73,652 research outputs found
Taxonomy for Information Privacy Metrics
A comprehensive privacy framework is essential for the progress of the information privacy field. Some practical implications of a comprehensive framework are laying foundation for building information privacy metrics and having fruitful discussions. Taxonomy is an essential step in building a framework. This research study attempts to build taxonomy for the information privacy domain based on empirical data. The classical grounded theory approach introduced by Glaser was applied and incidents reported by the International Association of Privacy Professionals (IAPP) are used for building the taxonomy. These incidents include privacy related current research works, data breaches, personal views, interviews, and technological innovations. TAMZAnalyzer, an open source qualitative data analysis tool, was used in coding, keeping memos, sorting, and creating categories. The taxonomy is presented in seven themes and several categories including legal, technical, and ethical aspects. The findings of this study helps practitioners understand and discuss the subjects and academia work toward building a comprehensive framework and metrics for the information privacy domain
User's Privacy in Recommendation Systems Applying Online Social Network Data, A Survey and Taxonomy
Recommender systems have become an integral part of many social networks and
extract knowledge from a user's personal and sensitive data both explicitly,
with the user's knowledge, and implicitly. This trend has created major privacy
concerns as users are mostly unaware of what data and how much data is being
used and how securely it is used. In this context, several works have been done
to address privacy concerns for usage in online social network data and by
recommender systems. This paper surveys the main privacy concerns, measurements
and privacy-preserving techniques used in large-scale online social networks
and recommender systems. It is based on historical works on security,
privacy-preserving, statistical modeling, and datasets to provide an overview
of the technical difficulties and problems associated with privacy preserving
in online social networks.Comment: 26 pages, IET book chapter on big data recommender system
Mining social network data for personalisation and privacy concerns: A case study of Facebookâs Beacon
This is the post-print version of the final published paper that is available from the link below.The popular success of online social networking sites (SNS) such as Facebook is a hugely tempting resource of data mining for businesses engaged in personalised marketing. The use of personal information, willingly shared between online friends' networks intuitively appears to be a natural extension of current advertising strategies such as word-of-mouth and viral marketing. However, the use of SNS data for personalised marketing has provoked outrage amongst SNS users and radically highlighted the issue of privacy concern. This paper inverts the traditional approach to personalisation by conceptualising the limits of data mining in social networks using privacy concern as the guide. A qualitative investigation of 95 blogs containing 568 comments was collected during the failed launch of Beacon, a third party marketing initiative by Facebook. Thematic analysis resulted in the development of taxonomy of privacy concerns which offers a concrete means for online businesses to better understand SNS business landscape - especially with regard to the limits of the use and acceptance of personalised marketing in social networks
Towards a Flexible Cloud Architectural Decision Framework for Diverse Application Architectures
End user privacy is a critical concern for all organizations that collect, process and store user data as a part of their business. Privacy concerned users, regulatory bodies and privacy experts continuously demand organizations provide users with privacy protection. Current research lacks an understanding of organizational characteristics that affect an organizationâs motivation towards user privacy. This has resulted in a âone solution fits allâ approach, which is incapable of providing sustainable solutions for organizational issues related to user privacy. In this work, we have empirically investigated 40 diverse organizations on their motivations and approaches towards user privacy. Resources such as newspaper articles, privacy policies, and internal privacy reports that display information about organizational motivations and approaches towards user privacy were used in the study. We could observe organizations to have two primary motivations to provide end users with privacy as voluntary driven inherent motivation, and risk driven compliance motivation. Building up on these findings, we developed a taxonomy of organizational privacy approaches and further explored the taxonomy through limited exclusive interviews. With his work, we encourage authorities and scholars to understand organizational characteristics that define an organizationâs approach towards privacy, in order to communicate regulations that enforce and encourage organizations to consider privacy within their business practices
A review on visual privacy preservation techniques for active and assisted living
This paper reviews the state of the art in visual privacy protection techniques, with particular attention paid to techniques applicable to the field of Active and Assisted Living (AAL). A novel taxonomy with which state-of-the-art visual privacy protection methods can be classified is introduced. Perceptual obfuscation methods, a category in this taxonomy, is highlighted. These are a category of visual privacy preservation techniques, particularly relevant when considering scenarios that come under video-based AAL monitoring. Obfuscation against machine learning models is also explored. A high-level classification scheme of privacy by design, as defined by experts in privacy and data protection law, is connected to the proposed taxonomy of visual privacy preservation techniques. Finally, we note open questions that exist in the field and introduce the reader to some exciting avenues for future research in the area of visual privacy.Open Access funding provided thanks to the CRUE-CSIC agreement with Springer Nature. This work is part of the visuAAL project on Privacy-Aware and Acceptable Video-Based Technologies and Services for Active and Assisted Living (https://www.visuaal-itn.eu/). This project has received funding from the European Unionâs Horizon 2020 research and innovation programme under the Marie SkĆodowska-Curie grant agreement No 861091. The authors would also like to acknowledge the contribution of COST Action CA19121 - GoodBrother, Network on Privacy-Aware Audio- and Video-Based Applications for Active and Assisted Living (https://goodbrother.eu/), supported by COST (European Cooperation in Science and Technology) (https://www.cost.eu/)
