Contracting the Facebook API

In recent years, there has been an explosive growth in the popularity of online social networks such as Facebook. In a new twist, third party developers are now able to create their own web applications which plug into Facebook and work with Facebook's "social" data, enabling the entire Facebook user base of more than 400 million active users to use such applications. These client applications can contain subtle errors that can be hard to debug if they misuse the Facebook API. In this paper we present an experience report on applying Microsoft's new code contract system for the .NET framework to the Facebook API.We wrote contracts for several classes in the Facebook API wrapper which allows Microsoft .NET developers to implement Facebook applications. We evaluated the usefulness of these contracts during implementation of a new Facebook application. Our experience indicates that having code contracts provides a better and quicker software development experience.Comment: In Proceedings TAV-WEB 2010, arXiv:1009.330

Facts and Fabrications about Ebola: A Twitter Based Study

Microblogging websites like Twitter have been shown to be immensely useful for spreading information on a global scale within seconds. The detrimental effect, however, of such platforms is that misinformation and rumors are also as likely to spread on the network as credible, verified information. From a public health standpoint, the spread of misinformation creates unnecessary panic for the public. We recently witnessed several such scenarios during the outbreak of Ebola in 2014 [14, 1]. In order to effectively counter the medical misinformation in a timely manner, our goal here is to study the nature of such misinformation and rumors in the United States during fall 2014 when a handful of Ebola cases were confirmed in North America. It is a well known convention on Twitter to use hashtags to give context to a Twitter message (a tweet). In this study, we collected approximately 47M tweets from the Twitter streaming API related to Ebola. Based on hashtags, we propose a method to classify the tweets into two sets: credible and speculative. We analyze these two sets and study how they differ in terms of a number of features extracted from the Twitter API. In conclusion, we infer several interesting differences between the two sets. We outline further potential directions to using this material for monitoring and separating speculative tweets from credible ones, to enable improved public health information.Comment: Appears in SIGKDD BigCHat Workshop 201

Data Scraping as a Cause of Action: Limiting Use of the CFAA and Trespass in Online Copying Cases

In recent years, online platforms have used claims such as the Computer Fraud and Abuse Act (“CFAA”) and trespass to curb data scraping, or copying of web content accomplished using robots or web crawlers. However, as the term “data scraping” implies, the content typically copied is data or information that is not protected by intellectual property law, and the means by which the copying occurs is not considered to be hacking. Trespass and the CFAA are both concerned with authorization, but in data scraping cases, these torts are used in such a way that implies that real property norms exist on the Internet, a misleading and harmful analogy. To correct this imbalance, the CFAA must be interpreted in its native context, that of computers, computer networks, and the Internet, and given contextual meaning. Alternatively, the CFAA should be amended. Because data scraping is fundamentally copying, copyright offers the correct means for litigating data scraping cases. This Note additionally offers proposals for creating enforceable terms of service online and for strengthening copyright to make it applicable to user-based online platforms

Cross‐border use of WhatsApp, Pandora, and Grindr: on global norms and how to enforce these when there can be everywhere

Smart phones and tablets are becoming the main devices for accessing internet, and will outnumber the world population in 2016. Mobile Devices contain photos, contacts, unique identifiers, payment data, logs, etc., and are used everywhere, including abroad. apps process user information, including the user’s locality to offer dedicated services and advertisements, and may turn on cameras and microphones. Most users lack awareness of what apps do, what data are used, and what norms apply. Mobility complicates norm application. Global use, on a global infrastructure does not match well with local, national law. The quadruplet contracting, security, privacy and advertisements are interconnected, form the future landscape of internet services, and asks for a coherent analysis.This paper briefly discusses the norms concerning contracting, privacy, advertisements, and security applicable to smart devices. The core of the paper is the discussion of three cases to illustrate the complexity of the mobility of the smart devices, in particular when used abroad. First the communication program WhatsApp, followed by the music app Pandora, and finally the dating app Grindr. The difficulties of application and enforcement of norms on the internet severely increases now the devices providing internet connections are seamlessly taken from one country to another, and are always in the proximity of their users: always connected, always available. This paper does not offer answers, but asks questions that need attention and hopefully can be answered sometime in the future

Can you own your personal data? The HAT (Hub-Of-All-Things) data ownership model

This paper sets out 11 principles of the HAT data ownership model as the basis for the legal, economic and technical engineering of personal data rights for individuals, sui generis, through the HAT Microserver artefact and re-commodification of personal data into a new asset class of PPD (person-controlled personal data) for a market to emerge. We argue that the formation of PPD as an asset class can emerge a primary market for personal data due to its ability to create differential privacy through selected data (without revealing personal identifying information), bundled multi-source data from the individuals themselves that is verifiable, data that is shareable in real time and on demand from the cloud and that is dynamically accurate, due to individuals themselves being the stakeholders of their data. The HAT Project’s ultimate objective is that an explicit, primary market for personal data, similar to the emergence of a primary market for digital music in the early 2000s, would reduce illegal and inefficient personal data markets as well as reduce externalities relating to privacy, as future applications switch to using HATs as user accounts. The HAT model sets up a parallel asset class to challenge the OPD asset class through easier access, higher quality and lower friction, much like the way music licensees challenged music piracy