Your search keyword '"Personally identifiable information"' showing total 2,581 results

1. Is smart scary? A mixed-methods study on privacy in smart tourism.

Author

Femenia-Serra, Francisco, Ioannou, Athina, and Tussyadiah, Iis P.

Subjects

TOURISM, PRIVACY, PERSONALLY identifiable information, DATA management, FUEL systems

Abstract

This paper investigates privacy concerns in smart tourism, in which personal data fuels systems and services developed to enhance tourists' experiences. A mixed-methods approach, involving semi-structured interviews (N = 34) and a survey among travellers from the UK and Spain (N = 1,019), was adopted. Findings from the qualitative study suggest that privacy concerns in smart tourism are built on preceding factors, including risk associated with use of different types of technology, past experiences with data misuse, and unawareness of data management practices. To cope with these, tourists adopt different strategies to protect their data. Results from the quantitative study reveal that privacy concerns influence actual behaviours and limit data disclosure. Different agents managing tourists' personal data generate varying levels of privacy concerns. These findings have critical implications for tourism organizations and policy makers, posing the need to rethink the ramifications of smart tourism development for tourists and to devise appropriate strategies to address them. [ABSTRACT FROM AUTHOR]

Published

2022

2. DESIGN GOALS FOR CONSENT AT SCALE IN DIGITAL SERVICE ECOSYSTEMS.

Author

Kurtz, Christian, Wittner, Florian, Semmann, Martin, Vogel, Pascal, and Böhmann, Tilo

Subjects

DESIGN services, PERSONALLY identifiable information, LEGAL documents, DIGITAL technology, AUTOMATION

Abstract

Digital services have undergone a shift to multi-actor constellations characterised by the utilisation of personal data. By involving external actors, service capability and variety increase but so does the number of actors that gain access to personal data. Here, privacy policies are legal documents that serve two primary functions: specifying the purpose and details of data processing in a binding manner and informing users about it. Privacy policies therefore have special importance in which the processing is based on user consent. In a case study of the platform eBay, we identified 18 problems that point out difficulties in achieving consent in a meaningful way in today's large-scale and massively interconnected digital service ecosystems. Based on these problems, the design goals are determined which help to find meaningful consent in digital service ecosystems. These goals include notifications for changed purposes of data processing in ecosystems or the reasonability of time needed for consent in relation to the usage time of the service. Thus far, no legal limits govern the reasonability of efforts for consent to privacy policies. This requires a fundamental rethinking of the concept of consent or far-reaching automation of privacy-related legal acts. [ABSTRACT FROM AUTHOR]

Published

2020

3. Overcoming Challenges to Enable the Potential of Metaverse Platforms: A Qualitative Approach to Understand Value Creation

Author

Jeffry Babb, Paul Benjamin Lowry, Mark J. Keith, Amjad Abdullat, and Christopher P. Furner

Subjects

Engineering, Information privacy, Privacy by Design, business.industry, Privacy software, Internet privacy, Perfect information, General Medicine, World Wide Web, mental disorders, Location-based service, Consumer privacy, business, Information cascade, Personally identifiable information

Abstract

Mobile Applications (a.k.a. apps) have rapidly grown into a multi-billion-dollar industry. Because they are available through devices that are “always on” and often with the user, mobile apps are often adopted “on the fly” as needed. As a result, the related adoption and disclosure decisions are frequently only based on the information provided through the mobile app delivery platform (e.g., the Apple App Store™ or Google Play™). The fact that mobile app use often requires the disclosure of an unprecedented combination of personal information (e.g., location data, preferences, contacts, calendars, browsing history, music library) means that a very complex risk/benefit tradeoff decision is based on only the small amount of information provided by the mobile app delivery platform — and all in a short period of time. Hence, this process is much shorter and much riskier than traditional software adoption. Through two experiments involving 1,588 mobile app users, we manipulated three primary sources of information provided by the platform (app quality ratings, network size, and privacy assurances) to understand their effect on perceptions of privacy risks and benefits, and in turn, how they influence consumer adoption intentions and willingness-to-pay (WTP). The results indicate that network size influences not only perceived benefits but also the perceived risks of apps in the absence of perfect information. In addition, we find that integrating a third-party privacy assurance system into the app platform has a significant influence on app adoption and information disclosure. LBS privacy risk perceptions can also be reduced by network size, thus confirming our information cascade hypothesis. We further discuss the implications of these findings for research and practice.

Published

2023

4. A Survey on Facebook Users and Information Privacy.

Author

Presthus, Wanda and Vatne, Dina Marie

Subjects

DATA privacy, SOCIAL media, PERSONALLY identifiable information, INTERNET privacy, COMPUTER surveys, SELF-disclosure, DECISION making, SURVEYS

Abstract

This paper investigates how Facebook users perceive information privacy against the benefits of being a member. Inspired by the privacy calculus model, we created a Norwegian online survey (n=188) in spring 2018 and offer the following insights: The largest benefit of being on Facebook is maintaining contact with friends, and the largest concern is the misuse of identity, not necessarily by Facebook but by third parties. The self-disclosure involved is a privacy trade-off based on awareness, and we argue that our respondents are making an informed decision. The scenario of paying a monthly monetary sum for using Facebook if it means securing their personal data seemed to puzzle our respondents. This study should be interesting for social media users and researchers studying information privacy. While our research mainly confirms existing research, we suggest that this subject could be repeated continuously due to the rapid development and change in both technology and its users. [ABSTRACT FROM AUTHOR]

Published

2019

5. Consumer perspectives on information privacy following the implementation of the GDPR.

Author

Presthus, Wanda and Sørum, Hanne

Subjects

RIGHT of privacy, DATA privacy, INTERNET privacy, PERSONALLY identifiable information, DATA protection, INTERNATIONAL economic integration, INTERNET surveys

Abstract

The General Data Protection Regulation (GDPR) was implemented in the European Union and European Economic Area in May 2018. The GDPR aims to strengthen consumers' rights to data privacy in the wake of technological developments like big data and artificial intelligence. This was a hot topic for stakeholders, such as lawyers, companies and consumers, prior to the GDPR's implementation. This paper investigates to what extent consumers are concerned about information privacy issues following the implementation of the GDPR. We present findings from an online survey conducted during spring 2019 among 327 Norwegian consumers, as well as findings from a survey conducted immediately prior to the implementation of the GDPR in spring 2018. We draw the following conclusions: (1) consumers gained significant knowledge about their information privacy from the GDPR, but felt relatively little need to execute their enhanced rights; (2) about 50% of respondents believed themselves to have control over their data, while almost 40% stated that they had no control about their personal data; and (3) consumers largely trusted companies to manage their personal data. These insights are of interest to both academia and to industries that deal with personal data. [ABSTRACT FROM AUTHOR]

Published

2019

6. On the regulation of personal data distribution in online advertising platforms.

Author

Estrada-Jiménez, José, Parra-Arnau, Javier, Rodríguez-Hoyos, Ana, and Forné, Jordi

Subjects

*INTERNET advertising, *DATA distribution, *PERSONALLY identifiable information, *DATA protection, *ADVERTISING agencies, *ARTIFICIAL satellite tracking

Abstract

Online tracking is the key enabling technology of modern online advertising. In the recently established model of real-time bidding (RTB), the web pages tracked by ad platforms are shared with advertising agencies (also called DSPs), which, in an auction-based system, may bid for user ad impressions. Since tracking data are no longer confined to ad platforms, RTB poses serious risks to privacy, especially with regard to user profiling, a practice that can be conducted at a very low cost by any DSP or related agency, as we reveal here. In this work, we illustrate these privacy risks by examining a data set with the real ad-auctions of a DSP, and show that for at least 55% of the users tracked by this agency, it paid nothing for their browsing data. To mitigate this abuse, we propose a system that regulates the distribution of bid requests (containing user tracking data) to potentially interested bidders, depending on their previous behavior. In our approach, an ad platform restricts the sharing of tracking data by limiting the number of DSPs participating in each auction, thereby leaving unchanged the current RTB architecture and protocols. However, doing so may have an evident impact on the ad platform's revenue. The proposed system is designed accordingly, to ensure the revenue is maximized while the abuse by DSPs is prevented to a large degree. Experimental results seem to suggest that our system is able to correct misbehaving DSPs, and consequently enhance user privacy. • We reveal an abuse by ad agencies whereby user-tracking data is acquired at no cost. • Our system is designed to maximize the ad-revenue while the abuse is prevented. • Experimental results shows that our system can correct misbehaving agencies. [ABSTRACT FROM AUTHOR]

Published

2019

7. FALSIFYING PERSONAL DATA TO ADDRESS ONLINE PRIVACY ISSUES.

Author

Chergarova, Vasilka and Ling Wang

Subjects

PERSONALLY identifiable information, INTERNET privacy, CRIMINAL behavior, FRAUD, INFORMATION superhighway, VOTING, DATA privacy

Abstract

Companies today track people's browsing activity and collect their personal information. Amazon transactions cover 50% of the online transactions in the USA, and Google and Facebook cover most of the digital advertising. However, a significant disconnect exists between how the data is being used, sold, or shared, and what the user actually may want. Currently, no law or regulation encompasses how data brokers should handle private information. Several incidents, as Snowden revelations, Brexit, Cambridge Analytica scandal influencing on the United States election vote in 2016, are an example where Big Data collection of personal data is misused. Online users are adopting criminal like behavior to protect their own information. Considering the collection of personal information to be unfair, users are withholding personal data or giving false information. This paper proposes a Design Science Research study methodology to assess if falsifying personal data in online forms prevent the leak of personal information. It is very important to educate students to protect information infrastructure at their future work place and also keep the same practices when it comes to their private information. [ABSTRACT FROM AUTHOR]

