Privacy Harms Research Articles

The Privacy/Antitrust Curse: Insights from GDPR Application in Competition Law Proceedings

In response to the emergence of large online platforms whose business model revolves around the collection and processing of personal data, it is usually suggested that competition and data protection are synergistic, hence requiring an integrated approach. In this respect, Europe represents the testing ground for evaluating how privacy breaches may inform antitrust investigations. Indeed, the General Data Protection Regulation (GDPR) on the one side and the German Facebook antitrust decision on the other side are considered the benchmarks of this new stance aimed at linking market power and data power. This paper tests the concrete viability of such an approach, analyzing how data protection rules and principles have been applied in antitrust proceedings by the European Commission and national competition authorities. Notably, the paper aims at demonstrating the fallacy of the narrative which describes the relationship between privacy and antitrust in terms of synergy and complementarity. Furthermore, the paper maintains that the principles recently affirmed by the European Court of Justice in Meta do not appear conclusive in addressing the issue. The strategic use of privacy as a business justification to pursue anticompetitive advantages currently addressed in the numerous Apple ATT investigations indeed shows the tension between these areas of law. Therefore, rather than strengthening the antitrust enforcement against gatekeepers and their data strategies, the inclusion of privacy harms in antitrust proceedings turns out to be a potential curse for competition authorities, providing players with an opportunity for regulatory gaming to undermine the antitrust enforcement. JEL Codes: D83, K21, L12, L4

Safety and Privacy in Immersive Extended Reality: An Analysis and Policy Recommendations

Extended reality (XR) technologies have experienced cycles of development—“summers” and “winters”—for decades, but their overall trajectory is one of increasing uptake. In recent years, immersive extended reality (IXR) applications, a kind of XR that encompasses immersive virtual reality (VR) and augmented reality (AR) environments, have become especially prevalent. The European Union (EU) is exploring regulating this type of technology, and this article seeks to support this endeavor. It outlines safety and privacy harms associated with IXR, analyzes to what extent the existing EU framework for digital governance—including the General Data Protection Regulation, Product Safety Legislation, ePrivacy Directive, Digital Markets Act, Digital Services Act, and AI Act—addresses these harms, and offers some recommendations to EU legislators on how to fill regulatory gaps and improve current approaches to the governance of IXR.

Navigating the Gray: Design Practitioners' Perceptions Toward the Implementation of Privacy Dark Patterns

Designers are sometimes accused of using deceptive methods to manipulate users' information privacy decisions through "privacy dark patterns." Through semi-structured interviews, we explore the perceptions of 23 design practitioners towards the implementation of "privacy dark patterns" created by other designers. This paper explores designers' perceived responsibilities toward users' privacy and their interpretations of the reasons behind the design implementation. We found a range of empathetic rationales among our participants toward other designers' intentions. An example theme is Designer Followed the Status Quo, where common and widely used privacy interfaces are normalized a practice that is typically viewed as reasonable. Our participants' interpretations of the design intent influenced their self-reported practices for navigating similar design requests. We propose a set of factors that influence privacy design practices, including following conventions and norms, ensuring legal compliance, reliance on established usability standards, perceived benefits to businesses and consumers, and degrees of privacy harm.

Between Privacy and Utility: On Differential Privacy in Theory and Practice

Differential privacy (DP) aims to confer data processing systems with inherent privacy guarantees, offering strong protections for personal data. But DP’s approach to privacy carries with it certain assumptions about how mathematical abstractions will be translated into real-world systems, which—if left unexamined and unrealized in practice—could function to shield data collectors from liability and criticism, rather than substantively protect data subjects from privacy harms. This article investigates these assumptions and discusses their implications for using DP to govern data-driven systems. In Parts 1 and 2, we introduce DP as, on one hand, a mathematical framework and, on the other hand, a kind of real-world sociotechnical system, using a hypothetical case study to illustrate how the two can diverge. In Parts 3 and 4, we discuss the way DP frames privacy loss, data processing interventions, and data subject participation, arguing it could exacerbate existing problems in privacy regulation. In part 5, we conclude with a discussion of DP’s potential interactions with the endogeneity of privacy law, and we propose principles for best governing DP systems. In making such assumptions and their consequences explicit, we hope to help DP succeed at realizing its promise for better substantive privacy protections.

