Characterizing videos, audience and advertising in Youtube channels for kids

Online video services, messaging systems, games and social media services are tremendously popular among young people and children in many countries. Most of the digital services offered on the internet are advertising funded, which makes advertising ubiquitous in children's everyday life. To understand the impact of advertising-based digital services on children, we study the collective behavior of users of YouTube for kids channels and present the demographics of a large number of users. We collected data from 12,848 videos from 17 channels in US and UK and 24 channels in Brazil. The channels in English have been viewed more than 37 billion times. We also collected more than 14 million comments made by users. Based on a combination of text-analysis and face recognition tools, we show the presence of racial and gender biases in our large sample of users. We also identify children actively using YouTube, although the minimum age for using the service is 13 years in most countries. We provide comparisons of user behavior among the three countries, which represent large user populations in the global North and the global South

Are anonymity-seekers just like everybody else? An analysis of contributions to Wikipedia from Tor

User-generated content sites routinely block contributions from users of privacy-enhancing proxies like Tor because of a perception that proxies are a source of vandalism, spam, and abuse. Although these blocks might be effective, collateral damage in the form of unrealized valuable contributions from anonymity seekers is invisible. One of the largest and most important user-generated content sites, Wikipedia, has attempted to block contributions from Tor users since as early as 2005. We demonstrate that these blocks have been imperfect and that thousands of attempts to edit on Wikipedia through Tor have been successful. We draw upon several data sources and analytical techniques to measure and describe the history of Tor editing on Wikipedia over time and to compare contributions from Tor users to those from other groups of Wikipedia users. Our analysis suggests that although Tor users who slip through Wikipedia's ban contribute content that is more likely to be reverted and to revert others, their contributions are otherwise similar in quality to those from other unregistered participants and to the initial contributions of registered users.Comment: To appear in the IEEE Symposium on Security & Privacy, May 202

Proc ACM Hum Comput Interact

Participation in communities is essential to individual mental and physical health and can yield further benefits for members. With a growing amount of time spent participating in virtual communities, it's increasingly important that we understand how the community experience manifests in and varies across these online spaces. In this paper, we investigate Sense of Virtual Community (SOVC) in the context of live-streaming communities. Through a survey of 1,944 Twitch viewers, we identify that community experiences on Twitch vary along two primary dimensions: |, a feeling of membership and support within the group, and |, a feeling that the group is a well-run collective with standards for behavior. Leveraging the Social-Ecological Model, we map behavioral trace data from usage logs to various levels of the social ecology surrounding an individual user's participation within a community, in order to identify which of these can be associated with lower or higher SOVC. We find that features describing activity at the individual and community levels, but not features describing the community member's dyadic relationships, aid in predicting the SOVC that community members feel within channels. We consider implications for the design of live-streaming communities and for fostering the well-being of their members, and we consider theoretical implications for the study of SOVC in modern, interactive online contexts, particularly those fostering large-scale or pseudonymized interactions. We also explore how the Social-Ecological Model can be leveraged in other contexts relevant to Computer-Supported Cooperative Work (CSCW), with implications for future work.CC999999/ImCDC/Intramural CDC HHSUnited States

Wiretapping the Internet: Analyzing the Application of the Federal Wiretap Act’s Party Exception Online

The federal Wiretap Act—originally enacted to curtail the government’s unbridled use of wiretaps to monitor telephonic communications—was amended in 1986 to provide a private right of action, extending the Act’s Fourth Amendment-like protections to private intrusions. Since the advent of the internet, plaintiffs have attempted to predicate claims of unauthorized online privacy intrusions on the Wiretap Act. In response, defendants claim they are parties to the communications at issue and should be absolved of liability under the Act’s party exception. The federal circuit courts of appeal disagree on how the party exception applies in the internet context. This Note evaluates the courts’ differing conclusions and rationales and proposes two solutions, both of which share the common thread of applying heightened notice and consent requirements to online communications