Published

2019

8. Real-time Privacy Preserving Framework for Covid-19 Contact Tracing

Author

Manoj Kumar, Akashdeep Bhardwaj, Mohammed Alshehri, Ahmed Mohamed, and Ahed Abugabah

Subjects

Information privacy, Computer science, business.industry, Internet privacy, Tracing, Computer Science Applications, Variety (cybernetics), law.invention, Biomaterials, Bluetooth, Identification (information), Mechanics of Materials, law, Modeling and Simulation, Electrical and Electronic Engineering, business, Personally identifiable information, Mobile device, Contact tracing

Abstract

The recent unprecedented threat from COVID-19 and past epidemics, such as SARS, AIDS, and Ebola, has affected millions of people in multiple countries. Countries have shut their borders, and their nationals have been advised to self-quarantine. The variety of responses to the pandemic has given rise to data privacy concerns. Infection prevention and control strategies as well as disease control measures, especially real-time contact tracing for COVID-19, require the identification of people exposed to COVID-19. Such tracing frameworks use mobile apps and geolocations to trace individuals. However, while the motive may be well intended, the limitations and security issues associated with using such a technology are a serious cause of concern. There are growing concerns regarding the privacy of an individual's location and personal identifiable information (PII) being shared with governments and/or health agencies. This study presents a real-time, trust-based contact-tracing framework that operates without the use of an individual's PII, location sensing, or gathering GPS logs. The focus of the proposed contact tracing framework is to ensure real-time privacy using the Bluetooth range of individuals to determine others within the range. The research validates the trust-based framework using Bluetooth as practical and privacy-aware. Using our proposed methodology, personal information, health logs, and location data will be secure and not abused. This research analyzes 100,000 tracing dataset records from 150 mobile devices to identify infected users and active users. © 2021 Tech Science Press. All rights reserved.

Published

2022

9. Beyond Lessig's Code for Internet Privacy: Cyberspace Filters, Privacy Control and Fair Information Practices

Author

Paul M. Schwartz

Subjects

Information privacy, Privacy by Design, Computer science, business.industry, Privacy software, Privacy policy, Internet privacy, FTC Fair Information Practice, Information privacy law, Legal aspects of computing, business, Personally identifiable information

Abstract

In Code, the most influential book yet written about law and cyberspace, Lawrence Lessig makes an intriguing proposal for shaping privacy on the Internet: (1) the legal assignment to every individual of a property interest in her own personal information, and (2) the employment of software transmission protocols, such as P3P, to permit the individual to structure her access to Web sites. In "Beyond Lessig's Code for Internet Privacy: Cyberspace Filters, Privacy Control, and Fair Information Practices," 2000 Wisc. L. Rev. 743, I respond to this approach with a number of criticisms and a competing proposal. My initial criticism of Lessig's proposal for privacy concerns how it contradicts his stand against PICs, a software transmission protocol for filtering Internet content reminiscent of P3P. Once we place privacy in a social context, moreover, P3P seems far less attractive an option. In place of Lessig's underlying paradigm, which seeks to increase personal control of data. I develop a concept of constitutive privacy. In my view, information privacy is a constitutive value that safeguards participation and association in a free society. Rather than simply seeking to allow more and more individual control of personal data, we should view the normative function of information privacy as inhering in its relation to participatory democracy and individual self-determination. A privacy market can play a role in helping information privacy fulfill this constitutive function. Yet, Lessig's propertization of privacy raises a further set of difficulties. In my view, propertization a la Lessig will only heighten flaws in the current market for personal data. This consequence follows from numerous shortcomings in this market and structural difficulties that indicate the unlikelihood of a self-correction in it. Moreover, in revisiting Calabresi and Melamed's work regarding the comparative merits of property and liability regimes, I find that a mixed regime is to be preferred for Internet privacy over Lessig's property regime. Part III of this Article turns from criticism to prescription and develops the mixture of property and liability rules necessary for establishment of information privacy standards in cyberspace. It proposes recourse to Fair Information Practices (FIPs) to establish rules for the fair treatment of personal data on the Internet. Yet, FIPs are not without potential shortcomings if structured only as command-and-control rules. My suggestion therefore is that an American Internet privacy law consisting of FIPs should include both mandatory and default elements.

Published

2022

10. Freedom of Speech, Information Privacy, and the Troubling Implications of a Right to Stop People from Speaking About You

Author

Eugene Volokh

Subjects

Information privacy, Government, business.industry, Computer science, Privacy policy, media_common.quotation_subject, Control (management), Internet privacy, FTC Fair Information Practice, Dignity, Law, business, Private information retrieval, Personally identifiable information, media_common

Abstract

Proposed "information privacy" rules that give us the power to "control . . . information about ourselves" and to mandate "fair information practices" sound appealing. Why, after all, should a business be able to communicate information about its clients without the clients' permission, and why should the media be able to publish unnewsworthy private information about us for the whole world to see? The difficulty is that the right to information privacy -- the right to control other people's communication of personally identifiable information about you -- is a right to have the government stop people from speaking about you. And the First Amendment (which is already our basic code of "fair information practices") generally bars the government from "control[ling the communication] of information," either by direct regulation or through the authorization of private lawsuits. This article makes two main points: (1) While privacy protection secured by contract turns out to be constitutionally sound, broader information privacy rules are not easily defensible under existing free speech law. (2) Creating new free speech exceptions to accommodate information privacy speech restrictions could give us much more than we bargained for: Most of the justifications given for information privacy speech restraints are directly applicable to other speech control proposals that have already been proposed, and accepting these justifications in the attractive case of information privacy speech restrictions would create a powerful precedent for those other restraints. My chief goal is to consider, as concretely as possible, what these unintended consequences of various justifications for information privacy speech restrictions might be. I ultimately conclude that these consequences are troubling enough that I must reluctantly oppose such information privacy rules. But I hope the article will also be useful to those who are committed to supporting information privacy speech restrictions but would like to design their arguments in order to minimize the risks that I identify, and even to those who welcome the possibility that information privacy speech restrictions may become a precedent for other restrictions because they believe the Court has generally gone too far in protecting, say, nonpolitical speech or speech that injures the dignity of others.

Published

2022

11. Blockchain-based federated learning methodologies in smart environments

Author

Bo Cao, Dong Li, and Zai Luo

Subjects

Information privacy, Blockchain, Computer Networks and Communications, Computer science, Federated learning, Information security, Data science, Article, Internet of Things (IoT), Information sensitivity, Privacy, Smart city, Security, Smart environment, Road map, Personally identifiable information, Software

Abstract

Blockchain technology is an undeniable ledger technology that stores transactions in high-security chains of blocks. Blockchain can solve security and privacy issues in a variety of domains. With the rapid development of smart environments and complicated contracts between users and intelligent devices, federated learning (FL) is a new paradigm to improve accuracy and precision factors of data mining by supporting information privacy and security. Much sensitive information such as patient health records, safety industrial information, and banking personal information in various domains of the Internet of Things (IoT) including smart city, smart healthcare, and smart industry should be collected and gathered to train and test with high potential privacy and secured manner. Using blockchain technology to the adaption of intelligent learning can influence maintaining and sustaining information security and privacy. Finally, blockchain-based FL mechanisms are very hot topics and cut of scientific edge in data science and artificial intelligence. This research proposes a systematic study on the discussion of privacy and security in the field of blockchain-based FL methodologies on the scientific databases to provide an objective road map of the status of this issue. According to the analytical results of this research, blockchain-based FL has been grown significantly during these 5 years and blockchain technology has been used more to solve problems related to patient healthcare records, image retrieval, cancer datasets, industrial equipment, and economical information in the field of IoT applications and smart environments.

Published

2021

12. The Effect of Privacy Concern Towards the Intention to Accept App Permission on Students Mobile Users

Author

Infrisanti Wilson Tong, Alvi Geovanny, Vincent Octarian Vianto, and Jason Aaron Yang

Subjects

Information privacy, Survey methodology, business.industry, Computer science, Internet privacy, Perspective (graphical), Perceived control, Social media, Permission, business, Personally identifiable information, Hacker

Abstract

Mobile usage has become a part of our daily lives. However, many mobile users ignore the existence of app permissions in an app. One of the reasons is the lack of information related to app permissions. If users are not careful, app permissions can be abused by hackers to steal their data such as SMS, photos, microphone access, and GPS. The purpose of this study is to observe the perspective of university students in Batam regarding app permissions as well as to see the consequences of that perspective. The basis of this research is using survey method for 132 social media users and regression. This study proves that mobile users’ information privacy concerns have an influence on the intention to accept app permissions, which means that university students of Batam tend to consider personal information privacy on mobile before accepting app permissions. However, computer anxiety and perceived control do not affect mobile users’ information privacy concerns, which means university students of Batam have neither computer anxiety nor perceived control over personal information privacy on mobile.

