) represents an attack from i towards j . As proposed in [ 12 ] and [ 13 ], a rebuttal attack occurs when an argument invalidates other argument's claim (e.g. 1 = (-1, T1, D1) rebuts 2 = (+1, T2, D2) and vice versa). On the other hand, an undercut attack is carried out when an argument's claim invalidates other argument's support. The internal argumentation process performed by our system to generate the acceptable arguments for a particular con ict in the OSN only allows rebuttal attacks. In the human interactive argumentation process carried out by our dialogue module both types of attacks will be considered.

Regarding the user pro le, we de ne p = ( , ,M ) as the combination of the preference values , the personality and a list of miscellaneous information M .

The preference values is a vector containing the preferences that each user has towards a concrete value that the arguments of our system may promote [ 3 ]. We propose the following preferences based on [ 15 ] to be considered in our system: Privacy/Popularity, Closeness/Openness, Flexibility/Intransigence and Content Sensitivity. The rst three bipolar preferences P /P , are de ned as a value v in the [ 0,1 ] range, being v the value assigned to P and (1 - v) to P . Therefore, a user pro le with Privacy/Popularity = 0.2 would have a 0.2 preference for Privacy and (1 - 0.2) preference for Popularity. The Content Sensitivity preference is de ned as a value v in the range [ 0, 1 ] being 1 the maximum concern about the content sensitivity and 0 if the user does not really care about this preference. This value is calculated as the average of the 6 di erent types of content considered in this work.

The personality of a user pro le is a 5 dimension vector that models the personality of a speci c user based on the ve parameters proposed in [ 14 ]. The personality dimensions taken into account are the Openness, Conscientiousness,

Extraversion, Agreeableness and Neuroticism. Here we assume that this information is available since users of the network have undertaken a personality test or else, that these dimensions can be automatically determined by the activities of the user in the social network [ 8 ].

The last part of the user de nition (M ) is a set of general information extracted from a speci c user pro le such as the age, location, likes, etc.

Finally, we de ne the scoring function p as the function that takes an argument and a pro le as input and determines the value of the argument in the context of a speci c user pro le. In order to obtain this score, function p is de ned as, p( ; p) =

D p (1)

Thus, the score of an argument for a speci c user pro le is basically the product of the support value of the argument, the preference value that promotes the argument and the bias of that argument.

De nition 2 (Defeat). An argument i 2 A defeats another argument j 2 A in a context determined by a user pro le p i ( i, j ) 2 R ^ j p( i, p)j > j p( j , p)j.

Then, we can de ne def eatp( i, j ) if there exists an attack relationship between both arguments and the score of the argument i is higher than the score of the argument j . It means that the argument i is promoting a value that is preferred by the user that receives the argument.

De nition 3 (Acceptability). An argument i 2 A is acceptable in a context determined by a user pro le p i 8 j 2 A ^ def eatp( j , i) ! 9 k 2 A ^ def eatp( k, j ).

In other words, an argument is acceptable if there are no other undefeated arguments attacking it. 3.2

An argumentative process is de ned by the achievement of four main tasks: identi cation, analysis, evaluation and invention [ 17 ]. Our system, graphically depicted in Figure 1 consists of four di erent modules designed to perform all these essential tasks.

Feature extraction module. This module is in charge of obtaining all the relevant information for our framework directly from the OSN. The information obtained by this module will be used to model user pro les and to get the parameters that will de ne an argument in our system.

The main purpose of modelling user pro les is to be able to learn which arguments are more persuasive to what type of user. Since one of our goals is to maximise the persuasion of our system, by de ning a set of user pro les it is possible to do a generalisation of that problem depending on the user's activity in the social network. The information extracted to de ne the pro les of users is obtained basically from three sources: the privacy con guration, the personality analysis and the miscellaneous information.

From the privacy con guration of each user is possible to de ne a privacy value that characterises him/her. Usually, a social network user de nes some privacy parameters when registering. Those parameters are the pro le visibility (e.g. public, friends, private) and the default target of his/her publications (e.g. public, friends, group, private). With the use of the OSN this information can be updated in order to accurately model the privacy preferences of the users.

For the personality analysis, as pointed out before, the users' personality can be obtained either with a survey or by analysing users activity and interactions, considering the big ve model [ 14 ].

Finally, when creating a pro le in a social network some personal information is added by the user (e.g. the age, the location, the likes). All this data can also be extracted to generate the user pro les for our system. Concretely, the miscellaneous information can be useful to determine the di erences between two di erent user pro les.

Apart from the users pro le information, the feature extraction module also obtains the parameters required to generate arguments in our system. Those parameters are mainly divided into three types: the trust, the Privacy Risk Score and the content features.

Trust is commonly understood as a way to measure the strength of a tie in a social network. In order to formally de ne the trust metric we can assume a directed graph Gt = (N , E) that represents the topology of the OSN. Let N = fi 2 f1, . . . , jN jgg be the set of nodes where i represents a user, and E = f(i, j) 2 N N g be the set of edges representing an existing relationship from i towards j. Therefore, the trust value ti;j indicates the strength of the tie that links user i with user j. It is important to emphasise that, since one of the main properties of trust is bidirectionality, the value of ti;j may di er from tj;i.

