Assessing Privacy Risk Research Articles

How Users Assess Privacy Risks in the Internet of Things: The Role of Framing, Comparing, and Educating

With the advent of the Internet of Things (IoT), it has become increasingly challenging for users to assess the privacy risks associated with consumer products and the continuous stream of user data needed to operate them. In this study, we propose and test three mechanisms with the potential to help users make more accurate assessments of privacy risks. We refer to these mechanisms as framing (i.e., presenting information on the collection and use of user data with or without direct reference to privacy risks), comparing (i.e., presenting a product and the associated information on data collection and use with or without reference to an alternative product), and educating (i.e., augmenting users’ general privacy literacy). To assess these mechanisms in different IoT contexts, we conducted two scenario-based online experiments with reference to a telematics device ( n = 317) and a fitness tracker ( n = 356). In both studies, we find that actual privacy risks as manipulated in the experiment are only moderately related to the privacy risks perceived by users. However, comparing and educating each helped users make more accurate privacy risk assessments. In Study 2, framing and comparing jointly enabled especially users with low privacy literacy to assess privacy risks more accurately. These findings have meaningful implications for key actors in the IoT ecosystem and those regulating it.

Administrative and legal measures to ensure the security of personal data when disclosing information by the government in China

Government disclosure is an inevitable choice to improve public services in the era of big data. In order to meet the new requirements for building a digital government in the era of big data, the government authorities of the People’s Republic of China have implemented a number of strategies and measures for the open use of government data through the overall integration of government informatization work. In recent years, the open use of government data has played a very important role in building a legal system and platforms, but it still faces many real dilemmas, such as the low level of legislation for the open use of data and security for government disclosure of data, vague definition of data ownership and the extent of openness, insufficient supervision and management openness and use of data. In order to ensure effective protection of personal information when disclosing information by the government in the era of big data, it is necessary to improve the mechanism of legal protection of personal information and the system of legal regulation of the use of government-opened data, improve the system for regulating conflicts of legal benefits based on the principle of proportionality, create and optimize an environment for the development and use of government data, as well as develop a mechanism for assessing privacy risks and raise awareness about the protection of personal data and rights.

Response to Open Peer Commentaries on Toward a Framework for Assessing Privacy Risks in Multi-Omic Research and Databases

Response to Open Peer Commentaries on Toward a Framework for Assessing Privacy Risks in Multi-Omic Research and Databases

Double lockdown: The effects of digital exclusion on undocumented immigrants during the COVID-19 pandemic

The COVID-19 pandemic shifted many activities online. However, there is little research on the digital inclusion of undocumented immigrants and their experience of the pandemic in the United States. We conducted 32 interviews with undocumented Latino immigrants in the United States to examine how digital technologies mediated their experiences of the pandemic. We find that undocumented immigrants (1) face barriers to telehealth services, (2) are at high risk of COVID-19 misinformation, (3) experience difficulties in assessing privacy risks, and (4) experienced heterogeneous outcomes of technology use during the pandemic. Our analysis shows that digital technologies both supported and further marginalized undocumented immigrants during the pandemic. Future research on the digital inclusion of vulnerable populations should pay particular attention to the interaction between their underlying vulnerabilities, on one hand, and attitudes, uses, and outcomes associated with technology, on the other.

A Review of Privacy Decision-making Mechanisms in Online Social Networks

Personal information of online social networks (OSNs) is governed by the privacy policies chosen by users besides OSN’s policies. Users make these decisions using privacy mechanisms, but privacy problems and regrets are daily reported. This article reviews current privacy mechanisms and solutions. For this, we analyze all the sub-decisions and elements of online communication involved in the privacy decision-making process. However, the differences in users’ motivations and the disclosure of too sensitive information (among others) can lead to loss of privacy. In this work, we identify requirements such as automation, preference-centered, relationship-based, and multi-party privacy mechanisms, which have been more researched. But also other requirements (recently emerged), such as privacy preservation with risk metrics, explainability, and ephemeral messages. We explore all the advances made in the literature, and we have seen that most of these have been focused on matching the users’ preferences with their decision (which is not appropriate, because users cannot evaluate all of the potential privacy scenarios) instead of assessing privacy risk metrics, adaptation, and explainability. Therefore, we have identified open challenges, such as metrics for assessing privacy risks, explainable solutions for users, ephemeral communication solutions, and the application of these requirements to the multi-party privacy scenario.

A risk‐based methodology for privacy requirements elicitation and control selection

AbstractThe purpose of the paper is to provide a comprehensive privacy model for identifying the privacy risks of an enterprise based on its privacy requirements. A risk‐based methodology for automated privacy control selection against identified privacy requirements is also proposed. The privacy model has been designed using first order logic and it is semi‐formal in nature. Privacy risks are defined using the proposed formalism in terms of privacy properties. Algorithm for assessing privacy risk considering the actual information infrastructure of the enterprise is proposed. Based on the risk assessment, appropriate privacy controls should be selected from a control database. An algorithm for the same is also proposed. This methodology is easy to implement and can be used by any mid or large‐scale enterprise for privacy control implementation. The effectiveness of our proposed approach is shown using a case study. From the literature review, it has emerged that there is a dearth of comprehensive privacy models that can identify the privacy requirements emanating from different sources and can eventually help the enterprise to implement privacy controls as per privacy requirements. The proposed model attempts to address this research gap by helping an enterprise to identify the specific privacy requirements and automatically select privacy controls from an appropriate knowledge base. Privacy requirements can be customized as per the needs of the enterprise.