Published

2021

13. How the Poor Data Privacy Regime Contributes to Misinformation Spread and Democratic Erosion

Author

Wayne Unger

Subjects

Persuasion, Information privacy, business.industry, media_common.quotation_subject, Internet privacy, ComputingMilieux_LEGALASPECTSOFCOMPUTING, Democracy, Politics, Disinformation, ComputingMilieux_COMPUTERSANDSOCIETY, Misinformation, business, Personally identifiable information, Autonomy, media_common

Abstract

Disinformation campaigns reduce trust in democracy, harm democratic institutions, and endanger public health and safety. While disinformation and misinformation are not new, their rapid and widespread dissemination has only recently been made possible by technological developments that enable never-before-seen levels of mass communication and persuasion.Today, a mix of social media, algorithms, personal profiling, and psychology enable a new dimension of political messaging—a dimension that disinformers exploit for their political gain. These enablers share a root cause—the poor data privacy and security regime in the U.S.At its core, democracy requires independent thought, personal autonomy, and trust in democratic institutions. A public that thinks critically and acts independently can check the government’s power and authority. However, when the public is misinformed, it lacks the autonomy to freely elect and check its representatives and the fundamental basis for democracy erodes. This Article addresses a root cause of misinformation dissemination —the absence of strong data privacy protections in the U.S.—and its effects on democracy. This Article explains, from a technological perspective, how personal information is used for personal profiling, and how personal profiling contributes to the mass interpersonal persuasion that disinformation campaigns exploit to advance their political goals.

Published

2021

14. SmartDL: energy-aware decremental learning in a mobile-based federation for geo-spatial system

Author

Dan Wu, Wenting Zou, Xiao Sun, Yuhao Wang, Haoyang Zhu, Zichen Xu, Chengzhong Xu, and Li Li

Subjects

Information sensitivity, Information privacy, Speedup, Artificial Intelligence, Computer science, Distributed computing, Testbed, Energy consumption, Personally identifiable information, Mobile device, Software, Efficient energy use

Abstract

Federated learning is designed to collaboratively train a shared model based on a large number of mobile devices while preserving data privacy, which has been widely adopted to support different geo-spatial systems. However, two critical issues prevent federated learning to be effectively deployed on resource-constrained devices in large scale. First, federated learning causes high energy consumption which can badly hurt the battery lifetime of mobile devices. Second, leakage of sensitive personal information still occurs during the training process. Thus, a system that can effectively protect the sensitive information while improving the energy efficiency is urgently required for a mobile-based federated learning system. This paper proposes SmartDL, an energy-aware decremental learning framework that well balances the energy efficiency and data privacy in an efficient manner. SmartDL improves the energy efficiency from two levels: (1) global layer, which adopts an optimization approach to select a subset of participating devices with sufficient capacity and maximum reward. (2) local layer, which adopts a novel decremental learning algorithm to actively provides the decremental and incremental updates, and can adaptively tune the local DVFS at the same time. We prototyped SmartDL on physical testbed and evaluated its performance using several learning benchmarks with real-world traces. The evaluation results show that compared with the original federated learning, SmartDL can reduce energy consumption by 75.6–82.4% in different datasets. Moreover, SmartDL achieves a speedup of 2–4 orders of magnitude in model convergence while ensuring the accuracy of the model.

Published

2021

15. ($$k,\varepsilon ,\delta $$)-Anonymization: privacy-preserving data release based on k-anonymity and differential privacy

Author

Chia-Mu Yu, Yu-Hsiang Chang, Pei-Yuan Tsai, Yung-Li Hu, Yao-Tung Tsou, Mansour Naser Alraja, Yennun Huang, and Li-Sheng Chen

Subjects

Information privacy, Theoretical computer science, Computer science, k-anonymity, Synthetic data, Management Information Systems, Set (abstract data type), Hardware and Architecture, Consumer privacy, Differential privacy, Privacy law, Personally identifiable information, Software, Information Systems

Abstract

The General Data Protection Regulation came into effect on May 25, 2018, and has rapidly become a touchstone model for modern privacy law. It empowers consumers with unprecedented control over the use of their personal information. However, new guarantees of consumer privacy adversely affect data sharing and data application markets because service companies (e.g., Apple, Google, Microsoft) cannot provide immediate and optimized services through analysis of collected consumer experiences. Therefore, data de-identification technology (e.g., k-anonymity and differential privacy) is a candidate solution to protect sharing data privacy. Various workarounds based on existing methods such as k-anonymity and differential privacy technologies have been proposed. However, they are limited in data utility, and their data sets have high dimensionality (the so-called curse of dimensionality). In this paper, we propose the ( $$k,\varepsilon ,\delta $$ )-anonymization synthetic data set generation mechanism (called ( $$k,\varepsilon ,\delta $$ )-anonymization for short) to protect data privacy before releasing data sets to be analyzed. Synthetic data sets generated by ( $$k,\varepsilon ,\delta $$ )-anonymization satisfy the definitions of k-anonymity and differential privacy by applying KD-tree and random sampling mechanisms. Moreover, ( $$k,\varepsilon ,\delta $$ )-anonymization uses principle component analysis to rationally replace high-dimensional data sets with lower-dimensional data sets for consideration of efficient computation. Finally, we confirm the relationships between parameters k, $$\varepsilon $$ , and $$\delta $$ for k-anonymity and ( $$\varepsilon ,\delta $$ )-differential privacy and estimate the utility of ( $$k,\varepsilon ,\delta $$ )-anonymization synthetic data sets. We report a privacy analysis and a series of experiments that prove that ( $$k,\varepsilon ,\delta $$ )-anonymization is feasible and efficient.

Published

2021

16. EpilepsyGAN: Synthetic Epileptic Brain Activities With Privacy Preservation

Author

Roger Wattenhofer, Amir Aminifar, Philippe Ryvlin, Damian Pascual, David Atienza, and Alireza Amirshahi

Subjects

medicine.medical_specialty, Information privacy, Neurology, Computer science, Biomedical Engineering, Neurological disorder, Audiology, Electroencephalography, Epilepsy Monitoring, Epilepsy, Seizures, Synthetic Brain Activities, medicine, Humans, medicine.diagnostic_test, Brain, medicine.disease, Generative Adversarial Networks (GANs), Seizure Detection, Privacy, Seizure detection, Quality of Life, Epilepsy monitoring, Personally identifiable information, Algorithms

Abstract

Epilepsy is a chronic neurological disorder affecting more than 65 million people worldwide and manifested by recurrent unprovoked seizures. The unpredictability of seizures not only degrades the quality of life of the patients, but it can also be life-threatening. Modern systems monitoring elec-troencephalography (EEG) signals are being currently developed with the view to detect epileptic seizures in order to alert caregivers and reduce the impact of seizures on patients' quality of life. Such seizure detection systems employ state-of-the-art machine learning algorithms that require a large amount of labeled personal data for training. However, acquiring EEG signals during epileptic seizures is a costly and time-consuming process for medical experts and patients. Furthermore, this data often contains sensitive personal information, presenting privacy concerns. In this work, we generate synthetic seizure-like brain electrical activities, i.e., EEG signals, that can be used to train seizure detection algorithms, alleviating the need for sensitive recorded data. Our experiments show that the synthetic seizure data generated with our GAN model succeeds at preserving the privacy of the patients without producing any degradation in performance during seizure monitoring. © 2020 IEEE. ISSN:0018-9294 ISSN:1558-2531

Published

2021

17. Privacy Compliance: Can Technology Come to the Rescue?

Author

Wenqiang Ruan, Zhenhuan Wu, Weili Han, Lushan Song, Mingxin Xu, and Haoyang Jia

Subjects

Information privacy, Computer Networks and Communications, Computer science, business.industry, Internet privacy, ComputingMilieux_LEGALASPECTSOFCOMPUTING, The Internet, Electrical and Electronic Engineering, Service provider, business, Law, Personally identifiable information, Compliance (psychology)

Abstract

Personal information (PI) is valuable to web-based service providers, but its mishandling can be costly due to emerging laws. This article identifies nine legal requirements for privacy compliance in five stages of PI handling and discusses potential technical solutions.

Published

2021

18. Secure Service Offloading for Internet of Vehicles in SDN-Enabled Mobile Edge Computing

Author

Xiaolong Xu, Haibin Zhu, Lianyong Qi, Suraj Sharma, Xuyun Zhang, Qihe Huang, and Zakirul Alam Bhuiyan

Subjects

050210 logistics & transportation, Service (systems architecture), Information privacy, Mobile edge computing, business.industry, Computer science, Mechanical Engineering, 05 social sciences, Service management, Computer Science Applications, 0502 economics and business, Automotive Engineering, The Internet, Quality of experience, business, Personally identifiable information, Edge computing, Computer network

Abstract

Currently, Edge computing (EC) paradigm is adopted to provision the low-latency resources for the massive real-time services in Internet of vehicles (IoV). To alleviate the QoE (Quality of Experience) degradation of the vehicular users due to the uncertainties (e.g., resource conflicts and communicating interruption), software-defined network (SDN) is involved in the EC-enabled IoV to manage the cooperative operation of distributed edge nodes (ENs). However, the increasing privacy leakage for the IoV service offloading causes the disclosure of the sensitive information, including driving location, personal information of the driver, etc. Moreover, the regulation of SDN is practically insufficient, as the general control is incompetent to maintain balanced operation with the premise of efficient service utility. In view of these challenges, a secure s ervice o ffloading me thod, named SOME, is designed to promote IoV service utility and edge utility, meanwhile ensuring privacy security, in SDN-enabled EC. Specifically, an SDN-based framework for IoV service management is developed to address the inherent uncertainty of edge network by SDN controllers. Besides, the locality-sensitive-hash (LSH) is leveraged to realize utility- and privacy-aware service selection. Eventually, comparative experiments are implemented to verify the effectiveness of SOME.