Another important parameter that the system extracts from the network usage is the Privacy Risk Score (PRS). Proposed in [ 1 ], PRS is an alternative way to measure the reachability of a speci c user in the social network. Therefore, the PRS provides information of the risk of sharing a determined information to non-desired users.

The third parameter used in our model to build arguments is the result of analysing the own content of the publication. The content features can come from two main sources: the text from the publications, and the images uploaded. We have de ned the following classes of sensitive information considering the ones proposed in [ 4 ]: { Location: information that reveals the location of any user involved in the interaction. { Medical: information that reveals the medical condition of any user involved in the interaction. { Drug: information that reveals the use of any kind of drugs. { Personal: information that reveals any kind of personal information. From the sexual orientation or the job, to more identi able information as the credit card number, the address or the birth date of any user involved in the interaction. { Family/Association: information that reveals the user's family members or their associations. { Political: information that reveals political orientation or any kind of ideological content.

The feature extraction module must determine whether a publication contains any sensitive information or not, and classify its content in any of those classes.

Argument generation module. The argument generation module processes all the information gathered by the feature extraction module in order to create abstract arguments following the guidelines of the argumentation framework. This module generates four di erent types of arguments based on the type of information extracted from the OSN: { Privacy Arguments. This class of arguments emphasise on privacy vulnerabilities. The argumentation system is able to create privacy arguments with the data obtained from the user pro le modelling. The argument is generated by computing the distance between the privacy con guration of the user and the privacy con guration of the publication. If the distance does not surpass a prede ned threshold, the argument will have a positive bias. On the other hand, if it surpasses the threshold the bias of the argument will be negative. Let us assume for example, a user pro le with a very restrictive privacy con guration. If that user tries to make a publication containing personal information and sharing it with all the network, the argumentation system will create a set of arguments regarding the privacy incoherence between the user pro le and the action being done. Therefore, the main feature to generate privacy arguments is the privacy con guration vector of each user. { Trust Arguments. Since the purpose of an OSN is to interact with other users, it is a very common situation when a user involves other users with its actions. An e ective way to handle those privacy con icts is to generate trust arguments. An argument of trust contains all the information extracted from the social network relative to the strength of the ties between users. These arguments are generated from the trust computed with the information from the feature extraction module. Concretely, if trust from users involved in the publication towards the user making the publication is not enough (i.e. does not surpass an established threshold), an argument of trust against performing the action will be generated. { Risk Arguments. When making a publication, it is impossible for the author to estimate how many users will be able to reach the information being published. Risk arguments are generated in order to warn the user about the risk of the publication being read by any undesired user of the network. The main feature used to generate arguments of this type is the PRS, since the own metric is a risk indicator. Having a high risk value will make the system generate an argument of risk against making the publication. { Content Arguments. Content arguments are generated from the data obtained by the content features analyser. Therefore, there can be as many content arguments as classes of content de ned before. In addition, depending on the user personality and privacy con guration some types of content arguments may be more or less persuasive. Let us suppose that there is a user that usually shares political information on his/her posts. To warn that user of the risks of sharing political information may have no sense. But, we will now assume that he/she makes a post containing some sensitive medical information. In this case the system will detect the risk and start an argumentation process in order to warn the user of the risk of making the medical information public.

The output of this module is an argumentation graph Ga = (A, R) where arguments are the set of nodes A = f 2 f1, . . . , jAjgg where each is an argument, and edges are the relationships R = f(i, j) 2 A Ag, where argument i attacks argument j. Therefore, once the set of arguments is generated, the module also creates the relationships between arguments.

In our argumentation framework, a relationship between arguments is de ned by the attack relation. To determine if there exist an attack relationship between two di erent arguments, the parameter bias is used. An argument positively biased and an argument negatively biased are both attacking each other by de nition.

Solver module. The solver module of our argumentation system performs the task of evaluating the argumentation graph. To solve our argumentation graph, the function p is applied to the set of arguments generated and the pro les involved in the argumentation process. Finally, all the scores are added and the system checks whether the result score is positive or negative to decide the set of acceptable arguments. If the result is positive, there are no reasons to persuade the user on modifying his/her action. On the other hand, if the result is negative, the system keeps all the negative biased arguments and sorts them by their score in order to try to persuade the user to modify his/her action.

Dialogue module. The purpose of this module is to handle the communication between the argumentation system and the human user. This module receives the set of A acceptable arguments and an argumentation strategy a. We de ne an argumentation strategy as the policy (order to present the arguments) that an argumentation agent adopts when facing an opponent (either human or agent). The dialogue module uses each argument n 2 A following the strategy a in order to persuade the user to modify his/her action. The de nition of concrete argumentation strategies remains future work. 4

Pesedia is an OSN for educational and research purposes that includes: (i) the design and development of new metrics to analyze and quantify privacy risks [ 1 ]; (ii) the application of methods to change users' behaviour regarding their privacy concerns; (iii) the implementation of new features to improve the management of users' content; (iv) and the evaluation and testing of new proposals with real users.