Cross-Contextual Examination of Older Adults' Privacy Concerns, Behaviors, and Vulnerabilities

A growing body of research has examined the privacy concerns and behaviors of older adults, often within specific contexts. It remains unclear to what extent older adults' privacy concerns and behaviors vary across contexts and whether old age is the primary factor influencing privacy vulnerabilities. To address this gap, we conducted semi-structured interviews with 43 older adults (aged 65 to 89) in the United States. Our interviews were grounded in five scenarios: account and device sharing, healthcare, online advertising, social networking, and cybercrime. Our cross-contextual analysis showed that cybercrime was a recurring and pressing concern across scenarios; privacy concerns and protective behaviors were rarely mentioned in the healthcare scenario. Across all scenarios, participants' threat models and strategies revolved around data collection rather than other stages in which privacy harms may occur; they employed various active strategies to safeguard their privacy while trusting service providers to protect their information. Our findings underscore the need to revisit the discussion around privacy vulnerability and aging. Vulnerability levels among our participants varied widely and were often influenced by factors beyond age, such as tech savviness and income. We discuss opportunities for privacy interventions, technologies, and education that promote positive aging and recognize diversity among older adults.

Privacy-Shielding Autonomous Systems For Natural Disaster Management (Ndm): Targeted Regulation Of The Use Of Autonomous Systems For Natural Disaster Management Goals Before The Materialization Of The Privacy Harm

This contribution aims to recommend a fully-fledged privacy-assessment applicable to future uses of Autonomous Systems (AS) for Natural Disaster Management (NDM) purposes. It claims that certain implementations may interfere with the right to privacy and the protection of personal data and analyses challenges stemming from (non-) compliance with the General Data Protection Regulation (GDPR). Moreover, it subjects the use of autonomous systems to the European Court of Human Rights’(ECtHR) Legality – Legitimacy – Necessity testing (LLN-check). On this basis, it proposes a targeted and ex ante privacy-assessment to address legal uncertainty, resulting from the GDPR’s tech-neutrality and case law’s ex post (after the harm) adjudication. The recommended scheme, ideally involving experts from various disciplines who would moreover be independent, could apply before the actual use of any AS and give a ‘proceed’, a ‘proceed with conditions’ or a ‘do not proceed’ decision. personal data, privacy, autonomous systems, natural disaster management

The Open Prison of the Big Data Revolution: False Consciousness, Faustian Bargains, and Digital Entrapment

Although some scholars raise alarm about societal harm emerging from Big Data practices, critical social theory (CST) Information Systems research on the structures and dynamics driving Big Data practices is rare. In this research commentary, we interrogate how tech firms use social practices and platform design to strategically manipulate individuals into accepting datafication and data assetization that accrue positive data network effects for themselves and mostly negative data network effects (economic loss, social and privacy harm) for individuals. We draw on the ideas of Heidegger and Marcuse to critically question the Big Data paradigm in order to develop better understanding of the social implications for individuals and society. Using the concepts of false consciousness, digital entrapment, and Faustian bargains, we critically inquire into the Big Data practices that keep us tethered to digital platforms. Specifically, we interrogate sociomaterial structures that socially condition individuals into a digital habitus and to identify themselves as homo digitalis, who view all their “relations” (social and economic) as digital. This social conditioning reproduces a false consciousness that constricts our worldview, undermines our rational choices, and enables the risky compromises we make with tech companies that manipulate and exploit us with their increasingly oppressive Big Data practices and related dark patterns. We critically analyze the case of Microsoft Viva to provide an illustration of how mundane digital tools can condition our reality and entrap us into an open prison. We argue that if we do not critically interrogate our false consciousness of the digital and understand how digital giants colonize our social systems by structurally embedding Big Data practices, we will continue to be susceptible to manipulation and digital entrapment. Ongoing risky compromises with tech firms will erode the very foundations of the “good life,” freedom, liberty, and personal privacy, and they will institutionalize the open prison. The CST explanation we propose and the research agenda we outline are meant to encourage research into solutions to the digital entrapment problem.History: Suprateek Sarker, Senior Editor; Robert Gregory, Associate Editor.Supplemental Material: The online appendix is available at https://doi.org/10.1287/isre.2020.0588 .