Published

2021

19. Privacy by Deletion: The Need for a Global Data Deletion Principle

Author

Keele, Benjamin

Subjects

Information privacy, data protection, business.industry, media_common.quotation_subject, Internet privacy, FOS: Law, ComputingMilieux_LEGALASPECTSOFCOMPUTING, Information privacy law, LawArXiv|Law, International law, privacy, bepress|Law, LawArXiv|Law|International Law, Set (abstract data type), International Law, Data Protection Act 1998, bepress|Law|International Law, Business, Law, Personally identifiable information, Autonomy, media_common

Abstract

With global personal information flows increasing, efforts have been made to develop principles to standardize data protection regulations. However, no set of principles has yet achieved universal adoption. This note proposes a principle mandating that personal data be securely destroyed when it is no longer necessary for the purpose for which it was collected. Including a data deletion principle in future data protection standards will increase respect for individual autonomy and decrease the risk of abuse of personal data. Though data deletion is already practiced by many data controllers, including it in legal data protection mandates will further the goal of establishing an effective global data protection regime.

Published

2022

20. Privacy concerns and digital government: exploring citizen willingness to adopt the COVIDSafe app

Author

Lemuria Carter, Jiesen Lin, and Dapeng Liu

Subjects

Information privacy, medicine.medical_specialty, Government, business.industry, Download, Public health, Internet privacy, Library and Information Sciences, Test (assessment), Intervention (law), medicine, business, Personally identifiable information, health care economics and organizations, Contact tracing, Information Systems

Abstract

Contact tracing is a key public health intervention during the coronavirus pandemic. While government contact tracing apps (e.g., COVIDSafe) may enforce personal information protection, privacy concerns remain among citizens. To date, few studies have investigated the adoption of contact tracing technology and corresponding citizen information privacy concerns. To address this gap, we propose a research model to explore the impact of individual privacy concerns, trust, and risk perceptions on citizen’s willingness to download a federal contact tracing app. To test the model, we administer a survey to Australian citizens to assess their perceptions of the government’s “COVIDSafe” app. The results of this study indicate that relative advantage, compatibility and trusting beliefs increase adoption intentions. The study provides recommendations for governments tackling COVID-19 and guidance for contact tracing strategies in preparation for future pandemics. © Operational Research Society 2021.

Published

2021

21. Privacy Maintenance in Self-Digitization

Author

France Bélanger, Robert E. Crossler, and John Correia

Subjects

Information privacy, Computer Networks and Communications, business.industry, media_common.quotation_subject, 05 social sciences, Internet privacy, Context (language use), 02 engineering and technology, Management Information Systems, Data sharing, Empirical research, 020204 information systems, Perception, 0502 economics and business, 0202 electrical engineering, electronic engineering, information engineering, 050211 marketing, Continuance, Psychology, business, Personally identifiable information, Digitization, media_common

Abstract

Individuals are increasingly using personal Internet of Things (IoT) devices that digitize their day-to-day lives. Those devices, however, often require substantial personal information to generate their intended benefits. For example, fitness technologies collect health, sleep, personal, and a vast array of other information ubiquitously, creating possible privacy issues for the users when fitness technology platform providers store or share their information, whether users know this or not. To explore the role of privacy perceptions in the context of continued use of fitness technologies, this study collected data from 212 fitness tracker users. We find empirical support for the importance of privacy perceptions in a user's intention to continue to use their fitness tracker. More specifically, consistent with privacy calculus research, privacy concern is negatively related to willingness to disclose information while perceived benefit is positively related to it. As an extension to calculus variables, users' expectations towards the data sharing practices of organizations also influences their willingness to disclose information. Importantly, willingness to disclose information has a direct effect on continued use intentions but also moderates the relationship between perceived benefit and users' intentions to continue using a fitness tracker. We discuss the implications of these findings for research and practice.

Published

2021

22. Protect and Project

Author

Anne Clara Tally, Katreen Boustani, Christena Nippert-Eng, and Yu Ra Kim

Subjects

Information privacy, Computer Networks and Communications, business.industry, media_common.quotation_subject, Internet privacy, ComputingMilieux_PERSONALCOMPUTING, Identity (social science), Identity management, Human-Computer Interaction, Negotiation, Boundary-work, Sociology, business, Video game, Publicity, Personally identifiable information, Social Sciences (miscellaneous), media_common

Abstract

Video game players face a fundamental challenge in managing their competing desires for both privacy and publicity, for being both apart from, and a part of, the communities in which they play. In this paper, we argue that "gamertags" are important tools for protecting gamers' privacy as well as creative outlets for expressing meaningful aspects of identity. Based on 30 semi-structured interviews focused on players' usernames, we find through the pseudonyms under which they play, gamers both hide identifying information such as their offline names and addresses while bringing attention to information that is deeply meaningful to them, such as their family nickname or favorite music. By deemphasizing some parts of their identity and by emphasizing others, players not only shape how they are perceived by other gamers, but they also attempt to preclude accidental disclosure of more identifying information. We argue that gamertag practices thus constitute an important form of boundary work through which gamers actively seek to draw lines between their offline and multiple online worlds in the ways that they wish. We argue that gamers use these names to both protect and project aspects of their identities--at times even seeking protection through projection--as a way of addressing their competing desires to both conceal and reveal different aspects of their identities. As boundary work, players' efforts to carefully protect personally-identifying information and intentionally project personally meaningful information to their communities help them better manage their online identities, relationships with others, and overall data privacy.

Published

2021

23. Privacy Protection in Bigdata: A Survey

Author

Saumya Gupta

Subjects

Information privacy, Data processing, business.industry, Computer science, Emerging technologies, Process (engineering), General Mathematics, Big data, Privacy protection, Internet privacy, Education, Computational Mathematics, Computational Theory and Mathematics, SWORD, business, Personally identifiable information

Abstract

Bigdata becomes a significant sector and academics research topic. Bigdata is a two-edged sword. The rising volume of information together will increase the likelihood of blundering non-public data privacy. Due to many new technologies and innovations that pervade our everyday lives, like smartphones and social networking apps, and the Internet of Things-based intelligent-world systems, the large amount of data generated in our world has exploded. During this data processing, storage, and the use of the information it can quickly cause personal information exposure and the difficulty of interpreting the information. The aim is to incorporate this range of information into one framework for big data management and to recognize problems regarding privacy. This paper begins with the introduction of bigdata, its process, protection issues, and tools which are used to solve its problems

Published

2021

24. SIP: An Efficient and Secure Information Propagation Scheme in E-Health Networks

Author

Wei Ren, Neal N. Xiong, Liping Zhang, Xianghan Zheng, Kim-Kwang Raymond Choo, and Zhen Wei

Subjects

Information privacy, Security analysis, Signal processing, Steganography, Cover (telecommunications), Computer Networks and Communications, business.industry, Computer science, Cryptography, Encryption, Computer Science Applications, Control and Systems Engineering, business, Personally identifiable information, Computer network

Abstract

Electronic healthcare (e-health) networks are increasingly popular, particular during pandemics such as COVID-19. This reinforces the importance of ensuring security and privacy for data-in-transit. One such solution is steganography-based schemes that utilize biological signals (e.g., ECG) as cover signals to preserve the privacy of patient personal information without affecting the diagnostic features. There are various limitations in existing steganography-based schemes, and in this study we present an effective privacy protection scheme leveraging both multidimensional steganography and shared keys. To enhance security and accelerate signal processing in our design, the Fast Walsh-Hadamard transform (FWHT) is employed to decompose ECG signals into a set of coefficients, of which the less-significant coefficients are used to construct the multidimensional space. The negotiated shared keys facilitate the embedding of encrypted data in the constructed space. We then evaluate the proposed scheme using different categories of ECG signals in the MIT-BIH database. It is observed that the signal distortion is minimal (i.e., less than 1%), even if the embedded data reaches the maximum embedding capacity. The security analysis also demonstrates that unauthorized retrieval of hidden information is not practical, within a short period of time.

Published

2021

25. Privacy-Preserving Participant Grouping for Mobile Social Sensing Over Edge Clouds

Author

Zhijin Qiu, Weichao Wang, Dazhao Cheng, Lijuan Cao, Yu Wang, Ting Li, and Xinghua Shi

Subjects

Information privacy, Computer Networks and Communications, Computer science, business.industry, Distributed computing, Cloud computing, Bidding, Computer Science Applications, Control and Systems Engineering, Server, Task analysis, Graph (abstract data type), business, Mobile device, Personally identifiable information

Abstract

Mobile social sensing leverages a large group of individuals having mobile devices capable of sensing and computing to perform intelligence sensing tasks. To perform smart participant selection (i.e. task assignment) for mobile social sensing, most of the cloud-based platforms often require mobile users to report their personal information, such as sensing cost, location and sensing quality. Therefore, the users might suffer from potential privacy breaches during the participant selection phase especially when they are not selected for performing the tasks. Existing solutions based on participant grouping can resolve this privacy leakage by leveraging secure sharing or group bidding within groups. However, the group formation problem has not be well studied, and the communication overhead over formed groups is usually ignored. To address these issues, in this paper, we consider a new set of privacy-preserving grouping problems over edge clouds to minimize the communication cost at edge clouds during secure sharing/bidding, while satisfying each participant's privacy requirement. Various grouping schemes are carefully designed to fulfill the optimization goal for two different scenarios: tree-based hierarchical edge clouds and graph-based interconnected edge clouds. Extensive simulations over both synthetic and real-life datasets are conducted to confirm the efficiency of all proposed schemes.