A Taxonomy for Mining and Classifying Privacy Requirements in Issue Reports
Digital and physical footprints are a trail of user activities collected over
the use of software applications and systems. As software becomes ubiquitous,
protecting user privacy has become challenging. With the increasing of user
privacy awareness and advent of privacy regulations and policies, there is an
emerging need to implement software systems that enhance the protection of
personal data processing. However, existing privacy regulations and policies
only provide high-level principles which are difficult for software engineers
to design and implement privacy-aware systems. In this paper, we develop a
taxonomy that provides a comprehensive set of privacy requirements based on two
well-established and widely-adopted privacy regulations and frameworks, the
General Data Protection Regulation (GDPR) and the ISO/IEC 29100. These
requirements are refined into a level that is implementable and easy to
understand by software engineers, thus supporting them to attend to existing
regulations and standards. We have also performed a study on how two large
open-source software projects (Google Chrome and Moodle) address the privacy
requirements in our taxonomy through mining their issue reports. The paper
discusses how the collected issues were classified, and presents the findings
and insights generated from our study.Comment: Submitted to IEEE Transactions on Software Engineering on 23 December
202
STRUCTURING FEDERATED LEARNING APPLICATIONS â A LITERATURE ANALYSIS AND TAXONOMY
Ensuring data privacy is an essential objective competing with the ever-rising capabilities of machine learning approaches fueled by vast amounts of centralized data. Federated learning addresses this conflict by moving the model to the data while ensuring that the data itself does not leave a client\u27s device. However, maintaining privacy impels new challenges concerning algorithm performance or fairness of the algorithm\u27s results that remain uncovered from a sociotechnical perspective. We tackle this research gap by conducting a structured literature review and analyzing 152 articles to develop a taxonomy of federated learning applications consisting of nine dimensions and 25 characteristics. Our taxonomy illustrates how different attributes of federated learning affect trade-offs between an algorithm\u27s privacy, performance, and fairness. Despite an increasing interest in the technical implementation of federated learning, our work is one of the first to emphasize an information systems perspective on this emerging and promising topic
Biometric Technologies and the Law: Developing a Taxonomy for Guiding Policymakers
Despite the increasing adoption of biometric technologies, their regulation
has not kept up with the same pace, particularly with regard to safeguarding
individuals' privacy and personal data. Policymakers may struggle to comprehend
the technology behind biometric systems and their potential impact on
fundamental rights, resulting in insufficient or inadequate legal regulation.
This study seeks to bridge this gap by proposing a taxonomy of biometric
technologies that can aid in their effective deployment and supervision.
Through a literature review, the technical characteristics of biometric systems
were identified and categorised. The resulting taxonomy can enhance the
understanding of biometric technologies and facilitate the development of
regulation that prioritises privacy and personal data protection.Comment: 11 pages, 1 figure, submitted to 57th Hawaii International Conference
on System Sciences (HICSS-57
Private Graph Data Release: A Survey
The application of graph analytics to various domains have yielded tremendous
societal and economical benefits in recent years. However, the increasingly
widespread adoption of graph analytics comes with a commensurate increase in
the need to protect private information in graph databases, especially in light
of the many privacy breaches in real-world graph data that was supposed to
preserve sensitive information. This paper provides a comprehensive survey of
private graph data release algorithms that seek to achieve the fine balance
between privacy and utility, with a specific focus on provably private
mechanisms. Many of these mechanisms fall under natural extensions of the
Differential Privacy framework to graph data, but we also investigate more
general privacy formulations like Pufferfish Privacy that can deal with the
limitations of Differential Privacy. A wide-ranging survey of the applications
of private graph data release mechanisms to social networks, finance, supply
chain, health and energy is also provided. This survey paper and the taxonomy
it provides should benefit practitioners and researchers alike in the
increasingly important area of private graph data release and analysis
SoK: Differential Privacies
Shortly after it was first introduced in 2006, differential privacy became
the flagship data privacy definition. Since then, numerous variants and
extensions were proposed to adapt it to different scenarios and attacker
models. In this work, we propose a systematic taxonomy of these variants and
extensions. We list all data privacy definitions based on differential privacy,
and partition them into seven categories, depending on which aspect of the
original definition is modified.
These categories act like dimensions: variants from the same category cannot
be combined, but variants from different categories can be combined to form new
definitions. We also establish a partial ordering of relative strength between
these notions by summarizing existing results. Furthermore, we list which of
these definitions satisfy some desirable properties, like composition,
post-processing, and convexity by either providing a novel proof or collecting
existing ones.Comment: This is the full version of the SoK paper with the same title,
accepted at PETS (Privacy Enhancing Technologies Symposium) 202
- âŠ