The underlying implementation of Pesedia uses Elgg [ 5 ], which is an open source engine that is used to build social environments. The environment provided by this engine is similar to other social networks (e.g. Facebook). The Pesedia architecture has two main components: the Platform Layer and the User Layer. The Platform Layer is the core of the architecture. This layer contains the Social Network Services, which provide the main functionality of the social network, and the Storage System, which provides persistent storage of all of the information generated in the social network. Among other modules, the Social Network Services include the module which deploy the argumentation system proposed in this work. The User Layer is in charge of managing information associated to each user. This information is divided into three categories: contacts (grouped or non-grouped); information (e.g., pro le items, publications); and settings, which are mainly focused on privacy settings, such as privacy policies and privacy thresholds. 4.2

As mentioned before, a multiparty privacy con ict (MPPC) may happen when multiple users are tagged in the same post or photo. The most common reason for this type of con icts are the di erences between privacy policies of the users that appear in the publication. We will now assume that a MPPC occurs in Pesedia in order to give an example of how our argumentation system would behave.

Thus, let us assume that user Alice wants to upload a photo to Pesedia where also appears user Bob. Based on the features obtained by the feature extraction module, the system will determine the pro le information of both users as can be seen in Table 1. In this example, user Alice main preferences regarding contents are: Location(0.3), Medical(1.0), Drugs(0.8), Personal(0.5), Family/Asociation(0.6) and Political(0.9). Meaning that when higher the value, user Alice does less publications with that content. Values vector indicates that Alice gives the values: privacy(0.3), popularity(1-0.3), closeness(0.5), openness(1-0.5), exibility(0.5), intransigence(1-0.5) and the content of the publications(0.68). These values allow us to order the priorities of the users so that we can determine the scores of the arguments for a given user. In this case, the values of popularity, closeness and the content sensitivity are the preferred values for Alice, so arguments regarding these issues will be more e ective than others. Finally the personality vector makes possible to model the user. In this example, Openness(0.2), Conscientiousness(0.6), Extraversion(0.1), Agreableness(0.7), Neuroticism(0.5); Alice can be seen as an introverted user (0.1 in extraversion) among other parameters. This same analysis can be made equivalently with user Bob in this example.

The module will also obtain the most important features of the content of the post. Alice shares a photo where location and personal information is revealed, and selects her friends as the audience to share the photo. As two users appear in the post, the system also computes the trust between them in both directions. In this example, the following trust values are considered: tAlice!Bob = 0.6 and tBob!Alice = 0.3; meaning that Alice tie strength towards Bob is considerably higher than the inverse tie. Taking into account both pro les and publication features, the argument generation module generates the following set of arguments:

A = f 1(-1, T rust, LO(0.3)), 2(+1, P rivacyA, OK(0), 3(-1, P rivacyB, ER(0.4)), 4(+1, RiskA, LO(0.23)), 5(-1, RiskB, HI(0.78)), 6(-1, ContentA, Location(0.4)), 7(+1, ContentA, Medical(0)), 8(+1, ContentA, Drug(0)), 9(1, ContentA, Personal(0.6)), 10(+1, ContentA, Family(0)), 11(+1, ContentA, Political(0)), 12(-1, ContentB, Location(0.4)), 13(+1, ContentB, Medical(0)), 14(+1, ContentB, Drug(0)), 15(-1, ContentB, Personal(0.6)), 16(+1, ContentB, Family(0)), 17(+1, ContentB, Political(0))g

The set of arguments generated contain arguments from all the four types existing in our system. It is also possible to observe how, when more than a user is involved in an argumentation process, some arguments are duplicated taking into account all the di erent user pro le features. Once all the arguments are generated, the argument generation module also creates the argumentation graph depicted in Figure 2. The graph generated is a bipartite graph on which two di erent sets can be seen. A set with the arguments against making the publication (top) and a set supporting the action of making the publication (down).

The solver module receives the graph generated by the argument generation module and proceeds with the argument evaluation by applying the score function to each argument and pro le involved in the process. The results of the evaluation can be observed in Table 2.

The result of aggregating all those values is -1.6 meaning that the module will infer that the action entails some risks for both users involved in the publication. Therefore, the dialogue module will receive the set of negative biased arguments. They will be used following a persuasion policy Alice in order to maximise the persuasion for that concrete user. Even though the design of the dialogue module is still future work, we would like to illustrate how arguments will be seen by human users in order to clearly distinguish between the shape of arguments in the internal computation and the dialogue phase. It is important to remark that, although the system has information regarding both users Alice and Bob, the dialogue phase will only be performed with the author of the publication, Alice in this case. Therefore, sensitive data regarding other users in the publication will never be revealed. Let's take into account the argument 15, an argument against making the publication, based on Bob's personal content sensitivity. The dialogue module will translate the argument from its computational shape (-1, ContentB, Personal(0.6)) to a human readable text like "It is highly recommended not to make this publication since it may infringe Bob's content privacy preferences, please consider to modify the content of the publication or to get Bob's approval before making the publication." where no speci c sensitive details of privacy preferences of other users are revealed. 5