Published

2021

26. Could You Ever Forget Me? Why People Want to be Forgotten Online

Author

Heeseok Lee, Junyeong Lee, and Chanhee Kwak

Subjects

Economics and Econometrics, Information privacy, Internet privacy, 0603 philosophy, ethics and religion, Cultural lag, Arts and Humanities (miscellaneous), 0502 economics and business, Content generation, Right to be forgotten, Sociology, Business and International Management, Legitimacy, Original Paper, business.industry, 05 social sciences, 06 humanities and the arts, Individual privacy, General Business, Management and Accounting, 060301 applied ethics, Qualitative content analysis, Business ethics, business, Law, Personally identifiable information, 050203 business & management

Abstract

The concept of people’s memory maintains the finiteness of time and capacity. However, with the advancement in technology, the amount of storage memory a person can use has increased dramatically. Given that digital traces can hardly be erased or forgotten, individuals have begun to express their desire to be forgotten in the digital world, and governments and academia are considering methods to fulfill such wishes. Capturing the difficulties in terms of a cultural lag between technological advancements and regulations on individuals’ data privacy needs, we identify six motives for individuals wishing to be forgotten online and investigate its expected effects on online content generation through a qualitative content analysis of 222 responses from open-ended surveys in Korea. Our findings provide implications for the literature on individual privacy and the right to be forgotten employing the cultural lag, as well as, elaborate further on the relationship between being forgotten online and the legitimacy of such requests of individuals. Additionally, implications for data providers, data controllers/processors, and governments to address this lag and build a balanced system of personal information are provided.

Published

2021

27. Digital Economy Barriers to Trade Regulation Status, Challenges, and China's Response

Author

Nishan-E-Hyder Soomro, Ahmed Arafa Abdelrehim, and Asif Khan

Subjects

Information privacy, Economic partnership agreement, business.industry, General Data Protection Regulation, General partnership, ComputingMilieux_LEGALASPECTSOFCOMPUTING, Legislation, Digital economy, International trade, business, Trade barrier, Personally identifiable information

Abstract

At present, the WTO's multilateral trading system faces the acute challenge of adapting to the digital and commercial economies' rapid evolution. The recent regional trade agreements embody the corresponding achievements of the Comprehensive and Progressive Agreement for Trans-Pacific Partnership (CPTPP), Economic Partnership Agreement (EPA), and the United States Mexico Canada Agreement (USMCA) in facilitating the free flow of data and regulating digital barriers to trade. The General Data Protection Regulation (GDPR) has also developed several new norms for promoting free data flow and protecting personal data privacy. The new regional trade agreements fulfil the digital trade threshold, prohibit delocalization by the data center and establish organized frameworks for cross-border data flow and personal privacy protection. In the negotiations on trade services agreements, China should focus on implementing a new management structure, speeding up domestic legislation and legislative reforms, and establishing a legal framework that promotes the free flow of data, fair competition, and personal information among corporations.

Published

2021

28. Designing Contracts for Trading Private and Heterogeneous Data Using a Biased Differentially Private Algorithm

Author

Mohammad Mahdi Khalili, Xueru Zhang, and Mingyan Liu

Subjects

Information privacy, General Computer Science, Computer science, media_common.quotation_subject, General Engineering, Cost accounting, 020206 networking & telecommunications, Context (language use), economics, 02 engineering and technology, Payment, TK1-9971, Randomized algorithm, Privacy, Data quality, 0202 electrical engineering, electronic engineering, information engineering, contracts, ComputingMilieux_COMPUTERSANDSOCIETY, Differential privacy, 020201 artificial intelligence & image processing, General Materials Science, Electrical engineering. Electronics. Nuclear engineering, Personally identifiable information, Algorithm, media_common

Abstract

Personal information and other types of private data are valuable for both data owners and institutions interested in providing targeted and customized services that require analyzing such data. In this context, privacy is sometimes seen as a commodity: institutions (data buyers) pay individuals (or data sellers) in exchange for private data. In this study, we examine the problem of designing such data contracts, through which a buyer aims to minimize his payment to the sellers for a desired level of data quality, while the latter aim to obtain adequate compensation for giving up a certain amount of privacy. Specifically, we use the concept of differential privacy and examine a model of linear and nonlinear queries on private data. We show that conventional algorithms that introduce differential privacy via zero-mean noise fall short for the purpose of such transactions as they do not provide a sufficient degree of freedom for the contract designer to negotiate between the competing interests of the buyer and the sellers. Instead, we propose a biased randomized algorithm to generate differentially private output and show that this algorithm allows us to customize the privacy-accuracy tradeoff for each individual. We use a contract design approach to find the optimal contracts when using this biased algorithm to provide privacy and show that under this combination the buyer can achieve the same level of accuracy with a lower payment as compared to using the conventional, unbiased algorithms, while at the same time incurring lower privacy loss for the sellers.

Published

2021

29. Should I Disclose My Personal Data? Perspectives From Internet of Things Services

Author

Xiangmin Zhang, Debajyoti Pal, and Suree Funilkul

Subjects

Information privacy, General Computer Science, personal data, Internet privacy, 02 engineering and technology, privacy, 020204 information systems, Cultural diversity, 0502 economics and business, Health care, 0202 electrical engineering, electronic engineering, information engineering, General Materials Science, Service (business), End user, business.industry, 05 social sciences, General Engineering, trust, Service provider, Information sensitivity, ComputingMilieux_COMPUTERSANDSOCIETY, IoT services, 050211 marketing, lcsh:Electrical engineering. Electronics. Nuclear engineering, Business, lcsh:TK1-9971, Personally identifiable information

Abstract

This work proposes a theoretical framework for explaining the end users' willingness to disclose their personal information to the IoT service providers, despite the known privacy risks. The Communication Privacy Management Theory and Privacy Trust Behavioral Intention Model are used as the backbone for the presented framework. The model is empirically validated by collecting data from 924 participants residing in Thailand and Singapore who are active users of at least one type of IoT service: smart home, smart healthcare or smart cities. The results suggest that trust, perceived privacy risks, perceived benefits and the level of information sensitivity affect the users' willingness to disclose their personal information. Certain cultural differences are also noticed from the two different country samples. Based upon the results, the research implications are discussed, and suggestions provided.

Published

2021

30. Privacy Inference Attack Against Users in Online Social Networks: A Literature Review

Author

Kai Ye, Xiaohui Cui, and Yangheran Piao

Subjects

Social network, Information privacy, inference attack, General Computer Science, Computer science, business.industry, user privacy, Internet privacy, General Engineering, Inference, security, Inference attack, Field (computer science), Work (electrical), Social relationship, General Materials Science, lcsh:Electrical engineering. Electronics. Nuclear engineering, Electrical and Electronic Engineering, business, Personally identifiable information, lcsh:TK1-9971

Abstract

With the rapid development of social networks, users pay more and more attention to the protection of personal information. However, the transmission of users’ personal information through social networks will inevitably lead to privacy leakage and make users attacked. A large amount of privacy information can be inferred from the content and social traces published by users, which leads to the rise of privacy inference technology for users in social networks. Social relationship inference and attribute inference are two basic attacks on users’ privacy in social networks. This is the first systematic review of privacy inference attacks in social networks. The purpose of this retrospective study is to provide a global summary, summarizing the time trend of the topic, and show the evolution of the topic in the past 15 years. In addition, this paper discusses the trend and development of this topic and finally looks forward to future work. The contribution of our work is helpful for researchers to continue their research in this field.

Published

2021

31. Automatic Privacy and Utility Preservation for Mobility Data: A Nonlinear Model-Based Approach

Author

Nicolas Marchand, Antoine Boutet, Sophie Cerf, Sonia Ben Mokhtar, Vincent Primault, Lydia Y. Chen, Sara Bouchenak, Bogdan Robu, GIPSA - Systèmes non linéaires et complexité (GIPSA-SYSCO), Département Automatique (GIPSA-DA), Grenoble Images Parole Signal Automatique (GIPSA-lab ), Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP )-Institut Polytechnique de Grenoble - Grenoble Institute of Technology-Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes [2016-2019] (UGA [2016-2019])-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP )-Institut Polytechnique de Grenoble - Grenoble Institute of Technology-Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes [2016-2019] (UGA [2016-2019])-Grenoble Images Parole Signal Automatique (GIPSA-lab ), Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP )-Institut Polytechnique de Grenoble - Grenoble Institute of Technology-Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes [2016-2019] (UGA [2016-2019])-Institut polytechnique de Grenoble - Grenoble Institute of Technology (Grenoble INP )-Institut Polytechnique de Grenoble - Grenoble Institute of Technology-Centre National de la Recherche Scientifique (CNRS)-Université Grenoble Alpes [2016-2019] (UGA [2016-2019]), Distribution, Recherche d'Information et Mobilité (DRIM), Laboratoire d'InfoRmatique en Image et Systèmes d'information (LIRIS), Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Centre National de la Recherche Scientifique (CNRS)-Université Claude Bernard Lyon 1 (UCBL), Université de Lyon-École Centrale de Lyon (ECL), Université de Lyon-Université Lumière - Lyon 2 (UL2)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Université Lumière - Lyon 2 (UL2), Privacy Models, Architectures and Tools for the Information Society (PRIVATICS), Inria Grenoble - Rhône-Alpes, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-CITI Centre of Innovation in Telecommunications and Integration of services (CITI), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA), IBM Research [Zurich], Université Lumière - Lyon 2 (UL2)-École Centrale de Lyon (ECL), Université de Lyon-Université de Lyon-Université Claude Bernard Lyon 1 (UCBL), Université de Lyon-Institut National des Sciences Appliquées de Lyon (INSA Lyon), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Centre National de la Recherche Scientifique (CNRS)-Université Lumière - Lyon 2 (UL2)-École Centrale de Lyon (ECL), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Centre National de la Recherche Scientifique (CNRS), Université de Lyon-Institut National des Sciences Appliquées (INSA)-Université de Lyon-Institut National des Sciences Appliquées (INSA)-Inria Lyon, and Institut National de Recherche en Informatique et en Automatique (Inria)