Privacy Harm and Non-Compliance from a Legal Perspective

In today's data-sharing paradigm, personal data has become a valuable resource that intensifies the risk of unauthorized access and data breach. Increased data mining techniques used to analyze big data have posed significant risks to data security and privacy. Consequently, data breaches are a significant threat to individual privacy. Privacy is a multifaceted concept covering many areas, including the right to access, erasure, and rectify personal data. This paper explores the legal aspects of privacy harm and how they transform into legal action. Privacy harm is the negative impact to an individual as a result of the unauthorized release, gathering, distillation, or expropriation of personal information. Privacy Enhancing Technologies (PETs) emerged as a solution to address data privacy issues and minimize the risk of privacy harm. It is essential to implement privacy enhancement mechanisms to protect Personally Identifiable Information (PII) from unlawful use or access. FIPPs (Fair Information Practice Principles), based on the 1973 Code of Fair Information Practice (CFIP), and the Organization for Economic Cooperation and Development (OECD), are a collection of widely accepted, influential US codes that agencies use when evaluating information systems, processes, programs, and activities affecting individual privacy. Regulatory compliance places a responsibility on organizations to follow best practices to ensure the protection of individual data privacy rights. This paper will focus on FIPPs, relevance to US state privacy laws, their influence on OECD, and reference to the EU General Data Processing Regulation. (GDPR).

A Digital Space of One’s Own: Rethinking Children’s Online Privacy

AbstractThis paper rereads the tort of intrusion upon seclusion, as it was adopted by the Ontario Court of Appeal in Jones v Tsige, to include a fuller account of online privacy. It proposes that the Court’s stress on informational privacy forfeits a more dynamic and “spatialized” conception of privacy harm. This paper develops a relational account of spatial privacy using the work of Iris Marion Young, Virginia Woolf, and Jennifer Nedelsky based on three features—embodied habits, narrative, and experimentation—to supplement the informational reading of privacy in Jones. While Jones is not a case about young people, this paper nonetheless takes the Court’s emphasis on digital technology as an invitation to reflect on young people’s privacy. Using different accounts of young people’s online experience, it proposes that while privacy is certainly transformed by the online world, its basic spatial features have not changed as dramatically as the Court in Jones suggests.

Regulating algorithmic management: A blueprint

The promise—and perils—of algorithmic management are increasingly recognised in the literature. How should regulators respond to the automation of the full range of traditional employer functions, from hiring workers through to firing them? This article identifies two key regulatory gaps—an exacerbation of privacy harms and information asymmetries, and a loss of human agency—and sets out a series of policy options designed to address these novel harms. Redlines (prohibitions), purpose limitations, and individual as well as collective information rights are designed to protect against harmfully invasive data practices; provisions for human involvement ‘in the loop’ (banning fully automated terminations), ‘after the loop’ (a right to meaningful review), ‘before the loop’ (information and consultation rights) and ‘above the loop’ (impact assessments) aim to restore human agency in the deployment and governance of algorithmic management systems.