Linking Multiple User Identities of Multiple Services from Massive Mobility Traces

Understanding the linkability of online user identifiers (IDs) is critical to both service providers (for business intelligence) and individual users (for assessing privacy risks). Existing methods are designed to match IDs across two services but face key challenges of matching multiple services in practice, particularly when users have multiple IDs per service. In this article, we propose a novel system to link IDs across multiple services by exploring the spatial-temporal features of user activities, of which the core idea is that the same user's online IDs are more likely to repeatedly appear at the same location. Specifically, we first utilize a contact graph to capture the “co-location” of all IDs across multiple services. Based on this graph, we propose a set-wise matching algorithm to discover candidate ID sets and use Bayesian inference to generate confidence scores for candidate ranking, which is proved to be optimal. We evaluate our system using two real-world ground-truth datasets from an Internet service provider (4 services, 815K IDs) and Twitter-Foursquare (2 services, 770 IDs). Extensive results show that our system significantly outperforms the state-of-the-art algorithms in accuracy (AUC is higher by 0.1–0.2), and it is highly robust against data quality, matching order, and number of services.

Privacy and Artificial Intelligence

Artificial intelligence is a rapidly developing field of research with many practical applications. Congruent to advances in technologies that enable big data, deep learning, and neural networks to train, learn, and predict, artificial intelligence creates new risks that are difficult to predict and manage. Such risks include economic turmoil, existential crises, and the dissolution of individual privacy. If unchecked, the capabilities of artificially intelligent systems could pose a fundamental threat to privacy in their operation or these systems may leak information under adversarial conditions. In this article, we survey the literature and provide various scenarios for the use of artificial intelligence, highlighting potential risks to privacy and offering various mitigating strategies. For the purpose of this research, a North American perspective of privacy is adopted. Impact statement —While an appreciation of the privacy risks associated with artificial intelligence is important, a thorough understanding of the assortment of different technologies that comprise artificial intelligence better prepares those implementing such systems in assessing privacy impacts. This can be achieved through the independent consideration of each constituent of an artificially intelligent system and its interactions. Under individual consideration, privacy-enhancing tools can be applied in a targeted manner to reduce the risk associated with specific components of an artificially intelligent system. A generalized North American approach to assess privacy risks in such systems is proposed that will retain applicability as the field of research evolves and can be adapted to account for various sociopolitical influences. With such an approach, privacy risks in artificial intelligent systems can be well understood, measured, and reduced.

Toward a Framework for Assessing Privacy Risks in Multi-Omic Research and Databases

While the accumulation and increased circulation of genomic data have captured much attention over the past decade, privacy risks raised by the diversification and integration of omics have been largely overlooked. In this paper, we propose the outline of a framework for assessing privacy risks in multi-omic research and databases. Following a comparison of privacy risks associated with genomic and epigenomic data, we dissect ten privacy risk-impacting omic data properties that affect either the risk of re-identification of research participants, or the sensitivity of the information potentially conveyed by biological data. We then propose a three-step approach for the assessment of privacy risks in the multi-omic era. Thus, we lay grounds for a data property-based, ‘pan-omic’ approach that moves away from genetic exceptionalism. We conclude by inviting our peers to refine these theoretical foundations, put them to the test in their respective fields, and translate our approach into practical guidance.

Double Lockdown: The Effects of Digital Exclusion on Undocumented Immigrants during the COVID-19 Pandemic

The COVID-19 pandemic shifted many activities online. However, there is little research on the digital inclusion of undocumented immigrants and their experience of the pandemic in the United States. We conducted 32 interviews with undocumented Latino immigrants in the United States to examine how digital technologies mediated their experiences of the pandemic. We find that undocumented immigrants (1) face barriers to telehealth services, (2) are at high risk of COVID-19 misinformation, (3) experience difficulties in assessing privacy risks, and (4) experienced heterogeneous outcomes of technology use during the pandemic. Our analysis shows that digital technologies both supported and further marginalized undocumented immigrants during the pandemic. Future research on the digital inclusion of vulnerable populations should pay particular attention to the interaction between their underlying vulnerabilities, on the one hand, and attitudes, uses, and outcomes associated with technology, on the other.

Too Much Information: Assessing Privacy Risks of Contact Trace Data Disclosure on People With COVID-19 in South Korea.