Subjects

Information privacy, D48b Modeling and prediction, Computer science, Distributed computing, media_common.quotation_subject, Usability, 0211 other engineering and technologies, Index Terms-D46 Security and Privacy Protection, 02 engineering and technology, Configuration control, J9a Location-dependent and sensitive, D216b Configu- ration control, Adaptability, Data modeling, [INFO.INFO-IU]Computer Science [cs]/Ubiquitous Computing, [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], [INFO.INFO-CY]Computer Science [cs]/Computers and Society [cs.CY], Robustness (computer science), [INFO.INFO-AU]Computer Science [cs]/Automatic Control Engineering, Privacy protection, Electrical and Electronic Engineering, media_common, Measurement, 021110 strategic, defence & security studies, business.industry, H20a Security, Adaptation models, Computational modeling, and protec- tion, Security, integrity, business, Data privacy, Personally identifiable information, Mobile device, Protection mechanism

Abstract

International audience; The widespread use of mobile devices and location-based services has generated a large number of mobility databases. While processing these data is highly valuable, privacy issues can occur if personal information is revealed. The prior art has investigated ways to protect mobility data by providing a wide range of Location Privacy Protection Mechanisms (LPPMs). However, the privacy level of the protected data significantly varies depending on the protection mechanism used, its configuration and on the characteristics of the mobility data. Meanwhile, the protected data still needs to enable some useful processing. To tackle these issues, we present PULP, a framework that finds the suitable protection mechanism and automatically configures it for each user in order to achieve user-defined objectives in terms of both privacy and utility. PULP uses nonlinear models to capture the impact of each LPPM on data privacy and utility levels. Evaluation of our framework is carried out with two protectionmechanisms from the literature and four real-world mobility datasets. Results show the efficiency of PULP, its robustness and adaptability. Comparisons between LPPMs’ configurators and the state of the art further illustrate that PULP better realizes users’ objectives, and its computation time is in orders of magnitude faster.

Published

2021

32. A Study on the Evaluation of Information Privacy Value Based on Personal Information Types of SNS Users

Author

Kee-Young Kwahk and Jiyoung Park

Subjects

Information privacy, business.industry, Computer science, Internet privacy, business, Value (mathematics), Personally identifiable information

Published

2020

33. The Effect of the GDPR on Privacy Policies

Author

K. Suzanne Barber and Razieh Nokhbeh Zaeem

Subjects

Information privacy, General Computer Science, business.industry, Privacy policy, Internet privacy, Law enforcement, Transparency (behavior), Management Information Systems, General Data Protection Regulation, media_common.cataloged_instance, Privacy law, European union, business, Personally identifiable information, media_common

Abstract

The General Data Protection Regulation (GDPR) is considered by some to be the most important change in data privacy regulation in 20 years. Effective May 2018, the European Union GDPR privacy law applies to any organization that collects and processes the personal information of EU citizens within or outside the EU. In this work, we seek to quantify the progress the GDPR has made in improving privacy policies around the globe. We leverage our data mining tool, PrivacyCheck, to automatically compare three corpora (totaling 550) of privacy policies, pre- and post-GDPR. In addition, to evaluate the current level of compliance with the GDPR around the globe, we manually studied the policies within two corpora (450 policies). We find that the GDPR has made progress in protecting user data, but more progress is necessary—particularly in the area of giving users the right to edit and delete their information—to entirely fulfill the GDPR’s promise. We also observe that the GDPR encourages sharing user data with law enforcement, and as a result, many policies have facilitated such sharing after the GDPR. Finally, we see that when there is non-compliance with the GDPR, it is often in the form of failing to explicitly indicate compliance, which in turn speaks to an organization’s lack of transparency and disclosure regarding their processing and protection of personal information. If Personally Identifiable Information (PII) is the “currency of the Internet,” these findings mark continued alarm regarding an individual’s agency to protect and secure their PII assets.

Published

2020

34. Sticky Policies: A Survey

Author

Alessandra Rizzardi, Daniele Miorandi, Sabrina Sicari, and Alberto Coen-Porisini

Subjects

Information privacy, business.industry, Computer science, Internet privacy, Data security, Access control, Cloud computing, 02 engineering and technology, Encryption, Sticky Policy, Computer Science Applications, Computational Theory and Mathematics, Privacy, 020204 information systems, Content centric networking, Security, 0202 electrical engineering, electronic engineering, information engineering, The Internet, Security, Privacy, Sticky Policy, business, Personally identifiable information, Information Systems

Abstract

In the digital age, where the Internet connects things across the globe and individuals are constantly online, data security and privacy are becoming key drivers (and barriers) of change for adoption of innovative solutions. Traditional approaches, whereby communication links are secured by means of encryption, and access control is run in a static way by a centralized authority, are showing their limits when applied to massive-scale, interconnected and distributed systems. Regulations, while still fragmented, are moving to adapt to changes in technology and society, with the aim to protect confidential information by governments, businesses, and individual citizens. In this landscape, proper mechanisms should be defined to allow a strict control over the data life-cycle and to guarantee the privacy and the application of specific regulations on personal information's disclosure, usage and access. Sticky policies represent one approach to improve owners’ control over their data. In such an approach, machine-readable policies are attached to data. They are called 'sticky’ in that they travel together with data, as data travels across multiple administrative domains. In this article we survey the state-of-the-art in sticky policies, discussing limitations, open issues, applications and research challenges, with a specific focus on their applicability to Internet of Things, cloud computing, and Content Centric Networking.

Published

2020

35. The Dilemma of Social Media: Perceptions and Ethics of AI

Author

Noha Samir Mahgoub

Subjects

Information privacy, business.industry, media_common.quotation_subject, Internet privacy, Big data, Risk perception, Dilemma, Perception, Data Protection Act 1998, Social media, business, Psychology, Personally identifiable information, media_common

Abstract

Social media networks are extensively using artificial intelligence tools (AI) fed with huge data about users’ preferences, mental state, mood, health, and other. The potential risk of manipulating this “Big Data” to predict users ‘behavior, customize users’ profiles and create a “Virtual social world” for each one is of major importance. Using algorithms to make sense of streams of data, known as the discipline of data analytics, and how it’s applied in social media platforms and decision-making, raises ethical concerns about data privacy and data protection. This research is conducted to answer questions related to users’ perceptions of privacy, risk of sharing personal data on social media and to what extent are people aware of the use of AI and the risks they face while using SNSs, as well as the ethical issues related to the use of artificial intelligence in social media. This study focuses on measuring people’s perceptions of privacy through four main variables and their interrelation. The results emphasized that people perceived themselves at risk on social media, they have concerns about their data being manipulated and misused, this affects their overall perception of privacy, the sample consisted of 200 respondents through an online survey. People’s perceptions of privacy could be an indicator of how they will act regarding the sharing of personal information and feelings on social media.

Published

2020

36. Multi-Party Privacy Conflict Management in Online Social Networks: A Network Game Perspective

Author

Junshan Zhang and Kemi Ding

Subjects

Information privacy, Social network, Computer Networks and Communications, business.industry, Computer science, 020206 networking & telecommunications, 02 engineering and technology, Computer security, computer.software_genre, Social relation, Computer Science Applications, Upload, 0202 electrical engineering, electronic engineering, information engineering, Conflict management, Electrical and Electronic Engineering, business, Set (psychology), computer, Personally identifiable information, Software, Social influence

Abstract

In this work, we consider the multi-party privacy conflict (MPC) in an online social network (OSN). As many data items uploaded to the OSN are “co-owned” by multiple users with different privacy concerns, some personal information of OSN users may be disclosed by others unintentionally. On the contrary with existing mainstream OSN platforms allowing only the very user uploading the data to set the privacy level, in this article we take a fine-grained approach to resolve MPC, in which all co-owners independently determine whether to share their personal content within the data on OSN. Interacted with its peers, the opinion of a co-owner, however, might be influenced by and consequently influence the decision of its peers. To this end, each co-owner, as an individual decision maker, strikes a tradeoff between its internal privacy preference and the external social influence from its neighbors in a OSN. Specifically, we formulate the interaction among co-owners as a multi-player non-cooperative game with a network structure representing their social relations. For the proposed network game, we establish the existence of multiple (pure-strategy) equilibria, and characterize them accordingly. The convergence of interaction is also investigated when synchronous and asynchronous best-response updates are used, respectively. We note that when the action set for the players is discrete, the game exhibits non-linear dynamics, making it challenging to analyze the convergence behavior. We prove that synchronous update may lead to either an equilibrium or a strategy cycle, and the asynchronous update always leads to an equilibrium. Building upon this analysis, we advocate a practical implementation of the proposed MPC management, which balances the automation of the management and intervention of users. Moreover, we take one step further to develop approaches aiming to reach a “stronger agreement” among the players for the sake of benefits of uploader and OSN provider. Numerical examples are also provided to corroborate the analytical results.