The digital harms of smart home devices: A systematic literature review

The connection of home electronic devices to the internet allows remote control of physical devices and involves the collection of large volumes of data. With the increase in the uptake of Internet-of-Things home devices, it becomes critical to understand the digital harms of smart homes. We present a systematic literature review on the security and privacy harms of smart homes. PRISMA methodology is used to systematically review 63 studies published between January 2011 and October 2021; and a review of known cases is undertaken to illustrate the literature review findings with real-world scenarios. Published literature identifies that smart homes may pose threats to confidentiality (unwanted release of information), authentication (sensing information being falsified) and unauthorised access to system controls. Most existing studies focus on privacy intrusions as a prevalent form of harm against smart homes. Other types of harms that are less common in the literature include hacking, malware and DoS attacks. Digital harms, and data associated with these harms, may vary extensively across smart devices. Most studies propose technical measures to mitigate digital harms, while fewer consider social prevention mechanisms. We also identify salient gaps in research, and argue that these should be addressed in future crossdisciplinary research initiatives.

Developing Privacy Incident Responses to Combat Information Warfare

Violations of privacy harm real people, and as nation-state actors grow their information warfare capabilities, civilians suffer these harms as part of coordinated and targeted actions on objectives. When privacy harms manifest, they allow threat actors to injure data subjects by weaponizing their information to harm individuals, communities, and societies. These attacks injure civilians as the confidence of legitimate authorities, institutions, and defences is eroded, and consequences may impact national security. Distinct from cybersecurity, privacy depends upon confidentiality, integrity, and availability but encompasses a unique set of concerns. Whereas security incident response has an established practice and research history, approaches to privacy incident response, such as unauthorized disclosure, are not well researched or documented in academic literature in the unique context of privacy. By mapping privacy harm to techniques and tactics, a cohesive framework emerges to distinguish tailored mitigation strategies for each. This paper proposes a conceptual model and classification framework for privacy-related harms, tactics, techniques, and mitigation strategies to address sophisticated privacy threat actors. Using this model and framework, contingency planners can develop privacy incident response strategies to defend against the privacy harms of information warfare.

Privacy-Shielding Autonomous Systems (as) for Natural Disaster Management (Ndm): Targeted Regulation of As-Uses for Ndm-Goals Before the Materialisation of the Privacy Harm

Privacy-Shielding Autonomous Systems (as) for Natural Disaster Management (Ndm): Targeted Regulation of As-Uses for Ndm-Goals Before the Materialisation of the Privacy Harm

A Cloud-based Mobile Privacy Protection System with Efficient Cache Mechanism

People increasingly rely on their mobile devices and use them to store a lot of data. Some of the data are personal and private, whose leakage leads to users' privacy harm. Meanwhile, mobile apps and services over-collect users' data due to the coarse-grained access control approach utilized by the mobile operating system. We propose a cloud-based approach to provide fine-grained access control toward data requests. We add privacy level, as a new metadata, to data and manage the storage using different policies correspondingly. However, the proposed approach leads to performance decreases because of the extra communication cost. We also introduce a novel cache mechanism to eliminate the extra cost by storing non-private and popular data on the mobile device. As part of our cache mechanism, we design a user-preference-based ordering method along with the principle of locality to determine how popular some data are. We also design a configurable refresh policy to improve the overall performance. Finally, we evaluate our approach using a real phone in a simulated environment. The results show that our approach can keep the response time of all data requests within a reasonable range and the cache mechanism can further improve the performance.

What blockchain can and can’t do: Applications to marketing and privacy

Marketing has enjoyed unparalleled transformation in terms of its effectiveness and ability to delivery measurable return on investment due to the digital revolution. The spread of blockchain technology has led to suggestions that it may have significant marketing applications. Though blockchain is indeed an amazing technology with significant applications, this paper argues that its usefulness in many traditional marketing applications may be limited. The reasons why throw important light on the interactions between blockchain technologies, data and privacy. Blockchain, by its nature, may lead to substantial privacy harms when used indiscriminately for marketing purposes.11This research is based on insights from two previously published papers - Tucker and Catalini (2018) and Marthews and Tucker (2019)

Innovative Privacy Practices

AbstractThe panel is premised by a recurring theme in empirical privacy research: as privacy localism drive regulation and policy change, we are left with a landscape that is fragmented, across states and sectors; confusing, between places and stakeholders; and often insufficient, as laws address narrow sets of privacy harms or specific actors. This raises the question: How can organizations and individuals innovate to address privacy policy gaps and fragmentation? This panel aims to describe and discuss creative and experimental approaches to institutionalize privacy practices in different contexts and organizations, moving beyond relying on policy alone to promote social good. We address this from a variety of perspectives including licensing, contracting, privacy by design including via architecture, records laws, AI ethics, human rights, obfuscation, and activism.