Guidelines for ethical nudging in password authentication

Nudging has been adopted by many disciplines in the last decade in order to achieve behavioural change. Information security is no exception. A number of attempts have been made to nudge end-users towards stronger passwords. Here we report on our deployment of an enriched nudge displayed to participants on the system enrolment page, when a password has to be chosen. The enriched nudge was successful in that participants chose significantly longer and stronger passwords. One thing that struck us as we designed and tested this nudge was that we were unable to find any nudge-specific ethical guidelines to inform our experimentation in this context. This led us to reflect on the ethical implications of nudge testing, specifically in the password authentication context. We mined the nudge literature and derived a number of core principles of ethical nudging. We tailored these to the password authentication context, and then show how they can be applied by assessing the ethics of our own nudge. We conclude with a set of preliminary guidelines derived from our study to inform other researchers planning to deploy nudge-related techniques in this context

Getting Real: A Naturalistic Methodology for Using Smartphones to Collect Mediated Communications

This paper contributes an intentionally naturalistic methodology using smartphone logging technology to study communications in the wild. Smartphone logging can provide tremendous access to communications data from real environments. However, researchers must consider how it is employed to preserve naturalistic behaviors. Nine considerations are presented to this end. We also provide a description of a naturalistic logging approach that has been applied successfully to collecting mediated communications from iPhones. The methodology was designed to intentionally decrease reactivity and resulted in data that were more accurate than self-reports. Example analyses are also provided to show how data collected can be analyzed to establish empirical patterns and identify user differences. Smartphone logging technologies offer flexible capabilities to enhance access to real communications data, but methodologies employing these techniques must be designed appropriately to avoid provoking naturally occurring behaviors. Functionally, this methodology can be applied to establish empirical patterns and test specific hypotheses within the field of HCI research. Topically, this methodology can be applied to domains interested in understanding mediated communications such as mobile content and systems design, teamwork, and social networks

Big Brother is Listening to You: Digital Eavesdropping in the Advertising Industry

In the Digital Age, information is more accessible than ever. Unfortunately, that accessibility has come at the expense of privacy. Now, more and more personal information is in the hands of corporations and governments, for uses not known to the average consumer. Although these entities have long been able to keep tabs on individuals, with the advent of virtual assistants and “always-listening” technologies, the ease by which a third party may extract information from a consumer has only increased. The stark reality is that lawmakers have left the American public behind. While other countries have enacted consumer privacy protections, the United States has no satisfactory legal framework in place to curb data collection by greedy businesses or to regulate how those companies may use and protect consumer data. This Article contemplates one use of that data: digital advertising. Inspired by stories of suspiciously well-targeted advertisements appearing on social media websites, this Article additionally questions whether companies have been honest about their collection of audio data. To address the potential harms consumers may suffer as a result of this deficient privacy protection, this Article proposes a framework wherein companies must acquire users\u27 consent and the government must ensure that businesses do not use consumer information for harmful purposes

BEHAVIORAL CHARACTERIZATION OF ATTACKS ON THE REMOTE DESKTOP PROTOCOL

The Remote Desktop Protocol (RDP) is popular for enabling remote access and administration of Windows systems; however, attackers can take advantage of RDP to cause harm to critical systems using it. Detection and classification of RDP attacks is a challenge because most RDP traffic is encrypted, and it is not always clear which connections to a system are malicious after manual decryption of RDP traffic. In this research, we used open-source tools to generate and analyze RDP attack data using a power-grid honeypot under our control. We developed methods for detecting and characterizing RDP attacks through malicious signatures, Windows event log entries, and network traffic metadata. Testing and evaluation of our characterization methods on actual attack data collected by four instances of our honeypot showed that we could effectively delineate benign and malicious RDP traffic and classify the severity of RDP attacks on unprotected or misconfigured Windows systems. The classification of attack patterns and severity levels can inform defenders of adversarial behavior in RDP attacks. Our results can also help protect national critical infrastructure, including Department of Defense systems.DOE, Washington DC 20805Civilian, SFSApproved for public release. Distribution is unlimited

Characterizing Location-based Mobile Tracking in Mobile Ad Networks

Mobile apps nowadays are often packaged with third-party ad libraries to monetize user data