Published

2020

37. Perception of Information Sensitivity for Internet Users in Saudi Arabia

Author

Bilal Bataineh and Khaled H. Almotairi

Subjects

Information privacy, media_common.quotation_subject, Internet privacy, Big data, education, Survey result, Library and Information Sciences, Management Information Systems, Perception, parasitic diseases, sensitive information, media_common, business.industry, QA75.5-76.95, cultural privacy, Computer Science Applications, information privacy, Information sensitivity, perception of sensitivity, Electronic computers. Computer science, Marital status, sense organs, Internet users, business, Psychology, Personally identifiable information, geographic locations, Information Systems

Abstract

The rapid evolution of Internet use has led to the collection of big data about users, which has raised users’ privacy concerns about their personal information. This study adopts the hypothesis to evaluate the perception of the information sensitivity of Internet users in Saudi Arabia as research subjects. This study analyzes the sensitivity of 35 types of information through a questionnaire with answers from 508 participants from Saudi Arabia and estimates the cultural influence by comparing Saudi results with users from the USA, Brazil and Germany. Demographic information, such as age, gender, marital status and education, and attitude characteristics, such as disposition to privacy, propensity to take risks, privacy violation experience and trust in institutions, influence Saudi individuals’ perception of sensitivity towards various types of information. The survey results show slight differences in the sensitivity levels between Internet users in Saudi Arabia and their counterparts in other nations. Ultimately, this study contributes to improving the international model of information sensitivity perception between different nations.

Published

2020

38. Information Sensitivity and Willingness to Provide Continua: A Comparative Privacy Study of the United States and Brazil.

Author

Markos, Ereni, Milne, George R., and Peltier, James W.

Subjects

DISCLOSURE, CONSUMER attitudes, PERSONALLY identifiable information, RIGHT of privacy, CUSTOMER relations, CONSUMER preferences

Abstract

This article develops information continua for (1) the perceived sensitivity of data and (2) consumers' willingness to disclose information that can be used to evaluate information attitudes of U.S. and Brazilian consumers. Using a cross-national survey between U.S. and Brazilian consumers, this research examines how consumers' perceived sensitivity and willingness to provide information are affected by country of origin, age, perceived privacy control, consumer data relationship (with a friend, marketer, trusted marketer, or unknown marketer), and type of information (whether it is personally identifiable information or linkable). The findings provide public policy insights into potential market solutions and regulatory approaches that bridge the gap between marketers' need for personalizing customer relationships and consumers' preferences for information privacy. [ABSTRACT FROM AUTHOR]

Published

2017

39. Evaluating If Trust and Personal Information Privacy Concerns Are Barriers to Using Health Insurance That Explicitly Utilizes AI

Author

Peter Kawalek, Aida Azadegan, and Alex Zarifis

Subjects

Information privacy, business.industry, 05 social sciences, Internet privacy, 02 engineering and technology, Purchasing, Human-Computer Interaction, 020204 information systems, Management of Technology and Innovation, 0502 economics and business, 0202 electrical engineering, electronic engineering, information engineering, Health insurance, 050211 marketing, business, Personally identifiable information

Abstract

Trust and privacy have emerged as significant concerns in online transactions. Sharing information on health is especially sensitive but it is necessary for purchasing and utilizing health insuranc...

Published

2020

40. Digital Marketing and Children’s Rights: Trick or Treat?

Author

Nataša Krstić and Danica Čigoja Piper

Subjects

Information privacy, Digital marketing, business.industry, media_common.quotation_subject, Advertising, General Medicine, Online advertising, Personalization, Creative industries, Surprise, Social media, Sociology, business, Personally identifiable information, media_common

Abstract

Marketing in the digital age is driven by software and algorithms, and is characterized by sociability, networking and personalization, which make children profitable targets for the advertising industry. Relying on a survey on UNICEF's U-Report platform registering children and youth, we wanted to examine whether young internet users in Serbia are aware that their personal data are revealed for advertising purposes and if they understand the digital marketing techniques that they are exposed to. Given that more than half of the survey respondents opened their accounts on social media before the age limit, that most of them share their personal information online and are largely indifferent to cookies on the websites they visit, it does not come as a surprise that young internet users in Serbia become an active target of advertising, which is often unwanted or inappropriate for their age. Bearing in mind the multidisciplinary nature of the topic, the recommendations for a variety of stakeholders, from publishers to creative industries and parents are given in the concluding remarks. Article received: April 30, 2020; Article accepted: May 30, 2020; Published online: October 15, 2020; Original scholarly paper How to cite this article: Krstic, Natasa i Danica Cigoja Piper. "Digital Marketing and Children’s Rights: Trick or Treat?" AM Journal of Art and Media Studies 23 (2020): 135-148. doi: 10.25038/am.v0i23.402

Published

2020

41. Tactics, affects and agencies in digital privacy narratives: a story completion study

Author

Deborah Lupton and Ash Watson

Subjects

Information privacy, Datafication, 05 social sciences, Media studies, 050401 social sciences methods, 050801 communication & media studies, Library and Information Sciences, Computer Science Applications, Dilemma, 0508 media and communications, Digital sociology, 0504 sociology, Open text, Narrative, Sociology, Affordance, Personally identifiable information, Information Systems

Abstract

PurposeThe purpose of this paper is to report on the findings from the Digital Privacy Story Completion Project, which investigated Australian participants' understandings of and responses to digital privacy scenarios using a novel method and theoretical approach.Design/methodology/approachThe story completion method was brought together with De Certeau's concept of tactics and more-than-human theoretical perspectives. Participants were presented with four story stems on an online platform. Each story stem introduced a fictional character confronted with a digital privacy dilemma. Participants were asked to complete the stories by typing in open text boxes, responding to the prompts “How does the character feel? What does she/he do? What happens next?”. A total of 29 participants completed the stories, resulting in a corpus of 116 narratives for a theory-driven thematic analysis.FindingsThe stories vividly demonstrate the ways in which tactics are entangled with relational connections and affective intensities. They highlight the micropolitical dimensions of human–nonhuman affordances when people are responding to third-party use of their personal information. The stories identified the tactics used and boundaries that are drawn in people's sense-making concerning how they define appropriate and inappropriate use of their data.Originality/valueThis paper demonstrates the value and insights of creatively attending to personal data privacy issues in ways that decentre the autonomous tactical and agential individual and instead consider the more-than-human relationality of privacy.Peer reviewThe peer review history for this article is available at: https://publons.com/publon/10.1108/OIR-05-2020-0174

Published

2020

42. Apathy, convenience or irrelevance? Identifying conceptual barriers to safeguarding children’s data privacy

Author

Caroline Keen

Subjects

Information privacy, Sociology and Political Science, Relation (database), business.industry, Communication, 05 social sciences, Internet privacy, 050801 communication & media studies, Safeguarding, 0506 political science, 0508 media and communications, 050602 political science & public administration, medicine, Data Protection Act 1998, Apathy, medicine.symptom, business, Psychology, Personally identifiable information

Abstract

This article explores conceptual barriers to protecting children’s personal information in relation to online commercial data practices. It does this by using Vedder’s conceptual categories of privacy to identify and position parents’ and teenagers’ concepts of privacy within interpersonal, institutional and commercial data terrains. Drawing from qualitative interviews, the analysis shows that parents’ and teenagers’ conceptualise privacy in terms of the private/public dimension and that their conceptualisations of the consumer–corporate relationship, and corporations themselves, prohibited any concern for their decisional and informational privacy. As their conceptualisations of privacy harms were embedded within social rather than technological frames, this precluded motivation to protect children’s data privacy. This research argues that without a conceptual shift in the way we think about privacy and privacy harms, we need to question whether the logics of neoliberalism can effectively address children’s data privacy.

Published

2020

43. Secure and efficient outsourcing differential privacy data release scheme in Cyber–physical system

Author

Tong Li, Jin Li, Wei Wang, Heng Ye, Jiqiang Liu, and Ping Li

Subjects

Information privacy, Computer Networks and Communications, Computer science, business.industry, Cyber-physical system, 020206 networking & telecommunications, Cloud computing, 02 engineering and technology, Service provider, Computer security, computer.software_genre, Encryption, Upload, Hardware and Architecture, 0202 electrical engineering, electronic engineering, information engineering, Differential privacy, 020201 artificial intelligence & image processing, The Internet, business, Personally identifiable information, computer, Software

Abstract

A cyber–physical system is a mechanism controlled or monitored by computer-based algorithms, tightly integrated with the internet and its users. Cyber–physical systems such as smart grid, autonomous automobile systems, medical monitoring, process control systems, robotics systems, and automatic pilot avionics will use physical sensors to produce and collect data. Most of the data contains personal information, which is so called privacy, should be carefully protected. How to protect privacy is now a hot-topic not only in academia but also in industry. Differential privacy has been accepted as the privacy concept due to its concise definition and its simple implementation. However, the interactive model cannot achieve differential privacy without data provider’s timely answers, which means data provider should always be attachable. It is unrealistic to keep data provider online due to the risk of data provider be broken will grow rapidly as time goes by. With today’s differential privacy technology, a non-interactive model remains an open problem. To find an alternative, we consider implant whole dataset into a cloud server to provide all the functions instead of data provider. Nonetheless, once the server is compromised, the privacy of the data cannot be guaranteed. It appears that there should be a strong definition, the cloud server is completely trustworthy, before differential privacy can actually be implemented. An intuitive thought to improve this situation is to only upload encrypted datasets. Then, the server could be semi-honest or even fully malicious. Homomorphic encryption can make the encrypted dataset operable, but it requires considerable storage space and bandwidth, which are impractical. We realized that order-preserving encryption is a tradeoff between data utility and practicability. Thus, we propose a novel outsourcing differential privacy data release scheme in cyber–physical system. The proposed scheme allows data providers to outsource their datasets to a cloud service provider with low communication cost. Let the cloud service provider be the host that answers the queries from the data evaluator with noisy results. The data providers can go offline after uploading their encrypted datasets, which is one of the critical requirements for a practical system. In this paper, we present a detailed theoretical analysis, including proofs of differential privacy and security. We also report an experimental evaluation on real datasets.