“I mute my echo when I talk politics”: Connecting Smart Home Device Users’ Concerns to Privacy Harms Taxonomy

With the proliferation of Internet of Things devices, smart home devices are expected to increase in use. However, experts have raised privacy concerns regarding these devices. As the body of literature on understanding privacy concerns continues to emerge, we realize the need for a privacy concerns taxonomy to standardize and facilitate common understanding of privacy concerns. To address this gap, we conducted 25 interviews of smart home device users and analyzed their privacy concerns qualitatively. This paper contributes analysis of user privacy concerns from the angle of privacy taxonomy theory. It examines whether privacy concerns could be characterized by Solove’s taxonomy of privacy, which is a well-recognized privacy taxonomy for informational privacy. We further discuss results and their implications.

Extending Privacy Harms Toward a Non-Economic Perspective

Addressing data breach harms has become a great challenge in the administration of privacy law in the United States. Several data breach cases have been dismissed by US courts because the victims cannot prove cognizable harm. The current US legal system emphasizes that data breach victims must prove that they have suffered an “injury in fact,” which means that the injury suffered must be concrete and particularized. Data breach harms are futuristic and hard-to-quantify, reasons for which they may not fit in the “injury in fact” requirement. Furthermore, victims of data violations have attempted to plead economic loss to prove the harm suffered, but with no success. This article suggests a new approach that aims at addressing privacy harms without necessarily proving economically quantifiable harm.

On what Authority? In Search of a Legal Authority for Government Facilitation of "Media Ride-Along" Programmes and the Privacy Harm they Cause

Whether it be through the tort of privacy or the Broadcasting Standards Authority, involuntary subjects of reality journalism have suffered sufficient harm at their inclusion to take legal action against the media. Utilising the TV series Border Patrol as a case study, this article looks at the role that government agencies play in facilitating this harm, rather than the media which produce and broadcast these programmes. The tort of privacy is adopted in this article as a framework to examine and establish the significant risk of privacy-related harm in this area. Following the proposition that the state must act under legal authority, it is argued that government agencies must have a clear legal basis for permitting production companies to enter and film passengers in the controlled border space, particularly given the high risk of privacy breaches. There does not appear to be any legal justification or authority for facilitating access to this space. Given these agencies' public assurances regarding transparency and privacy, they should identify and publicise this legal basis, alongside documentation of their interaction and co-operation with the media production company.

Privacy risk in contact tracing systems

ABSTRACT For over a century, contact tracing has been an integral public health strategy for infectious disease control when there is no pharmaceutical treatment. Contact tracing for the coronavirus disease COVID-19 introduced a variety of automated methods deployed across several countries. The present paper examines privacy risk to infected persons and their physical contacts in contact tracing systems. Automated contact tracing systems implemented during the early months of COVID-19 are compared to conventional manual methods. Solove’s taxonomy of privacy is applied to examine privacy risks in both conventional and automated contact tracing systems. As a method of epidemiological surveillance, all contact tracing systems inherently incur privacy risk. However, compared to conventional methods, automated contact tracing systems amplify privacy risk with pre-emptive data collection on all app users, regardless of exposure to an infectious disease; continuous, granular data collection on all users’ location and proximity contacts; insecurities in proximity app technologies and interconnectivity; and in many cases, the use of centralised systems. Reducing these risk factors can reduce privacy harms, such as identification, distortion, secondary use, stigma, and social control.