Understanding the current trends in mobile crowdsensing - a business model perspective: case MyGeo Trust

Crowdsensing and personal data markets that have emerged around it have rapidly gained momentum in parallel with the appearance of mobile devices. Collecting information via mobile sensors and the applications relying on these, the privacy of mobile users can be threatened, especially in the case of location-related data. In 2015, a research project called MyGeoTrust was initiated to investigate this issue. One aim of the project was to study the potential business models for a trusted, open-source crowdsourcing platform. This study, carried within the MyGeoTrust project, reviews existing literature about business models, location-based services, and open-source software development. It then investigates the relationship between these topics and mobile crowdsensing. As a whole, this thesis provides an overview on the development of location-based services, as well as the current trends and business models in crowdsensing. The empirical part of the thesis employs embedded case study methodology, acquiring empirical data from several sources. The analyzed case is the MyGeoTrust project itself, and other empirical data is collected via market analysis, interim reports, a user survey, and semi-structured interviews. This material forms the baseline for the empirical study and project-specific recommendations. The findings suggest that creating a two- or multisided platform is the most robust business model for mobile crowdsensing. The identified benefits of platform-based business models include facilitating the value exchange between self-governing groups and possibilities to build positive network effects. This is especially the case with open-source software and open data since the key value for users - or “the crowd” in other terms - is created through network effects. In the context of open business models, strategic planning, principally licensing, plays a central role. Also, for a differentiated platform like MyGeoTrust finding the critical mass of users is crucial, in order to create an appealing alternative to current market leaders. Lastly, this study examines how transformational political or legal factors may shape the scene and create requirements for novel, privacy-perceiving solutions. In the present case study, the upcoming European Union (EU) General Data Protection Regulation (GDPR) legislation is a central example of such a factor

Mobile Privacy and Business-to-Platform Dependencies: An Analysis of SEC Disclosures

This Article systematically examines the dependence of mobile apps on mobile platforms for the collection and use of personal information through an analysis of Securities and Exchange Commission (SEC) filings of mobile app companies. The Article uses these disclosures to find systematic evidence of how app business models are shaped by the governance of user data by mobile platforms, in order to reflect on the role of platforms in privacy regulation more generally. The analysis of SEC filings documented in the Article produces new and unique insights into the data practices and data-related aspects of the business models of popular mobile apps and shows the value of SEC filings for privacy law and policy research more generally. The discussion of SEC filings and privacy builds on regulatory developments in SEC disclosures and cybersecurity of the last decade. The Article also connects to recent regulatory developments in the U.S. and Europe, including the General Data Protection Regulation, the proposals for a new ePrivacy Regulation and a Regulation of fairness in business-to-platform relations

Privacy in Gaming

Video game platforms and business models are increasingly built on collection, use, and sharing of personal information for purposes of both functionality and revenue. This paper examines privacy issues and explores data practices, technical specifications, and policy statements of the most popular games and gaming platforms to provide an overview of the current privacy legal landscape for mobile gaming, console gaming, and virtual reality devices. The research observes how modern gaming aligns with information privacy notions and norms and how data practices and technologies specific to gaming may affect users and, in particular, child gamers. After objectively selecting and analyzing major players in gaming, the research notes the many different ways that game companies collect data from users, including through cameras, sensors, microphones, and other hardware, through platform features for social interaction and user-generated content, and by means of tracking technologies like cookies and beacons. The paper also notes how location and biometric data are collected routinely through game platforms and explores issues specific to mobile gaming and pairing with smartphones and other external hardware devices. The paper concludes that transparency as to gaming companies’ data practices could be much improved, especially regarding sharing with third party affiliates. In addition, the research considers how children’s privacy may be particularly affected while gaming, determining that special attention should be paid to user control mechanisms and privacy settings within games and platforms, that social media and other interactive features create unique privacy and safety concerns for children which require gamer and parent education, and that privacy policy language is often incongruent with age ratings advertised to children and parents. To contribute additional research value and resources, the paper attaches a comprehensive set of appendices, on which the research conclusions are in part based, detailing the technical specifications and privacy policy statements of popular games and gaming platforms for mobile gaming, console gaming, and virtual reality devices

Survey of End-to-End Mobile Network Measurement Testbeds, Tools, and Services

Mobile (cellular) networks enable innovation, but can also stifle it and lead to user frustration when network performance falls below expectations. As mobile networks become the predominant method of Internet access, developer, research, network operator, and regulatory communities have taken an increased interest in measuring end-to-end mobile network performance to, among other goals, minimize negative impact on application responsiveness. In this survey we examine current approaches to end-to-end mobile network performance measurement, diagnosis, and application prototyping. We compare available tools and their shortcomings with respect to the needs of researchers, developers, regulators, and the public. We intend for this survey to provide a comprehensive view of currently active efforts and some auspicious directions for future work in mobile network measurement and mobile application performance evaluation.Comment: Submitted to IEEE Communications Surveys and Tutorials. arXiv does not format the URL references correctly. For a correctly formatted version of this paper go to http://www.cs.montana.edu/mwittie/publications/Goel14Survey.pd

Online privacy: towards informational self-determination on the internet : report from Dagstuhl Perspectives Workshop 11061

The Dagstuhl Perspectives Workshop "Online Privacy: Towards Informational Self-Determination on the Internet" (11061) has been held in February 6-11, 2011 at Schloss Dagstuhl. 30 participants from academia, public sector, and industry have identified the current status-of-the-art of and challenges for online privacy as well as derived recommendations for improving online privacy. Whereas the Dagstuhl Manifesto of this workshop concludes the results of the working groups and panel discussions, this article presents the talks of this workshop by their abstracts

After Over-Privileged Permissions: Using Technology and Design to Create Legal Compliance

Consumers in the mobile ecosystem can putatively protect their privacy with the use of application permissions. However, this requires the mobile device owners to understand permissions and their privacy implications. Yet, few consumers appreciate the nature of permissions within the mobile ecosystem, often failing to appreciate the privacy permissions that are altered when updating an app. Even more concerning is the lack of understanding of the wide use of third-party libraries, most which are installed with automatic permissions, that is permissions that must be granted to allow the application to function appropriately. Unsurprisingly, many of these third-party permissions violate consumers’ privacy expectations and thereby, become “over-privileged” to the user. Consequently, an obscurity of privacy expectations between what is practiced by the private sector and what is deemed appropriate by the public sector is exhibited. Despite the growing attention given to privacy in the mobile ecosystem, legal literature has largely ignored the implications of mobile permissions. This article seeks to address this omission by analyzing the impacts of mobile permissions and the privacy harms experienced by consumers of mobile applications. The authors call for the review of industry self-regulation and the overreliance upon simple notice and consent. Instead, the authors set out a plan for greater attention to be paid to socio-technical solutions, focusing on better privacy protections and technology embedded within the automatic permission-based application ecosystem