Published

2020

44. Users’ Understanding of the Concept of Personal Information

Author

Nam Jin Young, Yoonhyuk Jung, and Hanbyul Choi

Subjects

Information privacy, Computer science, business.industry, Internet privacy, General Medicine, business, Personally identifiable information

Published

2020

45. TOWARDS DATA PRIVACY AND SECURITY FRAMEWORK IN BIG DATA GOVERNANCE

Author

Dalbir Singh and Jacentha N.Maniam

Subjects

Information privacy, Systematic review, Conceptual framework, business.industry, Corporate governance, Big data, Personal life, business, Private sector, Data science, Personally identifiable information

Abstract

Data privacy and security are among the most important aspects to be considered in implementing a data-driven system. A well generated Big Data contains a wealth of information that can reveal personal life that should be kept in private. Although various studies and Big Data analysis are widely documented, the methods and policies to ensure the privacy and security of data in Big Data governance remain unclear. Big Data analytics also seeks to make the affected person disclose new and critical personal information that is not intended for disclosure. Thus, this study focuses on data privacy and security issues in Big Data governance. The objective of this study aims to propose of Big Data governance framework that complements data privacy and security factors. This study uses a qualitative approach in the development of the research framework based on a systematic literature review and evaluated by experts to validate the framework. This study is expected to benefits the public and private sectors where the proposed framework could be applied as a guide to preventing any data leakage or misuse of Big Data.

Published

2020

46. A Traffic Density Estimation Model Based on Crowdsourcing Privacy Protection

Author

Xiaowei Jin, Yun Tian, Daxin Tian, Zhijie Liu, Yanan Liu, Yapei Huang, and Shifeng Zhao

Subjects

Information privacy, business.industry, Computer science, 020206 networking & telecommunications, 02 engineering and technology, Encryption, Crowdsourcing, Traffic flow, computer.software_genre, Theoretical Computer Science, Artificial Intelligence, 020204 information systems, Server, 0202 electrical engineering, electronic engineering, information engineering, Differential privacy, Sample collection, Data mining, business, Personally identifiable information, computer

Abstract

Acquiring traffic condition information is of great significance in transportation guidance, urban planning, and route recommendation. To date, traffic density data are generally acquired by road sound analysis, video data analysis, or in-vehicle network communication, which are usually financially or temporally expensive. Another way to get traffic conditions is to collect track data by crowdsourcing. However, this way lead to a greater risk of leaking users’ privacy. To avoid the risk, this article proposes a traffic density estimation model based on crowdsourcing privacy protection. First, in the acquisition process of the track data by crowdsourcing, dual servers are employed for transmission, and homomorphic encryption is carried out to encrypt the data to protect the data from being leaked during transmission. Second, sampling is implemented for randomization and anonymization to reduce the spatial continuity and temporal continuity of position data. In this way, the intermediate server cannot acquire users’ original data, and the main server cannot obtain users’ personal information. Finally, before data transmission, Laplace noising is performed on the users’ local position data to further protect the original location information. The proposed algorithm in this study realizes that only users have their original track data, and the servers involved in the work cannot infer the original track data, which ensures the real security of user privacy. The proposed algorithm was verified with the track data from the Didi Gaia Data Opening Plan. The experimental results showed that the proposed algorithm could still maintain the validity of data analysis results and the security of user data privacy after homomorphic encryption, noise addition, and sample collection, and displayed good robustness and scalability.

Published

2020

47. Valuing Personal Data with Privacy Consideration

Author

Xiaoping Liu, Luvai Motiwalla, and Xiao-Bai Li

Subjects

Information privacy, Information Systems and Management, business.industry, Strategy and Management, Decision theory, Internet privacy, General Business, Management and Accounting, Article, Economic valuation, Policy decision, Management of Technology and Innovation, Common value auction, business, Private information retrieval, Personally identifiable information, Valuation (finance)

Abstract

A key challenge in information privacy research is how to value personal data with privacy consideration. In this study, we propose an experimental auction approach for valuing personal data. We use the generalized second-price auction to assess the monetary values of individuals' identity, demographic, and private information. We find that individuals' economic valuation of personal data is consistent with their actual self-disclosure behaviors. The economic valuation approach also produces results that are consistent with some well-accepted observations about consumer demographics and privacy. On the other hand, individuals' stated privacy preferences and attitudes are not consistent with their economic valuation. The findings of this study suggest that the proposed approach can be an effective mechanism for measuring personal data privacy. This study also provides important insights into valuing personal information for practical uses with several implications to policy decision makers, corporate executives and managers, data analysts, as well as decision science researchers.

Published

2020

48. Privacy Risk Analysis and Mitigation of Analytics Libraries in the Android Ecosystem

Author

Wei Wang, Xing Liu, Xiangliang Zhang, Jiqiang Liu, and Sencun Zhu

Subjects

Information privacy, Computer Networks and Communications, business.industry, Computer science, Privacy policy, Mobile computing, 020206 networking & telecommunications, 02 engineering and technology, World Wide Web, Analytics, Server, mental disorders, 0202 electrical engineering, electronic engineering, information engineering, Electrical and Electronic Engineering, Android (operating system), business, Private information retrieval, Personally identifiable information, Software

Abstract

While much effort has been made to detect and measure the privacy leakage caused by the advertising (ad) libraries integrated in mobile applications, analytics libraries, which are also widely used in mobile apps have not been systematically studied for their privacy risks. Different from ad libraries, the main function of analytics libraries is to collect users’ in-app actions. Hence, by design analytics libraries are more likely to leak users’ private information. In this work, we study what information is collected by the analytics libraries integrated in popular Android apps. We design and implement a framework called “Alde”. Given an app, Alde employs both static analysis and dynamic analysis to detect the users’ in-app actions collected by analytics libraries. We also study what private information can be leaked by the apps that use the same analytics library. Moreover, we analyze apps’ privacy policies to see whether app developers have notified the users that their in-app action data is collected by analytics libraries. Finally, we select eight widely used analytics libraries to study and apply our method to 300 popular apps downloaded from both Chinese app markets and Google play. Our experimental results show that some apps indeed leak users’ personal information through analytics libraries even though their genuine purposes of using analytics services are legal. To mitigate such threats, we have developed an app named “ALManager” that leverages the Xposed framework to manage analytics libraries in other apps.

Published

2020

49. Sight unseen: The role of online security indicators in visual attention to online privacy information

Author

Xiaojing Sheng, Swapnil Saravade, Judy A. Siguaw, Seth Ketron, Krzysztof Krejtz, Reto Felix, and Andrew T. Duchowski

Subjects

Marketing, Need for cognition, Information privacy, business.industry, media_common.quotation_subject, Privacy policy, 05 social sciences, Internet privacy, Context (language use), Risk perception, Perception, 0502 economics and business, Eye tracking, 050211 marketing, Psychology, business, Personally identifiable information, 050203 business & management, media_common

Abstract

Although data privacy is a compelling concern, prior inquiries have found that consumers do not adequately attend to data privacy policies. This research develops a framework delineating the effects of top-down/bottom-up processes and individual consumer differences in the need for cognition (NFC) and perceived control on visual attention to data privacy policies, including influences on perceptions, attitudes, and behavioral intentions. Using eye tracking in an online shopping context, this research finds perceived control interacted with top-down motivation, manipulated through perceived risk in sharing personal information, to affect visual attention toward privacy-related information. Moreover, a privacy policy icon garners more attention than privacy policy text and non-privacy contents on the website. Further, attention to non-privacy contents significantly enhances loan application likelihood and attitude toward the website. These findings demonstrate attention toward privacy information as a function of the dynamic interaction between top-down motivational influences and individual differences in perceived control.

Published

2020

50. Data privacy in construction industry by privacy-preserving data mining (PPDM) approach

Author

Vejal Patel and Tirth Patel

Subjects

Information privacy, Information sensitivity, Data exchange, Computer science, Project stakeholder, General Data Protection Regulation, Data Protection Act 1998, Cyber-attack, Computer security, computer.software_genre, computer, Personally identifiable information, Civil and Structural Engineering

Abstract

The architectural, engineering and construction (AEC) requires most efficient joint efforts between the construction project stakeholders with continuing exchange of large amount of project data. Nowadays, it is seen paradigm shift in construction industry to work on digital technologies like BIM from conventional methods of paper-based data exchange. The expanding volume of individual and sensitive information being digitally gathered by the AEC industry and store in the cloud, which makes it vulnerable to cyber attack. According to the Data Protection Act and the General Data Protection Regulation, organisation has to ensure security of people and security of sensitive data. Subsequently, it is crucial to establish the framework or method to provide the privacy of project data. Specifically, individual information, for example, individual health records, address and all other background information should be protected as per the legal regulation In this research paper, a technique called Hybrid-k anonymity has been proposed to protect the individual’s personal information as well as employees details, supplier details, cost details. In this technique, we modified original data using randomisation technique and then apply anonymisation on modified data which can provide better accuracy with minimum loss of information. This approach will enhance the privacy of sensitive information from cyber attack of the data miner.

Published

2020