Introduction: With the COVID-19 outbreak, South Korea has been making contact trace data public to help people self-check if they have been in contact with a person infected with the coronavirus. Despite its benefits in suppressing the spread of the virus, publicizing contact trace data raises concerns about individuals' privacy. In view of this tug-of-war between one's privacy and public safety, this work aims to deepen the understanding of privacy risks of contact trace data disclosure practices in South Korea.Method: In this study, publicly available contact trace data of 970 confirmed patients were collected from seven metropolitan cities in South Korea (20th Jan–20th Apr 2020). Then, an ordinal scale of relative privacy risk levels was introduced for evaluation, and the assessment was performed on the personal information included in the contact trace data, such as demographics, significant places, sensitive information, social relationships, and routine behaviors. In addition, variance of privacy risk levels was examined across regions and over time to check for differences in policy implementation.Results: It was found that most of the contact trace data showed the gender and age of the patients. In addition, it disclosed significant places (home/work) ranging across different levels of privacy risks in over 70% of the cases. Inference on sensitive information (hobby, religion) was made possible, and 48.7% of the cases exposed the patient's social relationships. In terms of regional differences, a considerable discrepancy was found in the privacy risk for each category. Despite the recent release of government guidelines on data disclosure, its effects were still limited to a few factors (e.g., workplaces, routine behaviors).Discussion: Privacy risk assessment showed evidence of superfluous information disclosure in the current practice. This study discusses the role of “identifiability” in contact tracing to provide new directions for minimizing disclosure of privacy infringing information. Analysis of real-world data can offer potential stakeholders, such as researchers, service developers, and government officials with practical protocols/guidelines in publicizing information of patients and design implications for future systems (e.g., automatic privacy sensitivity checking) to strike a balance between one's privacy and the public benefits with data disclosure.

DPIA in Context: Applying DPIA to Assess Privacy Risks of Cyber Physical Systems

Cyber Physical Systems (CPS) seamlessly integrate physical objects with technology, thereby blurring the boundaries between the physical and virtual environments. While this brings many opportunities for progress, it also adds a new layer of complexity to the risk assessment process when attempting to ascertain what privacy risks this might impose on an organisation. In addition, privacy regulations, such as the General Data Protection Regulation (GDPR), mandate assessment of privacy risks, including making Data Protection Impact Assessments (DPIAs) compulsory. We present the DPIA Data Wheel, a holistic privacy risk assessment framework based on Contextual Integrity (CI), that practitioners can use to inform decision making around the privacy risks of CPS. This framework facilitates comprehensive contextual inquiry into privacy risk, that accounts for both the elicitation of privacy risks, and the identification of appropriate mitigation strategies. Further, by using this DPIA framework we also provide organisations with a means of assessing privacy from both the perspective of the organisation and the individual, thereby facilitating GDPR compliance. We empirically evaluate this framework in three different real-world settings. In doing so, we demonstrate how CI can be incorporated into the privacy risk decision-making process in a usable, practical manner that will aid decision makers in making informed privacy decisions.

Assessing privacy risks in population health publications using a checklist-based approach.

Recent growth in the number of population health researchers accessing detailed datasets, either on their own computers or through virtual data centers, has the potential to increase privacy risks. In response, a checklist for identifying and reducing privacy risks in population health analysis outputs has been proposed for use by researchers themselves. In this study we explore the usability and reliability of such an approach by investigating whether different users identify the same privacy risks on applying the checklist to a sample of publications. The checklist was applied to a sample of 100 academic population health publications distributed among 5 readers. Cohen's κ was used to measure interrater agreement. Of the 566 instances of statistical output types found in the 100 publications, the most frequently occurring were counts, summary statistics, plots, and model outputs. Application of the checklist identified 128 outputs (22.6%) with potential privacy concerns. Most of these were associated with the reporting of small counts. Among these identified outputs, the readers found no substantial actual privacy concerns when context was taken into account. Interrater agreement for identifying potential privacy concerns was generally good. This study has demonstrated that a checklist can be a reliable tool to assist researchers with anonymizing analysis outputs in population health research. This further suggests that such an approach may have the potential to be developed into a broadly applicable standard providing consistent confidentiality protection across multiple analyses of the same data.

Forecasting the continuance intention of social networking sites: Assessing privacy risk and usefulness of technology

Social networking sites (SNS) have become to date one of the most important technological tools in the world. To explore the key factors affecting users' continuance intention of using SNS, this study applies the positive mood theory to explain why users continue to use SNS. The empirical results find that fear of missing out (FoMO) and enjoyment are both positively related to continuance intention, whereas negative affect is negatively related to continuance intention. Perceived usefulness positively moderates the relationship between enjoyment and continuance intention and that between negative affect and continuance intention. Perceived information privacy risk positively moderates the relationship between FoMO and continuance intention. This study contributes to the literature by applying the positive mood theory to explore the determinants of users' continuance intention of using SNS. We also provide managerial implications and research limitations.

The big data debate Privacy, Big Data, and the Public Good Frameworks for Engagement Julia Lane, Victoria Stodden, Stefan Bender, and Helen Nissenbaum, Eds. Cambridge University Press, 2014. 342 pp.

The big data debate <b>Privacy, Big Data, and the Public Good Frameworks for Engagement</b> <i>Julia Lane, Victoria Stodden, Stefan Bender, and Helen Nissenbaum, Eds.</i> Cambridge University Press, 2014. 342 pp.